SlideShare a Scribd company logo

Cyber crimes

Download as PPT, PDF
P
princejhulan

This document discusses cyber crimes and security. It defines cyber crime as illegal behavior directed through electronic means that targets computer security and data. It outlines different types of cyber attacks including those by military, businesses, terrorists, and individuals. It also describes common types of offenders and various cyber crimes like breaches of physical, personnel, communications, operations and data security. Specific crimes covered include dumpster diving, emanations interception, denial of service attacks, masquerading, and software piracy. The document provides steps to take after a security breach and suggestions to address cyber crimes through laws and cooperation.

TechnologyBusiness
1 of 29
04/26/14 1 Cyber Crimes
04/26/14 2 What’s Cyber Crimes?  Cyber crime, also called computer crime, is any illegal behavior directed by means of electronic operations that targets the security of computer systems and the data processed .
04/26/14 3 Types of Attacks  Military and Intelligence Attacks  Business Attacks  Financial Attacks  Terrorist Attacks  Grudge Attacks  “Fun” Attacks
04/26/14 4 Types of Offenders  Cracker: motivation is to access a system or data  Criminals: motivation is financial gain.  Vandals: motivation is to damage the system or data files.
04/26/14 5 Types of Security  Physical security  Personnel security  Communications security  Operations security
04/26/14 6 Types of Cyber Crimes - Breaches of physical security  Dumpster diving (trashing)  Wiretapping  Eavesdropping on Emanations  Denial or Degradation of Service  Prevention method: - Locks and keys. - Natural disasters - Environmental threats
Dumpster diving Dumpster diving is a term that describes pawing through a target's garbage in search of valuable information. The amount of information you can learn about a target is astonishing. 04/26/14 7
Dumpster diving  Going through a company.s garbage (often in  an outside and vulnerable Dumpster) to find discarded information that  either itself has value, or provides a tool to use in a social engineering  attack, such as internal phone numbers or titles 04/26/14 8
emanations can be a potential computer security threat if information is emitted in a form that can be practically separated from background noise and decoded at sufficient distance usingcompact and available equipment. It can then be used to bypass commonly employed physical, cryptographic, and software access-control mechanisms at the operating-system,network, and application level. Such exploitable emanations can occur as a result of: • the normal operation of a system • deliberate or accidental exposure of a device to an unusual environment • the execution of software that was designed to modulate data into emitted energy 04/26/14 9
Denial or Degradation of Service  attack is a type of denial of service (DoS) attack geared toward disrupting the service, speed and response time of a network or website. It is designed to degrade services of a target to its point before becoming partially or permanently unavailable. 04/26/14 10
HOW TO PREVENT?  Prevention method: - Locks and keys. - Natural disasters - Environmental threats 04/26/14 11
04/26/14 12 Types of Cyber Crimes - Breaches of Personnel security  Masquerading  Social engineering  Harassment  Software piracy  Prevention method: - Background checks and careful monitoring on the job
Masquerading  Masquerading occurs when one person uses the identity of another to gain access to a computer. This may be don  e in person or remotely. 04/26/14 13
Continue  There are both physical and electronic forms of masquerading. In person, a criminal may use an authorized user's identity or access card to get into restricted areas where he will have access to computers and data. This may be as simple as signing someone else's name to a signin sheet at the door of a building.  piggybacking, involves following an authorized person into a restricted area--a building or a computer room 04/26/14 14
