Uploaded bynctitacademic
45 views

Cyber Security Notes Unit 1 for Engineering

Cyber Security Notes

Embed presentation

Download to read offline
UNIT- I Cyber Security – History of Internet – Impact of Internet – CIA Triad; Reason for Cyber Crime – Need for Cyber Security – History of Cyber Crime; Cybercriminals – Classification of Cybercrimes – A Global Perspective on Cyber Crimes; Cyber Laws – The Indian IT Act – Cybercrime and Punishment. What is cyber security? "Cyber security is primarily about people, processes, and technologies working together to encompass the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, etc." OR Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. • The term cyber security refers to techniques and practices designed to protect digital data. • The data that is stored, transmitted or used on an information system. OR Cyber security is the protection of Internet-connected systems, including hardware, software, and data from cyber attacks. It is made up of two words one is cyber and other is security. • Cyber is related to the technology which contains systems, network and programs or data. • Whereas security related to the protection which includes systems security, network security and application and information security.
Why is cyber security important? Listed below are the reasons why cyber security is so important in what’s become a predominant digital world: • Cyber attacks can be extremely expensive for businesses to endure. • In addition to financial damage suffered by the business, a data breach can also inflict untold reputational damage. • Cyber-attacks these days are becoming progressively destructive. Cybercriminals are using more sophisticated ways to initiate cyber attacks. Need of Cyber Security Cyber security is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses. Major Security Problem: 1. Virus: It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. It can also execute instructions that cause harm to the system. 2. Hacker 3. Malware 4. Trojan Horses: It is a malicious program that occurs unexpected changes to computer setting and unusual activity, even when the computer should be idle. It misleads the user of its true intent. It appears to be a normal application but when opened/executed some malicious code will run in the background. 5. Password Cracking 6. Worm:It is a type of malware whose primary function is to replicate itself to spread to uninfected computers. It works same as the computer virus. Worms often originate from email attachments that appear to be from trusted senders. 7. Backdoors: It is a method that bypasses the normal authentication process. A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes. 8. Bots: A bot (short for "robot") is an automated process that interacts with other network services. Some bots program run automatically, while others only execute commands when they receive specific input. Common examples of bots program are the crawler, chatroom bots, and malicious bots.
History of CS Cybersecurity is becoming increasingly significant due to the increased reliance on computer systems, the Internet and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of smart devices and the various devices that constitute the ‘Internet of things’. Owing to its complexity, both in terms of politics and technology, cybersecurity is also one of the major challenges in the contemporary world. Where did it all begin? We take a look at the history of cybersecurity from inception to the present day. 1970s: ARAPNET and the Creeper Cybersecurity began in the 1970s when researcher Bob Thomas created a computer programme called Creeper that could move across ARPANET’s network, leaving a breadcrumb trail wherever it went. Ray Tomlinson, the inventor of email, wrote the programme Reaper, which chased and deleted Creeper. Reaper was the very first example of antivirus software and the first self-replicating programme, making it the first- ever computer worm. 1980s: Birth of the commercial antivirus 1987 was the birth year of commercial antivirus although there were competing claims for the innovator of the first antivirus product. Andreas Lüning and Kai Figge released their first antivirus product for the Atari ST – which also saw the release of Ultimate Virus Killer in 1987. Three Czechoslovakians created the first version of the NOD antivirus in the same year and in the US, John McAfee founded McAfee and released VirusScan. 1990s: The world goes online With the internet becoming available to the public, more people began putting their personal information online. Organised crime entities saw this as a potential source of revenue and started to steal data from people and governments via the web. By the middle of the 1990s, network security threats had increased exponentially and firewalls and antivirus programmes had to be produced on a mass basis to protect the public. 2000s: Threats diversify and multiply In the early 2000s crime organisations started to heavily fund professional cyberattacks and governments began to clamp down on the criminality of hacking, giving much more serious sentences to those culpable. Information security continued to advance as the internet grew as well but, unfortunately, so did viruses. 2021: The next generation The cybersecurity industry is continuing to grow at the speed of light. The global cybersecurity market size is forecast to grow to $345.4bn by 2026 according to Statista. Ransomware is one of the most common threats to any organisation's data security and is forecast to continue to increase.
CIA Triad • The CIA Triad is actually a security model that has been developed to help people think about various parts of IT security. • Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset if cyber security CIA triad broken down: Confidentiality • It's crucial in today's world for people to protect their sensitive, private information from unauthorized access. • Protecting confidentiality is dependent on being able to define and enforce certain access levels for information. • In some cases, doing this involves separating information into various collections that are organized by who needs access to the information and how sensitive that information actually is - i.e. the amount of damage suffered if the confidentiality was breached. • Some of the most common means used to manage confidentiality include access control lists, volume and file encryption, and Unix file permissions. Integrity • Data integrity is what the "I" in CIA Triad stands for. • This is an essential component of the CIA Triad and designed to protect data from deletion or modification from any unauthorized party, and it ensures that when an authorized person makes a change that should not have been made the damage can be reversed. Availability • This is the final component of the CIA Triad and refers to the actual availability of your data. • Authentication mechanisms, access channels and systems all have to work properly for the information they protect and ensure it's available when it is needed.
Understanding the CIA triad • The CIA Triad is all about information. While this is considered the core factor of the majority of IT security, it promotes a limited view of the security that ignores other important factors. • For example, even though availability may serve to make sure you don't lose access to resources needed to provide information when it is needed, thinking about information security in itself doesn't guarantee that someone else hasn't used your hardware resources without authorization. • It's important to understand what the CIA Triad is, how it is used to plan and also to implement a quality security policy while understanding the various principles behind it. It's also important to understand the limitations it presents. When you are informed, you can utilize the CIA Triad for what it has to offer and avoid the consequences that may come along by not understanding it. History of Cyber Crime  The internet in India is growing rapidly. It has given rise to new opportunities in every field we can thinkofbeitentertainment,business,sportsoreducation.  There’re two sides to a coin. Internet also has it’s own disadvantages is Cyber crime- illegal activity committedontheinternet.  Cybercrimeisnot anewphenomena  The firstrecordedcybercrimetookplaceintheyear1820.  In 1820, JosephMarie Jacquard, a textile manufacturer in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquardfromfurtheruseofthenewtechnology.Thisis thefirstrecordedcybercrime!  Figure 1.1, based on a 2008 survey in Australia, shows the cybercrime trend.
 Indian corporate and government sites have been attacked or defaced more than 780 times between February 2000 and December 2002.  There are also stories/news of other attacks; for example, according to a story posted on 3 December 2009, a total of 3,286 Indian websites were hacked in 5 months – between January and June 2009.  Various cybercrimes and cases registered under cybercrimes by motives and suspects in States and Union Territories (UTs). 1. Cybercrime: Definition and Origins of the Word Cybercrime : “a crime conducted in which a computer was directly and significantly instrumental.” Alternative definitions of Cybercrime are as follows : 1. Any illegal act where a special knowledge of computer technology is essential for its perpetration (to commit a crime), investigation or prosecution. 2. Any traditional crime that has acquired a new dimension or order of magnitude through the aid of a computer, and abuses that have come into being because of computers. 3. Any financial dishonesty that takes place in a computer environment. 4. Any threats to the computer itself, such as theft of hardware or software, damage and demands for money. 5. cybercrime (computer crime) is any illegal behavior, directed by means of electronic operations, that targets the security of computer systems and the data processed by them.” Note that in a wider sense, “computer-related crime” can be any illegal behavior committed by means of, or in relation to, a computer system or network; however, this is not cybercrime. The term “cybercrime” relates to a number of other terms that may sometimes be used to describe crimes committed using computers. • Computer-related crime • Computer crime • Internet crime • E-crime • High-tech crime, etc. are the other synonymous terms.
The Botnet Menace! • Botnet: A group of computers that are controlled by software containing harmful programs, without their users' knowledge. • The term “Botnet” is used to refer to a group of compromised computers (zombie computers, i.e., personal computers secretly under the control of hackers) running malwares under a common command and control infrastructure. • A Botnet maker can control the group remotely for illegal purposes, the most common being • denial-of-service attack (DoS attack), • Adware, • Spyware, • E-Mail Spam, • Click Fraud
Who are Cybercriminals? Cybercrime involves such activities as • Childpornography • Credit cardfraud • Cyberstalking • Defaming anotheronline • Gainingunauthorizedaccesstocomputersystems • Ignoringcopyrights • Softwarelicensingandtrademarkprotection • Overridingencryptiontomakeillegalcopies • Softwarepiracy • Stealinganother’sidentitytoperformcriminalacts They can be categorized into three groups that reflect their motivation: Type I: Cybercriminals hungry for recognition • Hobby hackers; • IT professionals; • politically motivated hackers; • terrorist organizations. Type II: Cybercriminals - not interested in recognition • Psychological perverts; • financially motivated hackers; • state-sponsored hacking; • organized criminals TypeIII:Cybercriminals -theinsiders • Disgruntled or former employees seeking revenge; • competing companies using employees to gain economic advantage through damage and / or theft. Motives behind cybercrime: • Greed & Desire to gain power • Publicity • Desire for revenge • A sense of adventure • Looking for thrill to access forbidden information • Destructive mindset • Desire to sell network security services
