Uploaded byJigarthacker
PPSX, PPTX8,265 views

Unit 2

The document details various aspects of cybercrime and cybersecurity, highlighting the methods and phases criminals use to plan attacks. It discusses different types of cybercriminals (hackers, crackers, phreakers), types of attacks (active vs passive), and categorization of social engineering tactics. Additionally, it emphasizes security risks in cybercafes and cloud computing, providing security tips and addressing the implications of botnets.

Education
Related topics:
Cyber-Security Cyber Crime

Embed presentation

Download as PPSX, PPTX
BCA602 – CYBERCRIME AND CYBERSECURITY Presented By:- Jigar Jobanputra SRK INSTITUTE OF MANAGEMENT AND COMPUTER EDUCATION
How Criminal Plan offenses  Cybercriminal use the internet for illegal activities to store data, contacts, account information, etc.  People who commit cybercrimes are known as “Crackers”.
Hackers, Crackers and Phreakers  A hacker is a person with strong interest in computers who enjoys learning and experimenting with them. Hackers are usually very talented, smart people who understand computers better than others.
Brute force hacking  It is a technique used to find passwords or encryption keys. Brute force hacking involves trying every possible combination of letters, numbers, etc until the code is broken.
Cracker  A cracker is a person who breaks into computers. Crackers should not be confused with hackers. The term cracker is usually connected to computer criminals.
Cracking  It is the act of breaking into computers. Cracking is popular, growing subject on the internet. Many sites are devoted to supplying crackers with programs that allow them to crack computers.
Phreaking  This is the notorious art of breaking into communication system. Phreaking sites are popular among crackers and other criminals.
How Criminals plan the attacks  Criminals use many methods and tools to locate weakness(vulnerability) of their target.  Criminals plan passive and active attacks.  Active attacks are usually used to alter the system whereas passive attacks attempt to gain information about the target.  In addition to the active and passive categories, attacks can be categorized as either inside or outside.
Inside Attack  An attack originating and/or attempted within the security perimeter of an organization is an inside attack.  It is usually attempted by an “insider” who gains access to more resources than expected.
Outside Attack  An outside attack is attempted by a source outside the security perimeter.  It may be attempted by an insider and/or an outsider.  It is attempted through the Internet or a remote access connection.
Phases involved in planning cybercrime 1. Reconnaissance (information gathering) is the first phase and is treated as passive attacks. 2. Scanning the gathered information for the validity of the information as well as to identify the existing weakness. 3. Launching an attack.
Phase 1  The meaning of Reconnaissance is an act of reconnoitering – explore, often with the goal of finding something or somebody.  Reconnaissance phase begins with “Footprinting”.  Footprinting is the preparation toward preattack phase.
Continue…  Footprinting gives an overview about system weakness and provides a judgment about “How to break this?”.  The objective of this phase is to understand the system, its networking ports and services, and any other aspects of its security.
 Passive Attack :  In computer security, attempt to steal information stored in a system by electronic wiretapping or similar means. Although, in contrast to active attack, passive attack does not attempt to interfere with the stored data, it may still constitute a criminal offense.
 A passive attack involves gathering information about a target without his/her knowledge. Information can be gathered from :  It is usually done using Internet searches or by Googling. They use Google Earth to locate information about employees.  Surfing online community groups like orkut/facebook will prove useful to gain the information about an individual.
Continue…  Organization’s website may provide a personnel directory or information about key employees.  Bolgs, newgroups, press releases, etc. are generally used as the mediums to gain information about the company or employee.  Going through the job postings in particular job profiles for technical persons.  Network sniffing is another means of passive attack to yield useful information such as IP, hidden servers or networks.
Tools used for Passive Attack  Google Earth  WHOIS  Nslookup (name server lookup)  Dnsstuff  eMailTrackerPro  Website Watcher
 Active Attack In computer security, persistent attempt to introduce invalid data into a system, and/or to damage or destroy data already stored in it. In many countries, it is a criminal offense to attempt any such action.
Port Scanning  A port is place where information goes into and out of a computer.  Ports are entry/exit points that any computer has, to be able to communicate with external machines.  Each computer is enabled with three or more external ports.  Port scanning is an act of systematically scanning a computer’s ports.
Phase – 2 : Scanning and Scrutinizing gathered information  Scanning is a key step to examine intelligently while gathering information about the target. The objectives of scanning are as follows :  Port Scanning :  Identify open/close ports and services.  Network scanning :  Understand IP addresses and related information about the computer network system.  Vulnerability scanning :  Understand the existing weaknesses in the system.
 The scrutinizing (inspecting) phase is called “enumeration” (listing) in the hacking world.  The objective behind this step is to identify :  The valid user accounts or groups;  Network resources and/or shared resources;  OS and different applications that are running on the OS.  Note : Usually most of the attackers consume 90% of the time in scanning, scrutinizing and gathering information on a target and 10% of the time in launching the attack.
Phase 3 : Attack  The attack is launched using the following steps :  Crack the password;  Exploit the privileges;  Execute the malicious command/applications;  Hide the files (if required);  Cover the tracks – delete the access logs, so that there is no trail illicit activity.
Social Engineering  Social engineering is the “technique to influence” people to obtain the information.  It is generally observed that people are the weak link in security and this principle makes social engineering possible.  Social engineering involves gaining sensitive information or unauthorized access privileges by building inappropriate trust relationships with insiders.
Classification of Social Engineering  Human Based Social Engineering  Computer Based Social Engineering
Human Based Social Engineering  Human based social engineering refers to person-to-person interaction to get information.  Impersonating an employee or valid user  Posing as an important user  Using a third person  Calling technical support  Shoulder surfing  Dumpster diving
Computer Based Social Engineering  Computer based social engineering refers to an attempt made to get the required information by using computer software/internet.  Fake E-mail  E-mail attachments  Pop-up windows
Cyberstalking  Stalking is an “act or process of following victim silently – trying to approach somebody or something”  Cyberstalking has been defined as the use of information and communications technology of individuals to harass another individual.
Types of Stalkers  There are primarily two types of stalkers.  Online stalkers  Offline stalkers  Online stalkers :  They aim to start the interaction with the victim directly with the help of the internet (email/Chat Room).  The stalker makes sure that the victim recognizes the attack attempted on him/her.  The stalker can make use of a third party to harass the victim.
 Offline stalkers :  The stalker may begin the attack using traditional methods such as following victim, watching the daily routine of the victim, etc.  For ex. Use of community sites, newsgroups, social websites, personal websites.  The victim is not aware that the Internet has been used to achieve an attack against them.
Cases reported on Cyberstalking  The majority of cyberstalking are men and the majority of their victims are women.  In many cases, the cyberstalker is ex-lover, ex- spouse, boss/subordinate, and neighbor.  There also have been cases about strangers who are cyberstalkers.