Social engineering  Social engineering is a term that describes a non-technical kind of intrusion that relies heavily  on human interaction and often involves tricking other people to break normal security procedures.  A social engineer runs what used to be called a "con game." For example, a person using social engineering to break into a computer network might try to gain the confidence of an authorized user and get them to reveal information that compromises the network's security.04/26/14 15
04/26/14 16 Types of Cyber Crimes - Breaches of communications and data security (Data attacks)  Unauthorized Copying of Data  Traffic analysis  Covert channels
Unauthorized Copying of Data  Software piracy, 04/26/14 17
Traffic Analysis  Sometimes, the attacks on data might not be so obvious. Even data that appears quite ordinary may be valuable to a foreign or industrial spy  In one industrial espionage case, a competitor monitored a company's use of online data services to find out what questions it had and what information it was collecting on certain types of metallurgy. The information allowed the competitor to monitor the company's progress on a research and development project and to use this information in developing its own similar product. That product reached the market several weeks before the original developer was able to. The original company's research and development investment and its potential share of the market--many millions--were all but lost04/26/14 18
Covert channels  A clever insider can hide stolen data in otherwise innocent output. For example, a filename or the contents of a report could be changed slightly to include secret information that is obvious only to someone who is looking for it. A password, a launch code, or the location of sensitive information might be conveyed in this way 04/26/14 19
04/26/14 20 Types of Cyber Crimes - Breaches of communications and data security (Software attacks)  Trap doors (back doors)  One classic software attack is the trap door or back door. A trap door is a quick way into a program; it allows program developers to bypass all of the security built into the program now or in the future.  Session hijacking  Tunneling  Trojan horses  Viruses and Worms
Timing Attacks  Timing attacks are another technically complex way to get unauthorized access to software or data. 04/26/14 21
04/26/14 22 Types of Cyber Crimes - Breaches of communications and data security (Software attacks)  Salamis  Logic bombs  Prevention methods: - Access control - Cryptographic methods - Physical protection and shielding of network cabling - Firewall technology
04/26/14 23 Types of Cyber Crimes - Breaches of operations security  Data diddling (false data entry)  IP spoofing  Password Sniffing  Scanning  Excess Privileges  Prevention: The only way it can be effective is if it is integrated into an organization’s physical, personnel, and communications security programs.
04/26/14 24 Common Types of Computer Crime and Abuse
04/26/14 25 Steps taken after the breach  The first step is to assess the situation. - What is the severity level of the intrusion? - Who will be involved in the investigation? - Who is responsible for determining future actions?
04/26/14 26 Steps taken after the breach  The second step is to repair damage and prevent recurrence.  Under a serious breach, asking - Government agencies. - Private companies.
04/26/14 27 Report Cyber Crimes  Cyber crimes the NCCS (The FBI’s National Computer Crimes Squad) investigates include: - Intrusions of the Public Switched Network (the telephone company). - Major computer network intrusions. - Network integrity violations. - Privacy violations - Industrial espionage. - Pirated computer software. - Other crimes where the computer is a major factor in committing the criminal offense.
04/26/14 28 Methods of investigations  The important first step is determining if a criminal still has control of any relevant computer.  As a general rule, an investigator should not let the attacker know that they are being disconnected or tracked due to unauthorized access.
04/26/14 29 Suggestions because of laws  Firms should secure their networked information.  Government should assure that their laws apply to cyber crimes.  Firms, governments, and civil society should work cooperatively to strengthen legal frameworks for cyber security.