Classifications of Cybercrimes • Crime is defined as an act or the commission of an act that is forbidden, or the omission of a duty that is commanded by a public law and that makes the offender liable to punishment isthatlaw". • Cybercrimesareclassifiedasfollows: 1. Cybercrime againstindividual: • Electronic mail spoofing and other onlinefrauds A spoofed E-Mail is one that appears to originate from one source but actually has been sent from another source. For example, let us say, Roopa has an E-Mail address roopa@asianlaws.org. Let us say her boyfriend Suresh and she happen to have a show down. Then Suresh, having become her enemy, spoofs her E-Mail and sends obscene/vulgar messages to all ler acquaintances. Since the E-Mails appear to have originated from Roopa, her friends could take offense and relationships could be spoiled for life. 1.1 Online Frauds • Online Scams. There are a few major types of crimes under the category of hacking: • Spoofing website and E-Mail security alerts, false mails about virus threats, lottery frauds and Spoofing. • In Spoofing websites and E-Mail security threats, fraudsters create authentic looking websites that are actually nothing but a spoof. • The purpose of these websites is to make the user enter personal information which is then used to access business and bank accounts. • Fraudsters are increasingly turning to E-Mail to generate traffic to these websites. • This kind of online fraud is common in banking and financial sector. • There is a rise in the number of financial institutions’ customers who receive such E- Mails which usually contain a link to a spoof website and mislead users to enter user ids and passwords. • It is wise to be alert and careful about E-Mails containing an embedded link, with a request for you to enter secret details. It is strongly recommended not to input any sensitive information that might help criminals to gain access to sensitive information, such as bank account details, even if the page appears legitimate. • In virus E-Mails, the warnings may be genuine, so there is always a dilemma whether to take them lightly or seriously. • A wise action is to first confirm by visiting an antivirus site such as McAfee, Sophos or Symantec before taking any action, such as forwarding them to friends and colleagues.
• Phishing, spearphishing Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal informationatafakewebsite,thelookandfeelofwhichare identical tothe legitimate site. • Spamming Spamming is the use of messaging systems to send an unsolicited message (spam), especially advertising, as well as sending messages repeatedly on the same site. While the most widely recognized form of spam is email spam, the term is applied to similar abusesin othermedia • Although the most widely recognized form of Spam is E-Mail Spam, this term is applied to similar abuses in other media: • instant messaging Spam, • Usenet newsgroup Spam, • web search engine Spam, • Spam in blogs, • wiki Spam, • online classified ads Spam, • mobile phone messaging Spam, • Internet forum Spam, • junk fax transmissions • file sharing network Spam. • Spam is caused by flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. • Often, this may result in the notorious DoS attack. • Commercial advertising often happens to be the cause of Spam. Such advertisements are often for products of dubious reputation and fraud schemes meant to make people believe they can get rich overnight! • Some Spam may also get generated through quasi-legal services. • Spam hardly costs much to the sender; most of the costs are paid for by the recipient or the carriers rather than by the sender. • People who engage in the activity of electronic Spam are called spammers.
• Two main types of Spam are worth mentioning: • “cancellable Usenet Spam” in which a single message is sent to several Usenet newsgroups and “E-Mail Spam” which targets individual users with direct mail messages. • Spam does not cost much to people. • Spam does, however, cost money to ISPs and to online service providers to transmit Spam. Unfortunately, subscribers end up paying these costs because the costs are transmitted directly to subscribers. • Cyberdefamation The term defamation is used to define the injury that is caused to the reputation of a person in the eyes of a third person. The injury can be done by words oral or written, or by signs or by visiblerepresentations. Cyber defamation is publishing of defamatory material against another person with the help ofcomputersorinternet. • Cyberstalking andharassment Cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, group, or organization. It may include false accusations, defamation, slander and libel. It may also include monitoring, identity theft, threats, vandalism, or gathering informationthatmaybeusedtothreaten,embarrassor harass. • Computersabotage Computer sabotage involves deliberate attacks intended to disable computers or networks for the purpose of disrupting commerce, education and recreation for personal gain, committing espionage, or facilitating criminal conspiracies, Through viruses, worms, logic bombs. • Pornographic offenses Child pornography offences occur under four main categories: making child pornography, distribution of child pornography, possession of child pornography and accessing child pornography. The category of offences for child pornography are comparable to laws relating to illegal drugs, in that both are inherently illegal to possess and are followed with a similar set of escalating factors which apply to those producing or makingthisillegalmaterialavailabletoothers • Password Sniffing A password sniffer is a software application that scans and records passwords that are used or broadcasted on a computer or network interface. It listens to all incoming and outgoing network traffic and records any instance of a data packet that containsapassword.
2. Cybercrime againstproperty • Credit card frauds Credit card fraud is a wide-ranging term for theft and fraud committed using or involving a payment card, such as a credit card or debit card, as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorizedfundsfromanaccount. • Intellectual property( IP)crimes Basically IP crimes include software piracy, copyright infringement, trademark violation, theft of computer source code, etc. • Internet timetheft It is the use by an unauthorized person, of the Internet hours paid for by another person. You can identify time theft if your Internet time has to be recharged often, despite infrequentusage. 3. Cybercrime againstorganization • Unauthorized accessing ofcomputer Unauthorized access is when someone gains access to a website, program, server, service, or other system using someone else's account or other methods. For example, if someone kept guessing a password or username for an account that was not theirs until theygainedaccessitisconsideredunauthorizedaccess. • Password sniffing A password sniffer is a software application that scans and records passwords that are used or broadcasted on a computer or network interface. It listens to all incoming and outgoing network traffic and records any instance of a data packet that contains a password. • Denial-of-service attacks Denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting servicesofahostconnectedtotheInternet. • E-Mail bombing/mailbombs Email bomb. In Internet usage, an email bomb is a form of net abuse consisting of sending huge volumes of email to an address in an attempt to overflow the mailbox or overwhelm the server wheretheemailaddressishostedinadenial- of-service attack. • Salami attack/ Salamitechnique A salami attack is when small attacks add up to one major attack that can go undetected due to the nature of this type of cyber crime. It also known assalami slicing
• Logic bomb A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company. • Trojan Horse A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces virusesontoyourcomputer. • Data diddling Data diddling is the changing of data before or during entry into the computer system. Examples include forging or counterfeiting documents used for data entry and exchanging valid disks and tapeswithmodifiedreplacements. • Industrial spying/ industrialespionage • Industrial espionage is the covert and sometimes illegal practice of investigating competitors to gain a business advantage. The target of investigation might be a trade secret such as a proprietary productspecificationorformula,orinformation about businessplans. • However, cyberspies rarely leave behind a trail. • Industrial spying is not new; in fact it is as old as industries themselves. The use of the Internet to achieve this is probably as old as the Internet itself. • Traditionally, this has been the reserved hunting field of a few hundreds of highly skilled hackers, contracted by high-profile companies or certain governments via the means of registered organizations (it is said that they get several hundreds of thousands of dollars, depending on the “assignment”). • With the growing public availability of Trojans and Spyware material, even low- skilled individuals are now inclined to generate high volume profit out of industrial spying. • Computer networkintrusions Methods of Attack. A network intrusion is any unauthorized activity on a computer network. Detecting an intrusion depends on the defenders having a clear understanding of how attackswork.
• Software piracy Software piracy is the illegal copying, distribution, or use of software. It is such a profitable "business" that it has caught the attention of organized crime groups in a number of countries. According to the BusinessSoftwareAlliance (BSA), about 36% of allsoftwarein currentuseisstolen. • Crimes emanating from Usenet newsgroup: • By its very nature, Usenet groups may carry very off ensive, harmful, inaccurate or otherwise inappropriate material, or in some cases, postings that have been mislabeled or are deceptive in another way. Therefore, it is expected that you will use caution and common sense and exercise proper judgment when using Usenet, as well as use the service at your own risk. • Usenet is a popular means of sharing and distributing information on the Web with respect to specific topic or subjects. • Usenet is a mechanism that allows sharing information in a many-to-many manner. • The newsgroups are spread across 30,000 different topics. • In principle, it is possible to prevent the distribution of specific newsgroup. • In reality, however, there is no technical method available for controlling the contents of any newsgroup. • It is merely subject to self-regulation and net etiquette. • It is feasible to block specific newsgroups, however, this cannot be considered as a definitive solution to illegal or harmful content. • It is possible to put Usenet to following criminal use: 1. Distribution/sale of pornographic material; 2. distribution/sale of pirated software packages; 3. distribution of hacking software; 4. sale of stolen credit card numbers. 5. sale of stolen data/stolen property. 4. Cybercrime againstSociety • Forgery is a white-collar crime that generally refers to the false making or material alteration of a legal instrument with the specific intent to defraud anyone. Tampering with a certain legal instrument may be forbidden by law in some jurisdictions but such an offense is not related to forgery unless the tampered legal instrument was actually used in the course of the crime to defraud another person orentity.
• Cyberterrorism Cyberterrorism is the use of computers and the internet to attack or frighten large numbers of people, usually in order to achieve political aims or to force a government to do something. The government has pledged more money to fight cyberterrorism andotheronlineattacks. • Web jacking Illegally seeking control of a website by taking over a domain is known as Web Jacking. It is similar to hijacking. Cybercrime: The LegalPerspectives • Cybercrimepossessamammothchallenge • Computercrime:CriminalJusticeResourceManual(1979) o Any illegal act for which knowledge of computer technology is essential for a successful prosecution. • Internationallegalaspectsofcomputercrimeswerestudiedin1983 o Encompasses any illegal act for which the knowledge of computer technology is essential for itsperpetration • The network context of cyber crime make it one of the most globalized offenses of thpresent andmostmodernizedthreatsofthefuture. • Solution: oDivideinformationsystemintosegmentsborderedbystateboundaries. o Notpossibleandunrealisticbecauseofglobalization • Or incorporate the legal system into an integrated entity obliterating these state boundaries. • Apparently, the first way is unrealistic. Although all ancient empires including Rome, Greece and Mongolia became historical remnants, and giant empires are not prevalent in current world, the partition of information systems cannot be an imagined practice. • In a globally connected world, information systems become the unique empire without tangible territory.