How Stalking works?  Personal information gathering about the victim;  Establish a contact with victim through telephone/cell phone. Once the contact is established, the stalker may make calls to the victim to harass.  Stalkers always establish a contact with victim through e-mail.
 The stalker may post the victim’s personal information as sex workers’ service or dating service. The stalker will use bad/attractive language to invite the interested persons.  Whosoever comes across the information, starts calling victim and asking for sexual services or relationship.  Some stalkers subscribe the e-mail account of the victim to innumerable pornographic and sex sites.
Real Life Example  The indian police have registered first case of cyberstalking in Delhi.  Mrs. Joshi received almost 40 calls in 3 days mostly at odd hours.  Mrs. Joshi decided to register a complaint with Delhi police.  A person was using her ID to chat over the Internet at the website www.mirc.com.
Cybercafe and Cybercrimes  In February 2009 survey, 90% of the audience across eight cities and 3500 cafes were male and in the age group of 15-35 years;  52% were graduates and postgraduates  Almost 50% were students.  In India, cybercafes are known to be used for either real or false terrorist communication.
 Cybercafe hold two types of risks : 1. We do not know what programs are installed on the computer like keyloggers or spyware. 2. Over the shoulder peeping can enable others to find out your passwords.  Cybercriminals prefer cybercafes to carry out their activities.  A recent survey conducted in one of the metropolitan cities in India reveals the following facts :
1. Pirated softwares are installed in all the computers. 2. Antivirus was not updated with latest patch. 3. Several cybercafes has installed “Deep Freeze” to protect computer which helps cybercriminals. 4. Annual Maintenance Contract (AMC) was not found for servicing of the computer. 5. Pornographical websites were not blocked.
6. Cybercafe owner have very less awareness about IT security. 7. Cybercafe association or State Police do not seem to conduct periodic visits to cybercafe.
Security tips for cybercafe  Always Logout  While checking email or logging in for chatting, always click logout/sign out.  Stay with the computer  While surfing, don’t leave the system unatteneded for any period of time.  Clear history and temporary files  Before browsing deselect AutoComplete option. Browser - > Tools -> Internet options -> Content tab.  Tools -> Internet Option -> General Tab -> Temporary Internet Files -> Delete files and then Delete Cookies.
 Be alert  One have to be alert for snooping over the shoulder.  Avoid online financial transactions  One should avoid online banking, shopping, etc.  Don’t provide sensitive information such as credit card number or bank account details.  Change Passwords / Virtual Keyboard  Change password after completion of transaction.  Almost every bank websites provide virtual keyboard.  Security Warnings  Follow security warning while accessing any bank websites.
 The meaning of botnet is “an automated program for doing some particular task, over a network”.  Botnet term is used for collection of software that run autonomously and automatically.  Botnets are exploited for various purposes, including denial-of-service attacks, creation or misuse of SMTP mail relays for spam, click fraud, and financial information such as credit card numbers. Botnet
 In short, a botnet is a network of computers infected with a malicious program that allows cybercriminals to control the infected machines remotely without the users’ knowledge.  A Botnet is also called a zombie network.
 A botnet operator sends out viruses or worms, infecting ordinary users' computers, whose payload is a malicious application—the bot.  The bot on the infected PC logs into a particular C&C server (often an IRC server, but, in some cases a web server). How a botnet is created and used
 A spammer purchases the services of the botnet from the operator.  The spammer provides the spam messages to the operator, who instructs the compromised machines via the IRC server, causing them to send out spam messages.
Use of Botnet  If someone wants to start a business and has no programming skills, there are plenty of “Bot for Sale” offers on forums.  Encryption of these program’s code can also be ordered to protect them from detection by antivirus.
Botnet creation Botnet renting Ddos attacks Spam attacks Malware and Adware installation Botnet selling Stealing confidential information Selling credit card and bank account details Selling personal identity information Selling internet services and shops account Phishing attacks Spamdexing
Points to secure the system :  Use antivirus and anti-Spyware software and keep it up-to-date.  Set the OS to download and install security patches automatically.  Use a firewall to protect the system from hacking attacks while it is connected on the internet.  Disconnected from the internet when you are away from your computer.
 Downloading the freeware only from websites that are known and trustworthy.  Check regularly the folders in the mail box for those messages you did not send.  Take an immediate action if your system is infected.
Attack Vector  An attack vector is a path by which an attacker can gain access to a computer or to a network server to deliver a payload.  Attack vectors enable attackers to exploit system vulnerability.  Attack vectors include viruses, e-mail attachments, webpages, pop-up windows, instant messages, and chat rooms.
 The most common malicious payloads are viruses, trojan horses, worms and spyware.  Payload means the malicious activity that the attack performs.  How attack launched ?  Attack by e-mail  Attachment  Attack by deception  Hackers  Heedless guests  Attack of worms  Malicious macros  Virues
Cybercrime and Cloud Computing  Prime area of the risk in cloud computing is protection of user data.  Risk associated with cloud computing environment are :
Risk How to Remediate the Risk? Any data processed outside the organization brings with it an inherent level of risk. Customer should obtain as much information as he/she can about the service provider. Cloud computing service providers are not able and/or not willing to undergo external assessments. The organization is entirely responsible for the security and integrity of their own data, even when it is held by a service provider. The organizations that are obtaining cloud computing services may not be aware about where the data is hosted and may not even know in which country it is hosted. Organization should ensure that the service provider is committed to obey local privacy requirements on behalf of the organization to store and process the data in the specific jurisdictions.
As the data will be stored under stored environment, encryption mechanism should be strong enough to segregate (separate) the data from another organization, whose data are also stored under the same server. Organization should be aware of the arrangements made by the service provider about segregation of the data. The service provider should display encryption schemes. Business continuity in case of any disaster. Service provider have to provide complete restoration of data within minimum timeframe.
Due to complex IT environment and several customer logging in and logging out of the hosts, it becomes difficult to trace inappropriate and illegal activity. Organization should enforce the provider to provide security violation logs at frequent intervals. In case of any major change in the cloud computing service provider, the service provided is at the stake. Organization should ensure getting their data in case of such major event.
Questions  Explain difference between passive and active attack.  What is social engineering? Explain each type of social engineering in detail.  What is cyberstalking?  What is botnet? How it works? • OR  How do viruses get disseminated? Explain with diagram.
 What is Attack Vector? How different attacks launched with attack vector.  What is cloud computing? List and explain type of services of cloud computing?  What is cloud computing? Explain types of cloud and also list the advantages of cloud computing.  Explain cloud computing and cybercrime.