Recommended

Cyber Security 1215
Cyber Security 1215Cyber Security 1215
Cyber Security 1215
Firoze Hussain
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
Joseph White MPA CPM
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Cyber forensics and auditing
Cyber forensics and auditingCyber forensics and auditing
Cyber forensics and auditing
Sweta Kumari Barnwal
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
Neeraj Aarora
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
Lancope, Inc.
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
Stefano Maria De' Rossi
 

Recommended

Cyber Security 1215
Cyber Security 1215Cyber Security 1215
Cyber Security 1215
Firoze Hussain
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
Joseph White MPA CPM
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Cyber forensics and auditing
Cyber forensics and auditingCyber forensics and auditing
Cyber forensics and auditing
Sweta Kumari Barnwal
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
Neeraj Aarora
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
Lancope, Inc.
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
Stefano Maria De' Rossi
 
Internship ankita jain
Internship ankita jainInternship ankita jain
Internship ankita jain
Ankita Jain
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach Analysis
Tal Be'ery
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
Zivaro Inc
 
The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
Search Inform DLP
Search Inform DLPSearch Inform DLP
Search Inform DLP
Sergei Yavchenko
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec
 
Cyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickCyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fick
Jacqueline Fick
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Chapter 8 securing information systems MIS
Chapter 8 securing information systems MISChapter 8 securing information systems MIS
Chapter 8 securing information systems MIS
Amirul Shafiq Ahmad Zuperi
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
Abhilash vijayan
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
Neilg42
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
Mekhi Da ‘Quay Daniels
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
anilinvns
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
JamesDempsey1
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentation
Sreejith Nair
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics
Avinash Mavuru
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutions
Capri Insurance
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
EMC
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
Priyab Satoshi
 
Cyber crimes
Cyber crimesCyber crimes
Cyber crimes
Dom Mike
 
C018131821
C018131821C018131821
C018131821
IOSR Journals
 

More Related Content

What's hot

Internship ankita jain
Internship ankita jainInternship ankita jain
Internship ankita jain
Ankita Jain
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach Analysis
Tal Be'ery
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
Zivaro Inc
 
The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
Ulf Mattsson
 
Search Inform DLP
Search Inform DLPSearch Inform DLP
Search Inform DLP
Sergei Yavchenko
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec
 
Cyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickCyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fick
Jacqueline Fick
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
Somya Johri
 
Chapter 8 securing information systems MIS
Chapter 8 securing information systems MISChapter 8 securing information systems MIS
Chapter 8 securing information systems MIS
Amirul Shafiq Ahmad Zuperi
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
Abhilash vijayan
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
Neilg42
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
Mekhi Da ‘Quay Daniels
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
anilinvns
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
JamesDempsey1
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
Kathirvel Ayyaswamy
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentation
Sreejith Nair
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics
Avinash Mavuru
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutions
Capri Insurance
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
EMC
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
Priyab Satoshi
 

What's hot (20)

Internship ankita jain
Internship ankita jainInternship ankita jain
Internship ankita jain
 
Target Breach Analysis
Target Breach AnalysisTarget Breach Analysis
Target Breach Analysis
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
The good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breachThe good, the bad and the ugly of the target data breach
The good, the bad and the ugly of the target data breach
 
Search Inform DLP
Search Inform DLPSearch Inform DLP
Search Inform DLP
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global Results
 
Cyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickCyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fick
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 
Chapter 8 securing information systems MIS
Chapter 8 securing information systems MISChapter 8 securing information systems MIS
Chapter 8 securing information systems MIS
 
Target data breach case study
Target data breach case studyTarget data breach case study
Target data breach case study
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Target data breach presentation
Target data breach presentationTarget data breach presentation
Target data breach presentation
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics
 
Cyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutionsCyber Risk: Exposures, prevention, and solutions
Cyber Risk: Exposures, prevention, and solutions
 
Cybercrime and the Healthcare Industry
Cybercrime and the Healthcare IndustryCybercrime and the Healthcare Industry
Cybercrime and the Healthcare Industry
 
Online privacy & security
Online privacy & securityOnline privacy & security
Online privacy & security
 

Similar to Cyber crimes

Cyber crimes
Cyber crimesCyber crimes
Cyber crimes
Dom Mike
 
C018131821
C018131821C018131821
C018131821
IOSR Journals
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
rausdeen anfas
 
Cyber security
Cyber securityCyber security
Cyber security
vishakha bhagwat
 
SENG8060_Lesson01_Introduction (2).pptx
SENG8060_Lesson01_Introduction (2).pptxSENG8060_Lesson01_Introduction (2).pptx
SENG8060_Lesson01_Introduction (2).pptx
VatsalPatel147291
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
patmisasi
 
How Safe is your Data?
How Safe is your Data?How Safe is your Data?
How Safe is your Data?
Michael Soltys
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
JoselitoJMebolos
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
International Journal of Engineering Inventions www.ijeijournal.com
 
Information System Security
Information System Security Information System Security
Information System Security
Syed Asif Sherazi
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
IJERD Editor
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
Suleiman55
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
Raffa Learning Community
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
BryCunal
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
International Journal of Engineering Inventions www.ijeijournal.com
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security Briefing
Marshall Frett Jr.
 
Cybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyCybersecurity and Risk Management Technology
Cybersecurity and Risk Management Technology
Mohammad Febri
 
Cyber law and password protection
Cyber law and password protectionCyber law and password protection
Cyber law and password protection
Bavijesh Thaliyil
 

Similar to Cyber crimes (20)

Cyber crimes
Cyber crimesCyber crimes
Cyber crimes
 
C018131821
C018131821C018131821
C018131821
 
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONSE-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
E-COMMERCE SECURITY, FRAUD ISSUES AND PROTECTIONS
 
Cyber security
Cyber securityCyber security
Cyber security
 
SENG8060_Lesson01_Introduction (2).pptx
SENG8060_Lesson01_Introduction (2).pptxSENG8060_Lesson01_Introduction (2).pptx
SENG8060_Lesson01_Introduction (2).pptx
 
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
Task Incident Readiness with Veris, Judy Nowak at TASK Toronto, April 27, 2...
 
How Safe is your Data?
How Safe is your Data?How Safe is your Data?
How Safe is your Data?
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 
Honey Pot Intrusion Detection System
Honey Pot Intrusion Detection SystemHoney Pot Intrusion Detection System
Honey Pot Intrusion Detection System
 
Information System Security
Information System Security Information System Security
Information System Security
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
CyberSecurity.pdf
CyberSecurity.pdfCyberSecurity.pdf
CyberSecurity.pdf
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
 
Cyber Security Briefing
Cyber Security BriefingCyber Security Briefing
Cyber Security Briefing
 
Cybersecurity and Risk Management Technology
Cybersecurity and Risk Management TechnologyCybersecurity and Risk Management Technology
Cybersecurity and Risk Management Technology
 
Cyber law and password protection
Cyber law and password protectionCyber law and password protection
Cyber law and password protection
 

Recently uploaded

Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 

Recently uploaded (20)

Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 

Cyber crimes

  • 2. 04/26/14 2 What’s Cyber Crimes?  Cyber crime, also called computer crime, is any illegal behavior directed by means of electronic operations that targets the security of computer systems and the data processed .
  • 3. 04/26/14 3 Types of Attacks  Military and Intelligence Attacks  Business Attacks  Financial Attacks  Terrorist Attacks  Grudge Attacks  “Fun” Attacks
  • 4. 04/26/14 4 Types of Offenders  Cracker: motivation is to access a system or data  Criminals: motivation is financial gain.  Vandals: motivation is to damage the system or data files.
  • 5. 04/26/14 5 Types of Security  Physical security  Personnel security  Communications security  Operations security
  • 6. 04/26/14 6 Types of Cyber Crimes - Breaches of physical security  Dumpster diving (trashing)  Wiretapping  Eavesdropping on Emanations  Denial or Degradation of Service  Prevention method: - Locks and keys. - Natural disasters - Environmental threats
  • 7. Dumpster diving Dumpster diving is a term that describes pawing through a target's garbage in search of valuable information. The amount of information you can learn about a target is astonishing. 04/26/14 7
  • 8. Dumpster diving  Going through a company.s garbage (often in  an outside and vulnerable Dumpster) to find discarded information that  either itself has value, or provides a tool to use in a social engineering  attack, such as internal phone numbers or titles 04/26/14 8
  • 9. emanations can be a potential computer security threat if information is emitted in a form that can be practically separated from background noise and decoded at sufficient distance usingcompact and available equipment. It can then be used to bypass commonly employed physical, cryptographic, and software access-control mechanisms at the operating-system,network, and application level. Such exploitable emanations can occur as a result of: • the normal operation of a system • deliberate or accidental exposure of a device to an unusual environment • the execution of software that was designed to modulate data into emitted energy 04/26/14 9
  • 10. Denial or Degradation of Service  attack is a type of denial of service (DoS) attack geared toward disrupting the service, speed and response time of a network or website. It is designed to degrade services of a target to its point before becoming partially or permanently unavailable. 04/26/14 10
  • 11. HOW TO PREVENT?  Prevention method: - Locks and keys. - Natural disasters - Environmental threats 04/26/14 11
  • 12. 04/26/14 12 Types of Cyber Crimes - Breaches of Personnel security  Masquerading  Social engineering  Harassment  Software piracy  Prevention method: - Background checks and careful monitoring on the job
  • 13. Masquerading  Masquerading occurs when one person uses the identity of another to gain access to a computer. This may be don  e in person or remotely. 04/26/14 13
  • 14. Continue  There are both physical and electronic forms of masquerading. In person, a criminal may use an authorized user's identity or access card to get into restricted areas where he will have access to computers and data. This may be as simple as signing someone else's name to a signin sheet at the door of a building.  piggybacking, involves following an authorized person into a restricted area--a building or a computer room 04/26/14 14
  • 15. Social engineering  Social engineering is a term that describes a non-technical kind of intrusion that relies heavily  on human interaction and often involves tricking other people to break normal security procedures.  A social engineer runs what used to be called a "con game." For example, a person using social engineering to break into a computer network might try to gain the confidence of an authorized user and get them to reveal information that compromises the network's security.04/26/14 15
  • 16. 04/26/14 16 Types of Cyber Crimes - Breaches of communications and data security (Data attacks)  Unauthorized Copying of Data  Traffic analysis  Covert channels
  • 17. Unauthorized Copying of Data  Software piracy, 04/26/14 17
  • 18. Traffic Analysis  Sometimes, the attacks on data might not be so obvious. Even data that appears quite ordinary may be valuable to a foreign or industrial spy  In one industrial espionage case, a competitor monitored a company's use of online data services to find out what questions it had and what information it was collecting on certain types of metallurgy. The information allowed the competitor to monitor the company's progress on a research and development project and to use this information in developing its own similar product. That product reached the market several weeks before the original developer was able to. The original company's research and development investment and its potential share of the market--many millions--were all but lost04/26/14 18
  • 19. Covert channels  A clever insider can hide stolen data in otherwise innocent output. For example, a filename or the contents of a report could be changed slightly to include secret information that is obvious only to someone who is looking for it. A password, a launch code, or the location of sensitive information might be conveyed in this way 04/26/14 19
  • 20. 04/26/14 20 Types of Cyber Crimes - Breaches of communications and data security (Software attacks)  Trap doors (back doors)  One classic software attack is the trap door or back door. A trap door is a quick way into a program; it allows program developers to bypass all of the security built into the program now or in the future.  Session hijacking  Tunneling  Trojan horses  Viruses and Worms
  • 21. Timing Attacks  Timing attacks are another technically complex way to get unauthorized access to software or data. 04/26/14 21
  • 22. 04/26/14 22 Types of Cyber Crimes - Breaches of communications and data security (Software attacks)  Salamis  Logic bombs  Prevention methods: - Access control - Cryptographic methods - Physical protection and shielding of network cabling - Firewall technology
  • 23. 04/26/14 23 Types of Cyber Crimes - Breaches of operations security  Data diddling (false data entry)  IP spoofing  Password Sniffing  Scanning  Excess Privileges  Prevention: The only way it can be effective is if it is integrated into an organization’s physical, personnel, and communications security programs.
  • 24. 04/26/14 24 Common Types of Computer Crime and Abuse
  • 25. 04/26/14 25 Steps taken after the breach  The first step is to assess the situation. - What is the severity level of the intrusion? - Who will be involved in the investigation? - Who is responsible for determining future actions?
  • 26. 04/26/14 26 Steps taken after the breach  The second step is to repair damage and prevent recurrence.  Under a serious breach, asking - Government agencies. - Private companies.
  • 27. 04/26/14 27 Report Cyber Crimes  Cyber crimes the NCCS (The FBI’s National Computer Crimes Squad) investigates include: - Intrusions of the Public Switched Network (the telephone company). - Major computer network intrusions. - Network integrity violations. - Privacy violations - Industrial espionage. - Pirated computer software. - Other crimes where the computer is a major factor in committing the criminal offense.
  • 28. 04/26/14 28 Methods of investigations  The important first step is determining if a criminal still has control of any relevant computer.  As a general rule, an investigator should not let the attacker know that they are being disconnected or tracked due to unauthorized access.
  • 29. 04/26/14 29 Suggestions because of laws  Firms should secure their networked information.  Government should assure that their laws apply to cyber crimes.  Firms, governments, and civil society should work cooperatively to strengthen legal frameworks for cyber security.