Cybercrimes: An Indian Perspective • Indiahasthefourthhighestnumberofinternetusersintheworld. • 45millioninternetusersinIndia • 37%-in cybercafés • 57%arebetween18and35years • The Information Technology (IT) Act, 2000, specifies the acts which are punishable. Since the primary objective of this Act is to create an enabling environment for commercial use of I.T. • 217 cases were registered under IT Act during the year 2007 as compared to 142 cases during the previousyear(2006) • Thereby reporting an increase of 52.8% in 2007 over 2006. • 22.3% cases (49out of 217 cases) were reported from Maharashtra followed by Karnataka(40),Kerala(38)andAndhraPradeshandRajasthan(16each). A. Cybercrimes: Cases of Various Categories under ITA 2000 • 217 cases were registered under Information Technology Act (ITA) during the year 2007 as compared to 142 cases during the previous year (2006), thereby reporting an increase of 52.8% in 2007 over 2006. • 22.3% cases (49 out of 217 cases) were reported from Maharashtra followed by Karnataka (40), Kerala (38) and Andhra Pradesh and Rajasthan (16 each). • 86 persons were arrested for committing such offenses during 2007. • Out of the total (76) hacking cases, the cases relating to loss/damage of computer resource/utility under Section 66(1) of the IT Act were 39.5% (30 cases) whereas the cases related to hacking under Section 66(2) of IT Act were 60.5% (46 cases). • Maharashtra (19) and Kerala (4) registered maximum cases under Section 66(1) of the IT Act out of total 30 such cases at the National level. • Out of the total 46 cases relating to hacking under Section 66(2), most of the cases (31) were reported from Karnataka followed by Kerala (7) and Andhra Pradesh (3). 29.9% of the 154 persons arrested in cases relating to ITA 2000 were from Maharashtra (46) followed by Karnataka and Madhya Pradesh (16 each). • India is said to be the “youth country” given the population age distribution. From the potential resources perspective, this is supposed to be a great advantage; assuming that these • youths will get appropriate training to develop the required professional skills in them.
• However, from cybercrime perspective, this youth aspect does not seem good as revealed by cybercrime statistics in India. B. Cybercrimes: Cases of Various Categories under IPC Section • A total of 339 cases were registered under IPC Sections during the year 2007 as compared to 311 such cases during 2006, thereby reporting an increase of 9.0%. • Madhya Pradesh reported maximum number of such cases, nearly 46.6% of total cases (158 out of 339) followed by Andhra Pradesh 15.6% (53 cases) and Chhattisgarh 15.3% (52cases). • Majority of the crimes out of total 339 cases registered under IPC fall under two categories, Forgery (217) and Criminal Breach of Trust or Fraud (73). • The cyber forgery cases were the highest in Madhya Pradesh (133) followed by Chhattisgarh (26) and Andhra Pradesh (22). The cases of cyberfraud were highest in Madhya Pradesh (20) followed by Punjab (17) and Andhra Pradesh (15). • A total of 429 persons were arrested in the country for Cybercrimes under IPC during 2007. 61.5% offenders (264) of these were taken into custody for offenses under “Cyber forgery,” 19.8% (85) for “Criminal Breach of Trust/Fraud” and 11.4% (49) for “Counterfeiting Currency/Stamps.” • The age-group-wise profile of the arrested persons showed that 55.2% (237 of 429) were in the age group of 30–45 years and 29.4% (126 of 429) of the offenders were in the age group of 18–30 years. • 57.6% of the persons arrested under Criminal Breach of Trust/Cyberfraud offenses were in the age group 30–45 years (49 out of 85). C. Incidence of Cyber Crimes in Cities: • 17outof35megacitiesdid notreportanycaseofCyberCrime i.e,neitherundertheIT Act nor under IPCSections)duringtheyear2007. • 17 mega cities have reported 118 cases under IT Act and 7 megacities reported 180 casesundervarioussectionof IPC. • There was an increase of 32.6% (from 89 cases in 2006 to 118 cases in 2007) in cases underITActascomparedtopreviousyear(2006), • And an increase of 26.8% (from 142 cases in 2006 to 180 cases in 2007) of cases registeredundervarioussectionofIPC
• Bengaluru (40), Pune (14) and Delhi (10) cities have reported high incidence of cases (64 out of 118 cases) registered under IT Act, accounting for more than half of the cases (54.2%) reported underthe Act.
Cybercrime and the Indian ITA 2000 • In India, the ITA 2000 was enacted after the United Nation General Assembly Resolution A/RES/51/162 in January 30, 1997 by adopting the Model Law on Electronic Commerce adoptedbytheUnitedNationsonInternationalTradeLaw. • This was the first step toward the Law relating to E-Commerce at international level to regulate an alternative form of commerce and to give legal status in the area of E- Commerce. Hacking and the Indian Law(s): • The number of Offenses to be monitored has increased. According to cyberlaw experts, “Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cybercrime.” • Cases of Spam, hacking, cyberstalking and E-Mail fraud are rampant and, although cybercrimes cells have been set up in major cities, the problem is that most cases remain unreported due to a lack of awareness. • In an environment like this, there are a number of questions in the minds of a commoner: • When can consumers approach a cybercrime cell? • What should the victims do? • How does one maintain security online? • Any and every incident of cybercrime involving a computer or electronic network can be reported to a police station, irrespective of whether it maintains a separate cell or not. • CHAPTER XI of the original ITA 2000 lists a number of activities that may be taken to constitute cybercrimes.
Cybercrimes are punishable under two categories: the ITA 2000 and the IPC.
In the amendment to the IT Act 2000, now known as the ITA 2008, several offenses have been added to the Act. • The amendments have now revealed a whole bundle of surprises which will make the cybercrime police jump. Existing Sections 66 and 67 (in the original ITA 2000) on hacking and obscene material have been updated by dividing them into more crime- specific subsections, thereby making cybercrimes punishable. • In Section 66, hacking as a term has been removed. • This section has now been expanded to include Sections • 66A (offensive messages), • 66B (receiving stolen computer), • 66C (identity theft), • 66D (impersonation), • 66E (voyeurism) and • 66F (cyberterrorism). Section 66F is a new section of the ITA 2008(recent amendments to the Indian ITA 2000). It covers “Cyberterrorism” and makes it punishable with imprisonment up to life term. This may cover hacking, • DoS attacks, Port Scanning, spreading viruses, etc., if it can be linked to the object of terrorizing people.
A Global Perspective on Cybercrimes • In Australia cybercrime has a narrow statutory meaning as used in the Cyber Crime Act 2001,whichdetailsoffensesagainstcomputerdataandsystems. • However, a broad meaning is given to cybercrime at an international level. In the Council of Europe's (CoE's) Cyber Crime Treaty, cybercrime is used as an umbrella term to refer to an array of criminal activity including offenses against computer data and systems, computerrelatedoffenses,contentoffensesandcopyrightoffenses. • Thiswidedefinitionofcybercrimeoverlapsinpartwithgeneraloffensecategoriesthat need not be Information & Communication Technology (ICT)-dependent, such as white collar crime and economiccrime. • The Spam legislation scenario mentions "none" about India as far as E-Mail legislation in India is concerned. The legislation refers to India as a "loose" legislation, although there is a mention inSection67of IndianITA2000. • About 30 countries have enacted some form of anti-Spam legislation. • The growing phenomenon is the use of Spam to support fraudulent and criminal activities – including attempts to capture financial information (e.g., account numbers and passwords) by masquerading messages as originating from trusted companies (“brand- spoofi ng” or “Phishing”) – and as a vehicle to spread viruses and worms. • Thus, one can see that there is a lot to do toward building confidence and security in the use of ICTs and moving toward international cooperation agenda. • Thus, one can see that there is a lot to do toward building confidence and security in the use of ICTs and moving toward international cooperation agenda. This is because in the 21 century, there is a growing dependency on ICTs that span the globe. There was a rapid growth in ICTs and dependencies that led to shift in perception of cybersecurity threats in mid- 1990s. • August 4, 2006 Announcement: The US Senate ratifies CoE Convention on Cyber Crime. The convention targets hackers, those spreading destructive computer viruses (refer to Chapter 4), those using the Internet for the sexual exploitation of children or the distribution of racist material, and terrorists attempting to attack infrastructure facilities or financial institutions.
The Convention is in full accord with all the US constitutional protections, such as free speech and other civil liberties, and will require no change to the US laws. • In August 18, 2006, there was a news article published “ISPs Wary About ‘Drastic Obligations’ on Web Site Blocking.” European Union (EU) officials want to debar suspicious websites as part of a 6-point plan to boost joint antiterrorism activities. They want to block websites that incite terrorist action. Once again it is underlined that monitoring calls, Internet and E-Mail traffi c for law enforcement purposes is a task vested in the government, which must reimburse carriers and providers for retaining the data. • CoE Cyber Crime Convention (1997–2001) was the first international treaty seeking to address Internet crimes by harmonizing national laws, improving investigative techniques and increasing cooperation among nations.[19] More than 40 countries have ratified the Convention to date. • Cybercrime and the Extended Enterprise • It is a continuing problem that the average user is not adequately educated to understand the threats and how to protect oneself. • Actually, it is the responsibility of each user to become aware of the threats as well as the opportunities that “connectivity” and “mobility” presents them with. • In this context, it is important to understand the concept of “extended enterprise.” This term (Fig. 1.14) represents the concept that a company is made up not just of its employees, its board members and executives, but also its business partners, its suppliers and even its customers. Figure 1.4 : Extended Enterprise • The extended enterprise can only be successful if all of the component groups and individuals have the information they need in order to do business effectively.
• An extended enterprise is a “loosely coupled, self-organizing network” of firms that combine their economic output to provide “products and services” offerings to the market. • Firms in the extended enterprise may operate independently, for example, through market mechanisms or cooperatively through agreements and contracts. • Seamless flow of “information” to support instantaneous “decision-making ability” is crucial for the “external enterprise.” • This becomes possible through the “interconnectedness.” • Due to the interconnected features of information and communication technologies, security overall can only be fully promoted when the users have full awareness of the existing threats and dangers. • Governments, businesses and the international community must, therefore, proactively help users’ access information on how to protect themselves. • Given the promises and challenges in the extended enterprise scenario, organizations in the international community have a special role in sharing information on good practices, and creating open and accessible enterprise information flow channels for exchanging of ideas in a collaborative manner. International cooperation at the levels of government, industry, consumer, business and technical groups to allow a global and coordinated approach to achieving global cybersecurity is the key.