More Related Content

PPTX
Cyber Security in Society
byRubal Sagwal
 
PPTX
Cyber security ppt final
bySanishShrestha2
 
DOCX
Final report ethical hacking
bysamprada123
 
PPTX
Cyber crime.pptx
byDawood Faheem Abbasi
 
PPTX
PPT on Phishing
byPankaj Yadav
 
PPTX
Cybercrime and Security
byNoushad Hasan
 
PPTX
Social Engineering
byn|u - The Open Security Community
 
PPT
Phishing attacks ppt
byAryan Ragu
 
Cyber Security in Society
byRubal Sagwal
 
Cyber security ppt final
bySanishShrestha2
 
Final report ethical hacking
bysamprada123
 
Cyber crime.pptx
byDawood Faheem Abbasi
 
PPT on Phishing
byPankaj Yadav
 
Cybercrime and Security
byNoushad Hasan
 
Social Engineering
byn|u - The Open Security Community
 
Phishing attacks ppt
byAryan Ragu
 

What's hot

PPT
Ethical hacking
byMonika Deswal
 
PPTX
What is Cryptography and Types of attacks in it
bylavakumar Thatisetti
 
PPTX
Phishing ppt
byshindept123
 
PPTX
Cyber crime and security
bySharath Raj
 
PPTX
Social engineering presentation
bypooja_doshi
 
PPT
Phishing
byanjalika sinha
 
PPTX
Cyber security
bySamsil Arefin
 
PPTX
CYBER SECURITY
byVaishak Chandran
 
PPT
Network Security
byMAJU
 
PPTX
Phishing attack seminar presentation
byAniketPandit18
 
PPTX
Cybersecurity Awareness Training
byDave Monahan
 
PPTX
PHISHING DETECTION
byumme ayesha
 
PPTX
Phishing
bySagar Rai
 
PPTX
Basic concepts in computer security
byArzath Areeff
 
PPTX
Cryptography.ppt
byUday Meena
 
PPTX
Web application attacks
byhruth
 
PPTX
Cryptography
bysubodh pawar
 
PPTX
Brute force-attack presentation
byMahmoud Ibra
 
PPTX
Email hacking
byShreyaBhoje
 
PPTX
Introduction to Cryptography
byMd. Afif Al Mamun
 
Ethical hacking
byMonika Deswal
 
What is Cryptography and Types of attacks in it
bylavakumar Thatisetti
 
Phishing ppt
byshindept123
 
Cyber crime and security
bySharath Raj
 
Social engineering presentation
bypooja_doshi
 
Phishing
byanjalika sinha
 
Cyber security
bySamsil Arefin
 
CYBER SECURITY
byVaishak Chandran
 
Network Security
byMAJU
 
Phishing attack seminar presentation
byAniketPandit18
 
Cybersecurity Awareness Training
byDave Monahan
 
PHISHING DETECTION
byumme ayesha
 
Phishing
bySagar Rai
 
Basic concepts in computer security
byArzath Areeff
 
Cryptography.ppt
byUday Meena
 
Web application attacks
byhruth
 
Cryptography
bysubodh pawar
 
Brute force-attack presentation
byMahmoud Ibra
 
Email hacking
byShreyaBhoje
 
Introduction to Cryptography
byMd. Afif Al Mamun
 

Viewers also liked

PPTX
Cyber crime ppt
byMOE515253
 
PPT
Ethical Hacking
byKeith Brooks
 
PPT
Cybercrime 1
bynayakslideshare
 
PPTX
Cyber crime ppt
byJournalist Ish
 
PPTX
Black hat hackers
bySantosh Kumar
 
DOCX
Cyber laws with case studies
byBhagya Bgk
 
DOCX
Cyber crime
bySanket Gogoi
 
PPTX
Cyber law
byArnab Roy Chowdhury
 
PPT
Data protection act
byIqbal Bocus
 
PPTX
Hacking Vs Cracking in Computer Networks
bySrikanth VNV
 
PPTX
Chapter 1: Overview of Network Security
byShafaan Khaliq Bhatti
 
PPT
Electronic evidence digital evidence in india
byAdv Prashant Mali
 
ODP
Network Security Topic 1 intro
byKhawar Nehal khawar.nehal@atrc.net.pk
 
PPTX
MIS of Tesco.plc
bytharakaj
 
PPT
Evidence act1872
byShankar Bose Sbose1958
 
PPT
CYBER CRIME AND SECURITY
bySahil Vashishtha
 
DOCX
Indian evidence act 1872.bose
byShankar Bose Sbose1958
 
PPTX
Computer Virus
byDebraj Chatterjee
 
DOCX
Cyber law case Assignment
by9945446746
 
PPT
cryptography deepan fav subject
bydeepan v
 
Cyber crime ppt
byMOE515253
 
Ethical Hacking
byKeith Brooks
 
Cybercrime 1
bynayakslideshare
 
Cyber crime ppt
byJournalist Ish
 
Black hat hackers
bySantosh Kumar
 
Cyber laws with case studies
byBhagya Bgk
 
Cyber crime
bySanket Gogoi
 
Cyber law
byArnab Roy Chowdhury
 
Data protection act
byIqbal Bocus
 
Hacking Vs Cracking in Computer Networks
bySrikanth VNV
 
Chapter 1: Overview of Network Security
byShafaan Khaliq Bhatti
 
Electronic evidence digital evidence in india
byAdv Prashant Mali
 
Network Security Topic 1 intro
byKhawar Nehal khawar.nehal@atrc.net.pk
 
MIS of Tesco.plc
bytharakaj
 
Evidence act1872
byShankar Bose Sbose1958
 
CYBER CRIME AND SECURITY
bySahil Vashishtha
 
Indian evidence act 1872.bose
byShankar Bose Sbose1958
 
Computer Virus
byDebraj Chatterjee
 
Cyber law case Assignment
by9945446746
 
cryptography deepan fav subject
bydeepan v
 

Similar to Unit 2

PPTX
Module 2_ Cyber offenses & Cybercrime.pptx
bynikshaikh786
 
PPTX
cybersecurity
bymaha797959
 
PDF
M1-02-HowCriminalsPlan.pdf
byShylesh BC
 
PPTX
Cyber Crime and Social Media Security
byHem Pokhrel
 
PPTX
34088.Chapter-2.pptx
byNAVEEN128672
 
PPTX
cyber security module 2 ppt of first year
byMayuraD1
 
PPTX
Cyberspace and the Law & Cyber Forensics
bySrinivas Kanakala
 
PPT
CS 1.ppt
byJAYANTHKUMARTM
 
PPTX
Cyber Security , types of cyber secuyrity
byhari701265
 
PPTX
Module 2_ Cyber offenses & Cybercrimes(Updated).pptx
byplacementstwc
 
PPT
Unit-2 ICS.ppt
by20ME1A4607YANAMADALA
 
PPTX
455845434-Chapter-2-Cyber-Security-pptx.pptx
byDrVPadmavathiAssocia
 
PDF
Unit 5_Social Engineering and Cyberstalking.pdf
byKanchanPatil34
 
PPT
unit 2. cyber offences_how criminals plan them.ppt
byDimple Relekar
 
PDF
Cyber Security notes on security on safety.pdf
bySantoshChinchali1
 
PPTX
Ethical hacking
byMd Mudassir
 
PPTX
Introduction.pptx
byssusere71a07
 
PPTX
Cyberstalking CyberstalkingCyberstalking
byhannahroseline2
 
PPSX
Unit 1
byJigarthacker
 
PPTX
Cyber crime social media &; family
byDr.Keshav Sathaye
 
Module 2_ Cyber offenses & Cybercrime.pptx
bynikshaikh786
 
cybersecurity
bymaha797959
 
M1-02-HowCriminalsPlan.pdf
byShylesh BC
 
Cyber Crime and Social Media Security
byHem Pokhrel
 
34088.Chapter-2.pptx
byNAVEEN128672
 
cyber security module 2 ppt of first year
byMayuraD1
 
Cyberspace and the Law & Cyber Forensics
bySrinivas Kanakala
 
CS 1.ppt
byJAYANTHKUMARTM
 
Cyber Security , types of cyber secuyrity
byhari701265
 
Module 2_ Cyber offenses & Cybercrimes(Updated).pptx
byplacementstwc
 
Unit-2 ICS.ppt
by20ME1A4607YANAMADALA
 
455845434-Chapter-2-Cyber-Security-pptx.pptx
byDrVPadmavathiAssocia
 
Unit 5_Social Engineering and Cyberstalking.pdf
byKanchanPatil34
 
unit 2. cyber offences_how criminals plan them.ppt
byDimple Relekar
 
Cyber Security notes on security on safety.pdf
bySantoshChinchali1
 
Ethical hacking
byMd Mudassir
 
Introduction.pptx
byssusere71a07
 
Cyberstalking CyberstalkingCyberstalking
byhannahroseline2
 
Unit 1
byJigarthacker
 
Cyber crime social media &; family
byDr.Keshav Sathaye
 

More from Jigarthacker

PPSX
Unit 2
byJigarthacker
 
PPTX
C programming
byJigarthacker
 
PDF
Basic object oriented approach
byJigarthacker
 
PPSX
Computer networks
byJigarthacker
 
PPSX
Unit 1(sem-iv)
byJigarthacker
 
PPTX
Java session2
byJigarthacker
 
PPSX
Java session3
byJigarthacker
 
PPSX
File mangement
byJigarthacker
 
PPSX
Java session4
byJigarthacker
 
PPTX
Java session13
byJigarthacker
 
PPSX
Java session5
byJigarthacker
 
PPTX
Java session14
byJigarthacker
 
Unit 2
byJigarthacker
 
C programming
byJigarthacker
 
Basic object oriented approach
byJigarthacker
 
Computer networks
byJigarthacker
 
Unit 1(sem-iv)
byJigarthacker
 
Java session2
byJigarthacker
 
Java session3
byJigarthacker
 
File mangement
byJigarthacker
 
Java session4
byJigarthacker
 
Java session13
byJigarthacker
 
Java session5
byJigarthacker
 
Java session14
byJigarthacker
 

Recently uploaded

PPTX
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
PPTX
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
PDF
Analyzing the data of your initial survey
byThelma Villaflores
 
PDF
Most Imp Chapters & Weightage for Boards 2025.pdf
byTamannaSagar
 
PDF
The voice of the rain poem class 11th.pdf
byReeta Baral
 
PPTX
3 G8_Q3_L3_ (Cartoon as Representation in Opinion Editorial Article).pptx
byNorafeSahagun
 
PPTX
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 
PDF
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
PPTX
PURPOSIVE SAMPLING IN EDUCATIONAL RESEARCH RACHITHRA RK.pptx
byssuser047b711
 
PDF
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
PDF
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
PDF
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
PPTX
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
PDF
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 
PPTX
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
PPTX
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
PDF
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
PDF
Types of eggs and Egg membranes (Developmental Zoology)
bySudhandraKarthi
 
PDF
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
PPTX
Partial Correlation - Values of r₁₂.₃, r₂₃.₁ & r₁₃.₂ r₁₂, r₁₃ and r₂₃
bySundar B N
 
4 G8_Q3_L4 (Evaluating opinion editorials for textual evidence and quality).pptx
byNorafeSahagun
 
TAMIS & TEMS - HOW, WHY and THE STEPS IN PROCTOLOGY
byJohn Thanakumar
 
Analyzing the data of your initial survey
byThelma Villaflores
 
Most Imp Chapters & Weightage for Boards 2025.pdf
byTamannaSagar
 
The voice of the rain poem class 11th.pdf
byReeta Baral
 
3 G8_Q3_L3_ (Cartoon as Representation in Opinion Editorial Article).pptx
byNorafeSahagun
 
ATTENTION -PART 2.pptx Shilpa Hotakar for I semester BSc students
bySHILPA HOTAKAR
 