More Related Content

PPTX
Cyber security.pptx
byMananSharma75241
 
PPTX
Module 1_ Introduction to Cyber Security.pptx
byFiroza10
 
PPTX
Cyber Security in detail PPT BY HIMANXU.pptx
byhimanshuratnama
 
PPTX
Cyber Security
byBryCunal
 
PPTX
Cyber security by Gaurav Singh
byGaurav Singh
 
PPTX
Presentation1_CYBERCRIME.pptx
byNitishChoudhary23
 
PDF
Cyber Ethics Notes.pdf
byAnupmaMunshi
 
PPTX
Cyber security
byKrishanu Ghosh
 
Cyber security.pptx
byMananSharma75241
 
Module 1_ Introduction to Cyber Security.pptx
byFiroza10
 
Cyber Security in detail PPT BY HIMANXU.pptx
byhimanshuratnama
 
Cyber Security
byBryCunal
 
Cyber security by Gaurav Singh
byGaurav Singh
 
Presentation1_CYBERCRIME.pptx
byNitishChoudhary23
 
Cyber Ethics Notes.pdf
byAnupmaMunshi
 
Cyber security
byKrishanu Ghosh
 

Similar to Cyber Security Notes Unit 1 for Engineering

PPTX
Cyber security mis
byAditya Singh Rana
 
DOCX
Cyber Security.docx
byTanushreeChakraborty27
 
PPTX
cyber security notes
bySHIKHAJAIN163
 
PPTX
Cyber security.pptxelectronic systems, networks, and data from malicious
byBhimNathTiwari1
 
PPTX
Cyber crime and security
bysanjana mun
 
PDF
A Systematic Literature Review On The Cyber Security
byAmy Cernava
 
DOCX
127027205 selected-case-studies-on-cyber-crime
byhomeworkping8
 
PDF
Cybercrimeandforensic 120828021931-phpapp02
byGol D Roger
 
PPTX
Cyber crime and secuity
byTech Mahindra Ltd.
 
PPTX
Cyber crime and secuity
byAlisha Korpal
 
PPTX
Module 1Introduction to cyber security.pptx
bySkippedltd
 
PDF
Unit 1 Information Security Sharad Institute
bySatishPise4
 
PPTX
Cyber crime
byHarendra Singh
 
PPTX
Cyber Sequrity.pptx is life of cyber security
byperweeng31
 
PPTX
Cyber Security and data Security for all.pptx
byRajagopalKeshavan
 
PPTX
Cyber Security ( Action Against Cyber Crime )
byTechnoHacks_Infosystem
 
PPTX
Cyber Security.pptx
byNavanathDarwante1
 
PPTX
Cyber Crime
byshubham ghimire
 
PPTX
Cyber crime
byJASJIT SINGH
 
PPTX
Cyber security and crime
byMd. Sarowar Alam Saidi
 
Cyber security mis
byAditya Singh Rana
 
Cyber Security.docx
byTanushreeChakraborty27
 
cyber security notes
bySHIKHAJAIN163
 
Cyber security.pptxelectronic systems, networks, and data from malicious
byBhimNathTiwari1
 
Cyber crime and security
bysanjana mun
 
A Systematic Literature Review On The Cyber Security
byAmy Cernava
 
127027205 selected-case-studies-on-cyber-crime
byhomeworkping8
 
Cybercrimeandforensic 120828021931-phpapp02
byGol D Roger
 
Cyber crime and secuity
byTech Mahindra Ltd.
 