Risk management in Moroccan public hospitals_ a literature review
byMan_Ebook
 
PURPOSIVE SAMPLING IN EDUCATIONAL RESEARCH RACHITHRA RK.pptx
byssuser047b711
 
Cultivating Greatness Pune's Best Preschools and Schools.pdf
byWellington College
 
IMANI Africa files RTI request seeking full disclosure on 2026 SIM registrati...
bynservice241
 
M.Sc. Nonchordates Complete Syllabus PPT | All Important Topics Covered
byKNIPSS SULTANPUR
 
The Cell & Cell Cycle-detailed structure and function of organelles.pptx
byAshish Umale
 
Blood Group Incompatibility: Rh Factor and Erythroblastosis Fetalis
bySudhandraKarthi
 
Access partner report in Odoo 18.2 _ Odoo 19
byCeline George
 
Steve Hale - Developing Elite Young Goalkeepers 2024.pptx
bypjmfd
 
Scalable-MADDPG-Based Cooperative Target Invasion for a Multi-USV System.pdf
byMan_Ebook
 
Types of eggs and Egg membranes (Developmental Zoology)
bySudhandraKarthi
 
Using Charts and Tables in Presenting Data
byThelma Villaflores
 
Partial Correlation - Values of r₁₂.₃, r₂₃.₁ & r₁₃.₂ r₁₂, r₁₃ and r₂₃
bySundar B N
 

Unit 2

  • 1.
    BCA602 – CYBERCRIMEAND CYBERSECURITY Presented By:- Jigar Jobanputra SRK INSTITUTE OF MANAGEMENT AND COMPUTER EDUCATION
  • 2.
    How Criminal Planoffenses  Cybercriminal use the internet for illegal activities to store data, contacts, account information, etc.  People who commit cybercrimes are known as “Crackers”.
  • 3.
    Hackers, Crackers andPhreakers  A hacker is a person with strong interest in computers who enjoys learning and experimenting with them. Hackers are usually very talented, smart people who understand computers better than others.
  • 4.
    Brute force hacking It is a technique used to find passwords or encryption keys. Brute force hacking involves trying every possible combination of letters, numbers, etc until the code is broken.
  • 5.
    Cracker  A crackeris a person who breaks into computers. Crackers should not be confused with hackers. The term cracker is usually connected to computer criminals.
  • 6.
    Cracking  It isthe act of breaking into computers. Cracking is popular, growing subject on the internet. Many sites are devoted to supplying crackers with programs that allow them to crack computers.
  • 7.
    Phreaking  This isthe notorious art of breaking into communication system. Phreaking sites are popular among crackers and other criminals.
  • 8.
    How Criminals planthe attacks  Criminals use many methods and tools to locate weakness(vulnerability) of their target.  Criminals plan passive and active attacks.  Active attacks are usually used to alter the system whereas passive attacks attempt to gain information about the target.  In addition to the active and passive categories, attacks can be categorized as either inside or outside.
  • 9.
    Inside Attack  Anattack originating and/or attempted within the security perimeter of an organization is an inside attack.  It is usually attempted by an “insider” who gains access to more resources than expected.
  • 10.
    Outside Attack  Anoutside attack is attempted by a source outside the security perimeter.  It may be attempted by an insider and/or an outsider.  It is attempted through the Internet or a remote access connection.
  • 11.
    Phases involved inplanning cybercrime 1. Reconnaissance (information gathering) is the first phase and is treated as passive attacks. 2. Scanning the gathered information for the validity of the information as well as to identify the existing weakness. 3. Launching an attack.
  • 12.
    Phase 1  Themeaning of Reconnaissance is an act of reconnoitering – explore, often with the goal of finding something or somebody.  Reconnaissance phase begins with “Footprinting”.  Footprinting is the preparation toward preattack phase.
  • 13.
    Continue…  Footprinting givesan overview about system weakness and provides a judgment about “How to break this?”.  The objective of this phase is to understand the system, its networking ports and services, and any other aspects of its security.
  • 14.
     Passive Attack:  In computer security, attempt to steal information stored in a system by electronic wiretapping or similar means. Although, in contrast to active attack, passive attack does not attempt to interfere with the stored data, it may still constitute a criminal offense.
  • 15.
     A passiveattack involves gathering information about a target without his/her knowledge. Information can be gathered from :  It is usually done using Internet searches or by Googling. They use Google Earth to locate information about employees.  Surfing online community groups like orkut/facebook will prove useful to gain the information about an individual.
  • 16.
    Continue…  Organization’s websitemay provide a personnel directory or information about key employees.  Bolgs, newgroups, press releases, etc. are generally used as the mediums to gain information about the company or employee.  Going through the job postings in particular job profiles for technical persons.  Network sniffing is another means of passive attack to yield useful information such as IP, hidden servers or networks.
  • 17.
    Tools used forPassive Attack  Google Earth  WHOIS  Nslookup (name server lookup)  Dnsstuff  eMailTrackerPro  Website Watcher
  • 18.
     Active Attack Incomputer security, persistent attempt to introduce invalid data into a system, and/or to damage or destroy data already stored in it. In many countries, it is a criminal offense to attempt any such action.
  • 19.
    Port Scanning  Aport is place where information goes into and out of a computer.  Ports are entry/exit points that any computer has, to be able to communicate with external machines.  Each computer is enabled with three or more external ports.  Port scanning is an act of systematically scanning a computer’s ports.
  • 20.
    Phase – 2: Scanning and Scrutinizing gathered information  Scanning is a key step to examine intelligently while gathering information about the target. The objectives of scanning are as follows :  Port Scanning :  Identify open/close ports and services.  Network scanning :  Understand IP addresses and related information about the computer network system.  Vulnerability scanning :  Understand the existing weaknesses in the system.
  • 21.
     The scrutinizing(inspecting) phase is called “enumeration” (listing) in the hacking world.  The objective behind this step is to identify :  The valid user accounts or groups;  Network resources and/or shared resources;  OS and different applications that are running on the OS.  Note : Usually most of the attackers consume 90% of the time in scanning, scrutinizing and gathering information on a target and 10% of the time in launching the attack.