Cyber crime and secuity
byAlisha Korpal
 
Module 1Introduction to cyber security.pptx
bySkippedltd
 
Unit 1 Information Security Sharad Institute
bySatishPise4
 
Cyber crime
byHarendra Singh
 
Cyber Sequrity.pptx is life of cyber security
byperweeng31
 
Cyber Security and data Security for all.pptx
byRajagopalKeshavan
 
Cyber Security ( Action Against Cyber Crime )
byTechnoHacks_Infosystem
 
Cyber Security.pptx
byNavanathDarwante1
 
Cyber Crime
byshubham ghimire
 
Cyber crime
byJASJIT SINGH
 
Cyber security and crime
byMd. Sarowar Alam Saidi
 

Recently uploaded

PPTX
Environmental and Ecology UNIT 4 - Global Warming-1.pptx
byMinakshiSultania
 
PDF
chapter 30 inductance chương trình tiên tiến bách khoa.pdf
byconbohai1500
 
PDF
Bee problems on the basic engineering of electrical
byVinodkumar941730
 
PPTX
infosecurity & Cyber Sec 2025 September for deep.pptx
bymsrehan
 
PPTX
Introduction to Civil Engineering-Defination, Branches of civil engineering a...
byvidyanand kadam
 
PPTX
Transportation Engineering- Modes of Transport, Types of roads, Components of...
byvidyanand kadam
 
PPT
24CYT13 - Chemistry for Electronics and Computer Systems-Unit-V-E Waste & Its...
byKrishnaveniKrishnara1
 
PPTX
22PEOIT4C Session 7 A searching algorithm.pptx
bymailmegokilavani
 
PPTX
22PEOIT4C Session 9 Local search in continuous space.pptx
bymailmegokilavani
 
PPTX
Industrial Smart Ventilation system.pptx
byfsanjay42
 
PPTX
The Complete Guide to Energy Audits_ Unlocking Savings, Sustainability, and P...
bygreentechnexus2024
 
PPTX
Industrial Plant Safety – Comprehensive Guide for Workplace Safety & Risk Pre...
byMaintWiz Technologies Private Limited
 
PPTX
Aix-Marseille Université Diploma
by美国加利福尼亚州立理工大学波莫纳分校学位证书补办【Q微号:1954 292 140】CPP毕业证购买
 
PPTX
Track & Monitor Preventive Maintenance — Best Practices with MaintWiz CMMS
byMaintWiz Technologies Private Limited
 
PDF
A Guide to Components and Operation of Refrigeration Plant - Part 1
byMahmoud Moghtaderi
 
PPTX
22PEOIT4C Session 4 Breath First Search & Depth First Search.pptx
bymailmegokilavani
 
PPTX
Optimizing Operations: Key Elements of a Successful Plant Maintenance Plan — ...
byMaintWiz Technologies Private Limited
 
PDF
TechSprint: Innovate for Impact Hackathon
byDeepakkumarSingh415123
 
PDF
AI-Driven CTI for Business: Emerging Threats, Attack Strategies, and Defensiv...
byAIRCC Publishing Corporation
 
PPTX
22PEOIT4C Session 1 Introduction to AI and intelligent agents.pptx
bymailmegokilavani
 
Environmental and Ecology UNIT 4 - Global Warming-1.pptx
byMinakshiSultania
 
chapter 30 inductance chương trình tiên tiến bách khoa.pdf
byconbohai1500
 
Bee problems on the basic engineering of electrical
byVinodkumar941730
 
infosecurity & Cyber Sec 2025 September for deep.pptx
bymsrehan
 
Introduction to Civil Engineering-Defination, Branches of civil engineering a...
byvidyanand kadam
 
Transportation Engineering- Modes of Transport, Types of roads, Components of...
byvidyanand kadam
 
24CYT13 - Chemistry for Electronics and Computer Systems-Unit-V-E Waste & Its...
byKrishnaveniKrishnara1
 
22PEOIT4C Session 7 A searching algorithm.pptx
bymailmegokilavani
 
22PEOIT4C Session 9 Local search in continuous space.pptx
bymailmegokilavani
 
Industrial Smart Ventilation system.pptx
byfsanjay42
 
The Complete Guide to Energy Audits_ Unlocking Savings, Sustainability, and P...
bygreentechnexus2024
 
Industrial Plant Safety – Comprehensive Guide for Workplace Safety & Risk Pre...
byMaintWiz Technologies Private Limited
 
Aix-Marseille Université Diploma
by美国加利福尼亚州立理工大学波莫纳分校学位证书补办【Q微号:1954 292 140】CPP毕业证购买
 
Track & Monitor Preventive Maintenance — Best Practices with MaintWiz CMMS
byMaintWiz Technologies Private Limited
 
A Guide to Components and Operation of Refrigeration Plant - Part 1
byMahmoud Moghtaderi
 
22PEOIT4C Session 4 Breath First Search & Depth First Search.pptx
bymailmegokilavani
 
Optimizing Operations: Key Elements of a Successful Plant Maintenance Plan — ...
byMaintWiz Technologies Private Limited
 
TechSprint: Innovate for Impact Hackathon
byDeepakkumarSingh415123
 
AI-Driven CTI for Business: Emerging Threats, Attack Strategies, and Defensiv...
byAIRCC Publishing Corporation
 
22PEOIT4C Session 1 Introduction to AI and intelligent agents.pptx
bymailmegokilavani
 