  • 22.
    Phase 3 :Attack  The attack is launched using the following steps :  Crack the password;  Exploit the privileges;  Execute the malicious command/applications;  Hide the files (if required);  Cover the tracks – delete the access logs, so that there is no trail illicit activity.
  • 23.
    Social Engineering  Socialengineering is the “technique to influence” people to obtain the information.  It is generally observed that people are the weak link in security and this principle makes social engineering possible.  Social engineering involves gaining sensitive information or unauthorized access privileges by building inappropriate trust relationships with insiders.
  • 24.
    Classification of SocialEngineering  Human Based Social Engineering  Computer Based Social Engineering
  • 25.
    Human Based SocialEngineering  Human based social engineering refers to person-to-person interaction to get information.  Impersonating an employee or valid user  Posing as an important user  Using a third person  Calling technical support  Shoulder surfing  Dumpster diving
  • 26.
    Computer Based SocialEngineering  Computer based social engineering refers to an attempt made to get the required information by using computer software/internet.  Fake E-mail  E-mail attachments  Pop-up windows
  • 27.
    Cyberstalking  Stalking isan “act or process of following victim silently – trying to approach somebody or something”  Cyberstalking has been defined as the use of information and communications technology of individuals to harass another individual.
  • 28.
    Types of Stalkers There are primarily two types of stalkers.  Online stalkers  Offline stalkers  Online stalkers :  They aim to start the interaction with the victim directly with the help of the internet (email/Chat Room).  The stalker makes sure that the victim recognizes the attack attempted on him/her.  The stalker can make use of a third party to harass the victim.
  • 29.
     Offline stalkers:  The stalker may begin the attack using traditional methods such as following victim, watching the daily routine of the victim, etc.  For ex. Use of community sites, newsgroups, social websites, personal websites.  The victim is not aware that the Internet has been used to achieve an attack against them.
  • 30.
    Cases reported onCyberstalking  The majority of cyberstalking are men and the majority of their victims are women.  In many cases, the cyberstalker is ex-lover, ex- spouse, boss/subordinate, and neighbor.  There also have been cases about strangers who are cyberstalkers.
  • 31.
    How Stalking works? Personal information gathering about the victim;  Establish a contact with victim through telephone/cell phone. Once the contact is established, the stalker may make calls to the victim to harass.  Stalkers always establish a contact with victim through e-mail.
  • 32.
     The stalkermay post the victim’s personal information as sex workers’ service or dating service. The stalker will use bad/attractive language to invite the interested persons.  Whosoever comes across the information, starts calling victim and asking for sexual services or relationship.  Some stalkers subscribe the e-mail account of the victim to innumerable pornographic and sex sites.
  • 33.
    Real Life Example The indian police have registered first case of cyberstalking in Delhi.  Mrs. Joshi received almost 40 calls in 3 days mostly at odd hours.  Mrs. Joshi decided to register a complaint with Delhi police.  A person was using her ID to chat over the Internet at the website www.mirc.com.
  • 34.
    Cybercafe and Cybercrimes In February 2009 survey, 90% of the audience across eight cities and 3500 cafes were male and in the age group of 15-35 years;  52% were graduates and postgraduates  Almost 50% were students.  In India, cybercafes are known to be used for either real or false terrorist communication.
  • 35.
     Cybercafe holdtwo types of risks : 1. We do not know what programs are installed on the computer like keyloggers or spyware. 2. Over the shoulder peeping can enable others to find out your passwords.  Cybercriminals prefer cybercafes to carry out their activities.  A recent survey conducted in one of the metropolitan cities in India reveals the following facts :
  • 36.
    1. Pirated softwaresare installed in all the computers. 2. Antivirus was not updated with latest patch. 3. Several cybercafes has installed “Deep Freeze” to protect computer which helps cybercriminals. 4. Annual Maintenance Contract (AMC) was not found for servicing of the computer. 5. Pornographical websites were not blocked.
  • 37.
    6. Cybercafe ownerhave very less awareness about IT security. 7. Cybercafe association or State Police do not seem to conduct periodic visits to cybercafe.
  • 38.
    Security tips forcybercafe  Always Logout  While checking email or logging in for chatting, always click logout/sign out.  Stay with the computer  While surfing, don’t leave the system unatteneded for any period of time.  Clear history and temporary files  Before browsing deselect AutoComplete option. Browser - > Tools -> Internet options -> Content tab.  Tools -> Internet Option -> General Tab -> Temporary Internet Files -> Delete files and then Delete Cookies.
  • 39.
     Be alert One have to be alert for snooping over the shoulder.  Avoid online financial transactions  One should avoid online banking, shopping, etc.  Don’t provide sensitive information such as credit card number or bank account details.  Change Passwords / Virtual Keyboard  Change password after completion of transaction.  Almost every bank websites provide virtual keyboard.  Security Warnings  Follow security warning while accessing any bank websites.
  • 40.
     The meaningof botnet is “an automated program for doing some particular task, over a network”.  Botnet term is used for collection of software that run autonomously and automatically.  Botnets are exploited for various purposes, including denial-of-service attacks, creation or misuse of SMTP mail relays for spam, click fraud, and financial information such as credit card numbers. Botnet
  • 41.
     In short,a botnet is a network of computers infected with a malicious program that allows cybercriminals to control the infected machines remotely without the users’ knowledge.  A Botnet is also called a zombie network.
  • 43.
     A botnetoperator sends out viruses or worms, infecting ordinary users' computers, whose payload is a malicious application—the bot.  The bot on the infected PC logs into a particular C&C server (often an IRC server, but, in some cases a web server). How a botnet is created and used
  • 44.
     A spammerpurchases the services of the botnet from the operator.  The spammer provides the spam messages to the operator, who instructs the compromised machines via the IRC server, causing them to send out spam messages.
  • 45.
    Use of Botnet If someone wants to start a business and has no programming skills, there are plenty of “Bot for Sale” offers on forums.  Encryption of these program’s code can also be ordered to protect them from detection by antivirus.
  • 46.
    Botnet creation Botnet renting Ddos attacks Spamattacks Malware and Adware installation Botnet selling Stealing confidential information Selling credit card and bank account details Selling personal identity information Selling internet services and shops account Phishing attacks Spamdexing
  • 47.
    Points to securethe system :  Use antivirus and anti-Spyware software and keep it up-to-date.  Set the OS to download and install security patches automatically.  Use a firewall to protect the system from hacking attacks while it is connected on the internet.  Disconnected from the internet when you are away from your computer.
  • 48.
     Downloading thefreeware only from websites that are known and trustworthy.  Check regularly the folders in the mail box for those messages you did not send.  Take an immediate action if your system is infected.
  • 49.
    Attack Vector  Anattack vector is a path by which an attacker can gain access to a computer or to a network server to deliver a payload.  Attack vectors enable attackers to exploit system vulnerability.  Attack vectors include viruses, e-mail attachments, webpages, pop-up windows, instant messages, and chat rooms.
  • 50.
     The mostcommon malicious payloads are viruses, trojan horses, worms and spyware.  Payload means the malicious activity that the attack performs.  How attack launched ?  Attack by e-mail  Attachment  Attack by deception  Hackers  Heedless guests  Attack of worms  Malicious macros  Virues
  • 51.
    Cybercrime and CloudComputing  Prime area of the risk in cloud computing is protection of user data.  Risk associated with cloud computing environment are :
  • 52.
    Risk How toRemediate the Risk? Any data processed outside the organization brings with it an inherent level of risk. Customer should obtain as much information as he/she can about the service provider. Cloud computing service providers are not able and/or not willing to undergo external assessments. The organization is entirely responsible for the security and integrity of their own data, even when it is held by a service provider. The organizations that are obtaining cloud computing services may not be aware about where the data is hosted and may not even know in which country it is hosted. Organization should ensure that the service provider is committed to obey local privacy requirements on behalf of the organization to store and process the data in the specific jurisdictions.
  • 53.
    As the datawill be stored under stored environment, encryption mechanism should be strong enough to segregate (separate) the data from another organization, whose data are also stored under the same server. Organization should be aware of the arrangements made by the service provider about segregation of the data. The service provider should display encryption schemes. Business continuity in case of any disaster. Service provider have to provide complete restoration of data within minimum timeframe.
  • 54.
    Due to complexIT environment and several customer logging in and logging out of the hosts, it becomes difficult to trace inappropriate and illegal activity. Organization should enforce the provider to provide security violation logs at frequent intervals. In case of any major change in the cloud computing service provider, the service provided is at the stake. Organization should ensure getting their data in case of such major event.
  • 55.
    Questions  Explain differencebetween passive and active attack.  What is social engineering? Explain each type of social engineering in detail.  What is cyberstalking?  What is botnet? How it works? • OR  How do viruses get disseminated? Explain with diagram.
  • 56.
     What isAttack Vector? How different attacks launched with attack vector.  What is cloud computing? List and explain type of services of cloud computing?  What is cloud computing? Explain types of cloud and also list the advantages of cloud computing.  Explain cloud computing and cybercrime.