Cyber Security Notes Unit 1 for Engineering

  • 1.
    UNIT- I Cyber Security– History of Internet – Impact of Internet – CIA Triad; Reason for Cyber Crime – Need for Cyber Security – History of Cyber Crime; Cybercriminals – Classification of Cybercrimes – A Global Perspective on Cyber Crimes; Cyber Laws – The Indian IT Act – Cybercrime and Punishment. What is cyber security? "Cyber security is primarily about people, processes, and technologies working together to encompass the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network operations, information assurance, law enforcement, etc." OR Cyber security is the body of technologies, processes, and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. • The term cyber security refers to techniques and practices designed to protect digital data. • The data that is stored, transmitted or used on an information system. OR Cyber security is the protection of Internet-connected systems, including hardware, software, and data from cyber attacks. It is made up of two words one is cyber and other is security. • Cyber is related to the technology which contains systems, network and programs or data. • Whereas security related to the protection which includes systems security, network security and application and information security.
  • 2.
    Why is cybersecurity important? Listed below are the reasons why cyber security is so important in what’s become a predominant digital world: • Cyber attacks can be extremely expensive for businesses to endure. • In addition to financial damage suffered by the business, a data breach can also inflict untold reputational damage. • Cyber-attacks these days are becoming progressively destructive. Cybercriminals are using more sophisticated ways to initiate cyber attacks. Need of Cyber Security Cyber security is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses. Major Security Problem: 1. Virus: It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. It can also execute instructions that cause harm to the system. 2. Hacker 3. Malware 4. Trojan Horses: It is a malicious program that occurs unexpected changes to computer setting and unusual activity, even when the computer should be idle. It misleads the user of its true intent. It appears to be a normal application but when opened/executed some malicious code will run in the background. 5. Password Cracking 6. Worm:It is a type of malware whose primary function is to replicate itself to spread to uninfected computers. It works same as the computer virus. Worms often originate from email attachments that appear to be from trusted senders. 7. Backdoors: It is a method that bypasses the normal authentication process. A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes. 8. Bots: A bot (short for "robot") is an automated process that interacts with other network services. Some bots program run automatically, while others only execute commands when they receive specific input. Common examples of bots program are the crawler, chatroom bots, and malicious bots.
  • 3.
    History of CS Cybersecurityis becoming increasingly significant due to the increased reliance on computer systems, the Internet and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of smart devices and the various devices that constitute the ‘Internet of things’. Owing to its complexity, both in terms of politics and technology, cybersecurity is also one of the major challenges in the contemporary world. Where did it all begin? We take a look at the history of cybersecurity from inception to the present day. 1970s: ARAPNET and the Creeper Cybersecurity began in the 1970s when researcher Bob Thomas created a computer programme called Creeper that could move across ARPANET’s network, leaving a breadcrumb trail wherever it went. Ray Tomlinson, the inventor of email, wrote the programme Reaper, which chased and deleted Creeper. Reaper was the very first example of antivirus software and the first self-replicating programme, making it the first- ever computer worm. 1980s: Birth of the commercial antivirus 1987 was the birth year of commercial antivirus although there were competing claims for the innovator of the first antivirus product. Andreas Lüning and Kai Figge released their first antivirus product for the Atari ST – which also saw the release of Ultimate Virus Killer in 1987. Three Czechoslovakians created the first version of the NOD antivirus in the same year and in the US, John McAfee founded McAfee and released VirusScan. 1990s: The world goes online With the internet becoming available to the public, more people began putting their personal information online. Organised crime entities saw this as a potential source of revenue and started to steal data from people and governments via the web. By the middle of the 1990s, network security threats had increased exponentially and firewalls and antivirus programmes had to be produced on a mass basis to protect the public. 2000s: Threats diversify and multiply In the early 2000s crime organisations started to heavily fund professional cyberattacks and governments began to clamp down on the criminality of hacking, giving much more serious sentences to those culpable. Information security continued to advance as the internet grew as well but, unfortunately, so did viruses. 2021: The next generation The cybersecurity industry is continuing to grow at the speed of light. The global cybersecurity market size is forecast to grow to $345.4bn by 2026 according to Statista. Ransomware is one of the most common threats to any organisation's data security and is forecast to continue to increase.
  • 4.
    CIA Triad • TheCIA Triad is actually a security model that has been developed to help people think about various parts of IT security. • Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset if cyber security CIA triad broken down: Confidentiality • It's crucial in today's world for people to protect their sensitive, private information from unauthorized access. • Protecting confidentiality is dependent on being able to define and enforce certain access levels for information. • In some cases, doing this involves separating information into various collections that are organized by who needs access to the information and how sensitive that information actually is - i.e. the amount of damage suffered if the confidentiality was breached. • Some of the most common means used to manage confidentiality include access control lists, volume and file encryption, and Unix file permissions. Integrity • Data integrity is what the "I" in CIA Triad stands for. • This is an essential component of the CIA Triad and designed to protect data from deletion or modification from any unauthorized party, and it ensures that when an authorized person makes a change that should not have been made the damage can be reversed. Availability • This is the final component of the CIA Triad and refers to the actual availability of your data. • Authentication mechanisms, access channels and systems all have to work properly for the information they protect and ensure it's available when it is needed.
  • 5.
    Understanding the CIAtriad • The CIA Triad is all about information. While this is considered the core factor of the majority of IT security, it promotes a limited view of the security that ignores other important factors. • For example, even though availability may serve to make sure you don't lose access to resources needed to provide information when it is needed, thinking about information security in itself doesn't guarantee that someone else hasn't used your hardware resources without authorization. • It's important to understand what the CIA Triad is, how it is used to plan and also to implement a quality security policy while understanding the various principles behind it. It's also important to understand the limitations it presents. When you are informed, you can utilize the CIA Triad for what it has to offer and avoid the consequences that may come along by not understanding it. History of Cyber Crime  The internet in India is growing rapidly. It has given rise to new opportunities in every field we can thinkofbeitentertainment,business,sportsoreducation.  There’re two sides to a coin. Internet also has it’s own disadvantages is Cyber crime- illegal activity committedontheinternet.  Cybercrimeisnot anewphenomena  The firstrecordedcybercrimetookplaceintheyear1820.  In 1820, JosephMarie Jacquard, a textile manufacturer in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquardfromfurtheruseofthenewtechnology.Thisis thefirstrecordedcybercrime!  Figure 1.1, based on a 2008 survey in Australia, shows the cybercrime trend.
  • 6.
     Indian corporateand government sites have been attacked or defaced more than 780 times between February 2000 and December 2002.  There are also stories/news of other attacks; for example, according to a story posted on 3 December 2009, a total of 3,286 Indian websites were hacked in 5 months – between January and June 2009.  Various cybercrimes and cases registered under cybercrimes by motives and suspects in States and Union Territories (UTs). 1. Cybercrime: Definition and Origins of the Word Cybercrime : “a crime conducted in which a computer was directly and significantly instrumental.” Alternative definitions of Cybercrime are as follows : 1. Any illegal act where a special knowledge of computer technology is essential for its perpetration (to commit a crime), investigation or prosecution. 2. Any traditional crime that has acquired a new dimension or order of magnitude through the aid of a computer, and abuses that have come into being because of computers. 3. Any financial dishonesty that takes place in a computer environment. 4. Any threats to the computer itself, such as theft of hardware or software, damage and demands for money. 5. cybercrime (computer crime) is any illegal behavior, directed by means of electronic operations, that targets the security of computer systems and the data processed by them.” Note that in a wider sense, “computer-related crime” can be any illegal behavior committed by means of, or in relation to, a computer system or network; however, this is not cybercrime. The term “cybercrime” relates to a number of other terms that may sometimes be used to describe crimes committed using computers. • Computer-related crime • Computer crime • Internet crime • E-crime • High-tech crime, etc. are the other synonymous terms.
  • 7.
    The Botnet Menace! •Botnet: A group of computers that are controlled by software containing harmful programs, without their users' knowledge. • The term “Botnet” is used to refer to a group of compromised computers (zombie computers, i.e., personal computers secretly under the control of hackers) running malwares under a common command and control infrastructure. • A Botnet maker can control the group remotely for illegal purposes, the most common being • denial-of-service attack (DoS attack), • Adware, • Spyware, • E-Mail Spam, • Click Fraud
  • 8.
    Who are Cybercriminals? Cybercrimeinvolves such activities as • Childpornography • Credit cardfraud • Cyberstalking • Defaming anotheronline • Gainingunauthorizedaccesstocomputersystems • Ignoringcopyrights • Softwarelicensingandtrademarkprotection • Overridingencryptiontomakeillegalcopies • Softwarepiracy • Stealinganother’sidentitytoperformcriminalacts They can be categorized into three groups that reflect their motivation: Type I: Cybercriminals hungry for recognition • Hobby hackers; • IT professionals; • politically motivated hackers; • terrorist organizations. Type II: Cybercriminals - not interested in recognition • Psychological perverts; • financially motivated hackers; • state-sponsored hacking; • organized criminals TypeIII:Cybercriminals -theinsiders • Disgruntled or former employees seeking revenge; • competing companies using employees to gain economic advantage through damage and / or theft. Motives behind cybercrime: • Greed & Desire to gain power • Publicity • Desire for revenge • A sense of adventure • Looking for thrill to access forbidden information • Destructive mindset • Desire to sell network security services
  • 9.
    Classifications of Cybercrimes •Crime is defined as an act or the commission of an act that is forbidden, or the omission of a duty that is commanded by a public law and that makes the offender liable to punishment isthatlaw". • Cybercrimesareclassifiedasfollows: 1. Cybercrime againstindividual: • Electronic mail spoofing and other onlinefrauds A spoofed E-Mail is one that appears to originate from one source but actually has been sent from another source. For example, let us say, Roopa has an E-Mail address roopa@asianlaws.org. Let us say her boyfriend Suresh and she happen to have a show down. Then Suresh, having become her enemy, spoofs her E-Mail and sends obscene/vulgar messages to all ler acquaintances. Since the E-Mails appear to have originated from Roopa, her friends could take offense and relationships could be spoiled for life. 1.1 Online Frauds • Online Scams. There are a few major types of crimes under the category of hacking: • Spoofing website and E-Mail security alerts, false mails about virus threats, lottery frauds and Spoofing. • In Spoofing websites and E-Mail security threats, fraudsters create authentic looking websites that are actually nothing but a spoof. • The purpose of these websites is to make the user enter personal information which is then used to access business and bank accounts. • Fraudsters are increasingly turning to E-Mail to generate traffic to these websites. • This kind of online fraud is common in banking and financial sector. • There is a rise in the number of financial institutions’ customers who receive such E- Mails which usually contain a link to a spoof website and mislead users to enter user ids and passwords. • It is wise to be alert and careful about E-Mails containing an embedded link, with a request for you to enter secret details. It is strongly recommended not to input any sensitive information that might help criminals to gain access to sensitive information, such as bank account details, even if the page appears legitimate. • In virus E-Mails, the warnings may be genuine, so there is always a dilemma whether to take them lightly or seriously. • A wise action is to first confirm by visiting an antivirus site such as McAfee, Sophos or Symantec before taking any action, such as forwarding them to friends and colleagues.
  • 10.
    • Phishing, spearphishing Phishingis the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal informationatafakewebsite,thelookandfeelofwhichare identical tothe legitimate site. • Spamming Spamming is the use of messaging systems to send an unsolicited message (spam), especially advertising, as well as sending messages repeatedly on the same site. While the most widely recognized form of spam is email spam, the term is applied to similar abusesin othermedia • Although the most widely recognized form of Spam is E-Mail Spam, this term is applied to similar abuses in other media: • instant messaging Spam, • Usenet newsgroup Spam, • web search engine Spam, • Spam in blogs, • wiki Spam, • online classified ads Spam, • mobile phone messaging Spam, • Internet forum Spam, • junk fax transmissions • file sharing network Spam. • Spam is caused by flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. • Often, this may result in the notorious DoS attack. • Commercial advertising often happens to be the cause of Spam. Such advertisements are often for products of dubious reputation and fraud schemes meant to make people believe they can get rich overnight! • Some Spam may also get generated through quasi-legal services. • Spam hardly costs much to the sender; most of the costs are paid for by the recipient or the carriers rather than by the sender. • People who engage in the activity of electronic Spam are called spammers.
  • 11.
    • Two maintypes of Spam are worth mentioning: • “cancellable Usenet Spam” in which a single message is sent to several Usenet newsgroups and “E-Mail Spam” which targets individual users with direct mail messages. • Spam does not cost much to people. • Spam does, however, cost money to ISPs and to online service providers to transmit Spam. Unfortunately, subscribers end up paying these costs because the costs are transmitted directly to subscribers. • Cyberdefamation The term defamation is used to define the injury that is caused to the reputation of a person in the eyes of a third person. The injury can be done by words oral or written, or by signs or by visiblerepresentations. Cyber defamation is publishing of defamatory material against another person with the help ofcomputersorinternet. • Cyberstalking andharassment Cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, group, or organization. It may include false accusations, defamation, slander and libel. It may also include monitoring, identity theft, threats, vandalism, or gathering informationthatmaybeusedtothreaten,embarrassor harass. • Computersabotage Computer sabotage involves deliberate attacks intended to disable computers or networks for the purpose of disrupting commerce, education and recreation for personal gain, committing espionage, or facilitating criminal conspiracies, Through viruses, worms, logic bombs. • Pornographic offenses Child pornography offences occur under four main categories: making child pornography, distribution of child pornography, possession of child pornography and accessing child pornography. The category of offences for child pornography are comparable to laws relating to illegal drugs, in that both are inherently illegal to possess and are followed with a similar set of escalating factors which apply to those producing or makingthisillegalmaterialavailabletoothers • Password Sniffing A password sniffer is a software application that scans and records passwords that are used or broadcasted on a computer or network interface. It listens to all incoming and outgoing network traffic and records any instance of a data packet that containsapassword.
  • 12.
    2. Cybercrime againstproperty •Credit card frauds Credit card fraud is a wide-ranging term for theft and fraud committed using or involving a payment card, such as a credit card or debit card, as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorizedfundsfromanaccount. • Intellectual property( IP)crimes Basically IP crimes include software piracy, copyright infringement, trademark violation, theft of computer source code, etc. • Internet timetheft It is the use by an unauthorized person, of the Internet hours paid for by another person. You can identify time theft if your Internet time has to be recharged often, despite infrequentusage. 3. Cybercrime againstorganization • Unauthorized accessing ofcomputer Unauthorized access is when someone gains access to a website, program, server, service, or other system using someone else's account or other methods. For example, if someone kept guessing a password or username for an account that was not theirs until theygainedaccessitisconsideredunauthorizedaccess. • Password sniffing A password sniffer is a software application that scans and records passwords that are used or broadcasted on a computer or network interface. It listens to all incoming and outgoing network traffic and records any instance of a data packet that contains a password. • Denial-of-service attacks Denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting servicesofahostconnectedtotheInternet. • E-Mail bombing/mailbombs Email bomb. In Internet usage, an email bomb is a form of net abuse consisting of sending huge volumes of email to an address in an attempt to overflow the mailbox or overwhelm the server wheretheemailaddressishostedinadenial- of-service attack. • Salami attack/ Salamitechnique A salami attack is when small attacks add up to one major attack that can go undetected due to the nature of this type of cyber crime. It also known assalami slicing
  • 13.
    • Logic bomb Alogic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company. • Trojan Horse A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces virusesontoyourcomputer. • Data diddling Data diddling is the changing of data before or during entry into the computer system. Examples include forging or counterfeiting documents used for data entry and exchanging valid disks and tapeswithmodifiedreplacements. • Industrial spying/ industrialespionage • Industrial espionage is the covert and sometimes illegal practice of investigating competitors to gain a business advantage. The target of investigation might be a trade secret such as a proprietary productspecificationorformula,orinformation about businessplans. • However, cyberspies rarely leave behind a trail. • Industrial spying is not new; in fact it is as old as industries themselves. The use of the Internet to achieve this is probably as old as the Internet itself. • Traditionally, this has been the reserved hunting field of a few hundreds of highly skilled hackers, contracted by high-profile companies or certain governments via the means of registered organizations (it is said that they get several hundreds of thousands of dollars, depending on the “assignment”). • With the growing public availability of Trojans and Spyware material, even low- skilled individuals are now inclined to generate high volume profit out of industrial spying. • Computer networkintrusions Methods of Attack. A network intrusion is any unauthorized activity on a computer network. Detecting an intrusion depends on the defenders having a clear understanding of how attackswork.
  • 14.
    • Software piracy Softwarepiracy is the illegal copying, distribution, or use of software. It is such a profitable "business" that it has caught the attention of organized crime groups in a number of countries. According to the BusinessSoftwareAlliance (BSA), about 36% of allsoftwarein currentuseisstolen. • Crimes emanating from Usenet newsgroup: • By its very nature, Usenet groups may carry very off ensive, harmful, inaccurate or otherwise inappropriate material, or in some cases, postings that have been mislabeled or are deceptive in another way. Therefore, it is expected that you will use caution and common sense and exercise proper judgment when using Usenet, as well as use the service at your own risk. • Usenet is a popular means of sharing and distributing information on the Web with respect to specific topic or subjects. • Usenet is a mechanism that allows sharing information in a many-to-many manner. • The newsgroups are spread across 30,000 different topics. • In principle, it is possible to prevent the distribution of specific newsgroup. • In reality, however, there is no technical method available for controlling the contents of any newsgroup. • It is merely subject to self-regulation and net etiquette. • It is feasible to block specific newsgroups, however, this cannot be considered as a definitive solution to illegal or harmful content. • It is possible to put Usenet to following criminal use: 1. Distribution/sale of pornographic material; 2. distribution/sale of pirated software packages; 3. distribution of hacking software; 4. sale of stolen credit card numbers. 5. sale of stolen data/stolen property. 4. Cybercrime againstSociety • Forgery is a white-collar crime that generally refers to the false making or material alteration of a legal instrument with the specific intent to defraud anyone. Tampering with a certain legal instrument may be forbidden by law in some jurisdictions but such an offense is not related to forgery unless the tampered legal instrument was actually used in the course of the crime to defraud another person orentity.
  • 15.
    • Cyberterrorism Cyberterrorism isthe use of computers and the internet to attack or frighten large numbers of people, usually in order to achieve political aims or to force a government to do something. The government has pledged more money to fight cyberterrorism andotheronlineattacks. • Web jacking Illegally seeking control of a website by taking over a domain is known as Web Jacking. It is similar to hijacking. Cybercrime: The LegalPerspectives • Cybercrimepossessamammothchallenge • Computercrime:CriminalJusticeResourceManual(1979) o Any illegal act for which knowledge of computer technology is essential for a successful prosecution. • Internationallegalaspectsofcomputercrimeswerestudiedin1983 o Encompasses any illegal act for which the knowledge of computer technology is essential for itsperpetration • The network context of cyber crime make it one of the most globalized offenses of thpresent andmostmodernizedthreatsofthefuture. • Solution: oDivideinformationsystemintosegmentsborderedbystateboundaries. o Notpossibleandunrealisticbecauseofglobalization • Or incorporate the legal system into an integrated entity obliterating these state boundaries. • Apparently, the first way is unrealistic. Although all ancient empires including Rome, Greece and Mongolia became historical remnants, and giant empires are not prevalent in current world, the partition of information systems cannot be an imagined practice. • In a globally connected world, information systems become the unique empire without tangible territory.
  • 16.
    Cybercrimes: An IndianPerspective • Indiahasthefourthhighestnumberofinternetusersintheworld. • 45millioninternetusersinIndia • 37%-in cybercafés • 57%arebetween18and35years • The Information Technology (IT) Act, 2000, specifies the acts which are punishable. Since the primary objective of this Act is to create an enabling environment for commercial use of I.T. • 217 cases were registered under IT Act during the year 2007 as compared to 142 cases during the previousyear(2006) • Thereby reporting an increase of 52.8% in 2007 over 2006. • 22.3% cases (49out of 217 cases) were reported from Maharashtra followed by Karnataka(40),Kerala(38)andAndhraPradeshandRajasthan(16each). A. Cybercrimes: Cases of Various Categories under ITA 2000 • 217 cases were registered under Information Technology Act (ITA) during the year 2007 as compared to 142 cases during the previous year (2006), thereby reporting an increase of 52.8% in 2007 over 2006. • 22.3% cases (49 out of 217 cases) were reported from Maharashtra followed by Karnataka (40), Kerala (38) and Andhra Pradesh and Rajasthan (16 each). • 86 persons were arrested for committing such offenses during 2007. • Out of the total (76) hacking cases, the cases relating to loss/damage of computer resource/utility under Section 66(1) of the IT Act were 39.5% (30 cases) whereas the cases related to hacking under Section 66(2) of IT Act were 60.5% (46 cases). • Maharashtra (19) and Kerala (4) registered maximum cases under Section 66(1) of the IT Act out of total 30 such cases at the National level. • Out of the total 46 cases relating to hacking under Section 66(2), most of the cases (31) were reported from Karnataka followed by Kerala (7) and Andhra Pradesh (3). 29.9% of the 154 persons arrested in cases relating to ITA 2000 were from Maharashtra (46) followed by Karnataka and Madhya Pradesh (16 each). • India is said to be the “youth country” given the population age distribution. From the potential resources perspective, this is supposed to be a great advantage; assuming that these • youths will get appropriate training to develop the required professional skills in them.
  • 17.
    • However, fromcybercrime perspective, this youth aspect does not seem good as revealed by cybercrime statistics in India. B. Cybercrimes: Cases of Various Categories under IPC Section • A total of 339 cases were registered under IPC Sections during the year 2007 as compared to 311 such cases during 2006, thereby reporting an increase of 9.0%. • Madhya Pradesh reported maximum number of such cases, nearly 46.6% of total cases (158 out of 339) followed by Andhra Pradesh 15.6% (53 cases) and Chhattisgarh 15.3% (52cases). • Majority of the crimes out of total 339 cases registered under IPC fall under two categories, Forgery (217) and Criminal Breach of Trust or Fraud (73). • The cyber forgery cases were the highest in Madhya Pradesh (133) followed by Chhattisgarh (26) and Andhra Pradesh (22). The cases of cyberfraud were highest in Madhya Pradesh (20) followed by Punjab (17) and Andhra Pradesh (15). • A total of 429 persons were arrested in the country for Cybercrimes under IPC during 2007. 61.5% offenders (264) of these were taken into custody for offenses under “Cyber forgery,” 19.8% (85) for “Criminal Breach of Trust/Fraud” and 11.4% (49) for “Counterfeiting Currency/Stamps.” • The age-group-wise profile of the arrested persons showed that 55.2% (237 of 429) were in the age group of 30–45 years and 29.4% (126 of 429) of the offenders were in the age group of 18–30 years. • 57.6% of the persons arrested under Criminal Breach of Trust/Cyberfraud offenses were in the age group 30–45 years (49 out of 85). C. Incidence of Cyber Crimes in Cities: • 17outof35megacitiesdid notreportanycaseofCyberCrime i.e,neitherundertheIT Act nor under IPCSections)duringtheyear2007. • 17 mega cities have reported 118 cases under IT Act and 7 megacities reported 180 casesundervarioussectionof IPC. • There was an increase of 32.6% (from 89 cases in 2006 to 118 cases in 2007) in cases underITActascomparedtopreviousyear(2006), • And an increase of 26.8% (from 142 cases in 2006 to 180 cases in 2007) of cases registeredundervarioussectionofIPC
  • 18.
    • Bengaluru (40),Pune (14) and Delhi (10) cities have reported high incidence of cases (64 out of 118 cases) registered under IT Act, accounting for more than half of the cases (54.2%) reported underthe Act.
  • 19.
    Cybercrime and theIndian ITA 2000 • In India, the ITA 2000 was enacted after the United Nation General Assembly Resolution A/RES/51/162 in January 30, 1997 by adopting the Model Law on Electronic Commerce adoptedbytheUnitedNationsonInternationalTradeLaw. • This was the first step toward the Law relating to E-Commerce at international level to regulate an alternative form of commerce and to give legal status in the area of E- Commerce. Hacking and the Indian Law(s): • The number of Offenses to be monitored has increased. According to cyberlaw experts, “Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cybercrime.” • Cases of Spam, hacking, cyberstalking and E-Mail fraud are rampant and, although cybercrimes cells have been set up in major cities, the problem is that most cases remain unreported due to a lack of awareness. • In an environment like this, there are a number of questions in the minds of a commoner: • When can consumers approach a cybercrime cell? • What should the victims do? • How does one maintain security online? • Any and every incident of cybercrime involving a computer or electronic network can be reported to a police station, irrespective of whether it maintains a separate cell or not. • CHAPTER XI of the original ITA 2000 lists a number of activities that may be taken to constitute cybercrimes.
  • 20.
    Cybercrimes are punishableunder two categories: the ITA 2000 and the IPC.
  • 21.
    In the amendmentto the IT Act 2000, now known as the ITA 2008, several offenses have been added to the Act. • The amendments have now revealed a whole bundle of surprises which will make the cybercrime police jump. Existing Sections 66 and 67 (in the original ITA 2000) on hacking and obscene material have been updated by dividing them into more crime- specific subsections, thereby making cybercrimes punishable. • In Section 66, hacking as a term has been removed. • This section has now been expanded to include Sections • 66A (offensive messages), • 66B (receiving stolen computer), • 66C (identity theft), • 66D (impersonation), • 66E (voyeurism) and • 66F (cyberterrorism). Section 66F is a new section of the ITA 2008(recent amendments to the Indian ITA 2000). It covers “Cyberterrorism” and makes it punishable with imprisonment up to life term. This may cover hacking, • DoS attacks, Port Scanning, spreading viruses, etc., if it can be linked to the object of terrorizing people.
  • 22.
    A Global Perspectiveon Cybercrimes • In Australia cybercrime has a narrow statutory meaning as used in the Cyber Crime Act 2001,whichdetailsoffensesagainstcomputerdataandsystems. • However, a broad meaning is given to cybercrime at an international level. In the Council of Europe's (CoE's) Cyber Crime Treaty, cybercrime is used as an umbrella term to refer to an array of criminal activity including offenses against computer data and systems, computerrelatedoffenses,contentoffensesandcopyrightoffenses. • Thiswidedefinitionofcybercrimeoverlapsinpartwithgeneraloffensecategoriesthat need not be Information & Communication Technology (ICT)-dependent, such as white collar crime and economiccrime. • The Spam legislation scenario mentions "none" about India as far as E-Mail legislation in India is concerned. The legislation refers to India as a "loose" legislation, although there is a mention inSection67of IndianITA2000. • About 30 countries have enacted some form of anti-Spam legislation. • The growing phenomenon is the use of Spam to support fraudulent and criminal activities – including attempts to capture financial information (e.g., account numbers and passwords) by masquerading messages as originating from trusted companies (“brand- spoofi ng” or “Phishing”) – and as a vehicle to spread viruses and worms. • Thus, one can see that there is a lot to do toward building confidence and security in the use of ICTs and moving toward international cooperation agenda. • Thus, one can see that there is a lot to do toward building confidence and security in the use of ICTs and moving toward international cooperation agenda. This is because in the 21 century, there is a growing dependency on ICTs that span the globe. There was a rapid growth in ICTs and dependencies that led to shift in perception of cybersecurity threats in mid- 1990s. • August 4, 2006 Announcement: The US Senate ratifies CoE Convention on Cyber Crime. The convention targets hackers, those spreading destructive computer viruses (refer to Chapter 4), those using the Internet for the sexual exploitation of children or the distribution of racist material, and terrorists attempting to attack infrastructure facilities or financial institutions.
  • 23.
    The Convention isin full accord with all the US constitutional protections, such as free speech and other civil liberties, and will require no change to the US laws. • In August 18, 2006, there was a news article published “ISPs Wary About ‘Drastic Obligations’ on Web Site Blocking.” European Union (EU) officials want to debar suspicious websites as part of a 6-point plan to boost joint antiterrorism activities. They want to block websites that incite terrorist action. Once again it is underlined that monitoring calls, Internet and E-Mail traffi c for law enforcement purposes is a task vested in the government, which must reimburse carriers and providers for retaining the data. • CoE Cyber Crime Convention (1997–2001) was the first international treaty seeking to address Internet crimes by harmonizing national laws, improving investigative techniques and increasing cooperation among nations.[19] More than 40 countries have ratified the Convention to date. • Cybercrime and the Extended Enterprise • It is a continuing problem that the average user is not adequately educated to understand the threats and how to protect oneself. • Actually, it is the responsibility of each user to become aware of the threats as well as the opportunities that “connectivity” and “mobility” presents them with. • In this context, it is important to understand the concept of “extended enterprise.” This term (Fig. 1.14) represents the concept that a company is made up not just of its employees, its board members and executives, but also its business partners, its suppliers and even its customers. Figure 1.4 : Extended Enterprise • The extended enterprise can only be successful if all of the component groups and individuals have the information they need in order to do business effectively.
  • 24.
    • An extendedenterprise is a “loosely coupled, self-organizing network” of firms that combine their economic output to provide “products and services” offerings to the market. • Firms in the extended enterprise may operate independently, for example, through market mechanisms or cooperatively through agreements and contracts. • Seamless flow of “information” to support instantaneous “decision-making ability” is crucial for the “external enterprise.” • This becomes possible through the “interconnectedness.” • Due to the interconnected features of information and communication technologies, security overall can only be fully promoted when the users have full awareness of the existing threats and dangers. • Governments, businesses and the international community must, therefore, proactively help users’ access information on how to protect themselves. • Given the promises and challenges in the extended enterprise scenario, organizations in the international community have a special role in sharing information on good practices, and creating open and accessible enterprise information flow channels for exchanging of ideas in a collaborative manner. International cooperation at the levels of government, industry, consumer, business and technical groups to allow a global and coordinated approach to achieving global cybersecurity is the key.