21CS72

Cyber Security-UNIT-1
Portions: Introduction and Overview of Cyber Crime, Nature
and Scope of Cyber Crime, Definition, Categories of Cyber
Crime, Preview, classification of Cyber Crime, Social
Engineering, Property Cyber Crime. Cybercrime-Indian
perspective/the Indian ITA 2000, Cyber Offenses: How
criminals plan then.
Text Book
Sunit Belapure and Nina Godbole,
“Cyber Security: Understanding Cyber
Crimes, Computer Forensics And Legal
Perspectives”, Wiley India Pvt Ltd, ISBN:
978-81- 265-21791, Publish Date 2013.

2
 Introduction & Overview
• Internet has opened a new way of exploitation known as cybercrime.
• The activities involve the use of computers, internet , cyberspace and world
wide web.
• First known cybercrime was in 1820 in France. All over the world & India
also there were many cybercrimes found. Indian corporate & govt. sites
were attacked/defaced > 780 times between Feb.2000 & [Link] 2009
Dec. it is found total of 3286 Indian websites were hacked in 5 months (Jan
– June).
• While most cybercriminals use cybercrimes to generate a profit, some
cybercrimes are carried out against computers or devices to directly
damage or disable them.
3
 1.1 Introduction to Cybercrime
• Figure below is based on a 2008 survey in Australia, shows the
cybercrime trend.

12/22/2024 [Link] AM 4
 1.1 Introduction to Cybercrime

12/22/2024 [Link] AM [Link] 5

 1.1 Introduction to Cybercrime
• Figure below shows number of cyber crimes reported across India from
2012 to 2021

[Link]
12/22/2024 [Link] AM 6
 Scope of cybercrime
The scope of cybercrime is broad and encompasses a wide range of illegal activities conducted through digital means.
1. Hacking and Unauthorized Access:
• Unauthorized access to computers, networks, and data.
• Exploiting vulnerabilities to gain control of systems.
2. Malware and Ransomware:
• Distribution of malicious software (malware) to damage or disrupt systems.
• Ransomware attacks that encrypt data and demand payment for its release.
3. Phishing and Social Engineering:
• Deceptive tactics to trick individuals into providing sensitive information.
• Fake emails, websites, or messages designed to steal personal data.
4. Identity Theft and Fraud:
• Stealing personal information to commit fraud or other crimes.
• Using stolen identities to open accounts, make purchases, or conduct illegal activities.
5. Financial Crimes:
• Online banking fraud, credit card fraud, and other financial scams.
• Money laundering using digital currencies.
6. Cyber Espionage:
• Spying on organizations or governments to steal sensitive information.
• Conducting cyber attacks to gather intelligence.
7. Intellectual Property Theft:
7
• Stealing trade secrets, copyrights, patents, and other intellectual property.
Scope of cybercrime (contd..)
8. Cyberstalking and Harassment:
○ Using digital means to stalk, harass, or intimidate individuals.
○ Online bullying, threats, and defamatory campaigns.
9. Data Breaches:
○ Unauthorized access to sensitive data, often involving large databases.
○ Exposing personal information of individuals or proprietary information of organizations.
[Link]:
○ Attacks on critical infrastructure such as power grids, water supply, and transportation systems.
○ Use of digital means to create fear, disrupt society, or cause harm.
[Link]:
○ Unauthorized use of someone else's computer to mine cryptocurrencies.
○ Often involves infecting computers with malware that performs the mining.
[Link] Web Activities:
○ Illegal marketplaces and forums on the dark web.
○ Sale of drugs, weapons, stolen data, and other contraband.
[Link]:
○ Networks of infected computers controlled remotely to conduct attacks.
○ Distributed Denial of Service (DDoS) attacks and spamming operations.
[Link] Child Exploitation:
○ Distribution and possession of child pornography.
○ Grooming and exploiting children through digital means.
8
 Nature of Cybercrime
• Cyberspace misuse : Cyberspace is the internet & other computer networks. Misuse of these for unlawful
purpose is a cybercrime.
• Cyberpunk : hackers/crackers with punk attitudes committing cybercrime.
• Cyberwarefare: This is the act of information warriors unleashing attacks against unsuspecting computer
networks, creating havoc and paralyzing nations.
• Cybersquatting: (or domain squatting) It is the act of registering, trafficking in, selling, or using an Internet
domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else.
• Cyberterrorism: (Barry Collin in 1997) It is premediated use of disruptive activities or the threat against
computers & networks, with the intention to cause harm or further social, ideological, religious , political or
similar objectives or to intimidate persons.
• Cracking: gaining unauthorized access to computer systems to commit a crime, such as digging into the History
and Types of Cybercrime code to make a copy-protected program run without a password or a valid license
string, flooding Internet sites and thus denying service to legitimate users, erasing information, corrupting
information, and deliberately defacing Web sites
• Piracy: copying protected software without authorization
• Phreaking: obtaining free telephone calls or having calls charged to a different account by using a computer or
another device to manipulate a phone system
• Cyberstalking: harassing and terrorizing selected human and institutional targets using the computer, causing
them to fear injury or harm
9
• Cyberpornography: producing and/or distributing pornography using a computer
 Cybercrime definition
1) It is a crime conducted in which a computer was directly and significantly
instrumental, and is related to technology, computers, and the Internet.
2) It is a crime committed using computer and the internet to steal a
person’s identity, or sell contraband, or stalk victims or disrupt operations
with malevolent programs, with mainly two types of attacks.
• Techno-crime: A premediated act against system/s with intent to
copy, steal, prevent access, corrupt or otherwise deface or damage
parts of or the complete computer system.
• Techno-vandalism: These acts of "brainless" defacement of
websites and/or other activities, such as copying files and
publicizing their contents publicly, are usually opportunistic in
nature. Tight internal security, allied to strong technical safeguards,
should prevent the vast majority of such incidents.
10
 Categories of cyber crime
There are 2 ways:
• The computer as a target: Using a computer to attack other
computer
Eg: Hacking, virus/worms, attacks, dos attack
• The computer as a weapon: using a computer to commit real
world crime
Example: cyber terrorism, credit card fraud and pornography
etc..
11
Safety tips to protect from cybercrime
• Use antivirus software
• Inset Firewalls
• Uninstall unnecessary software
• Maintain Backup
• Check security settings

12
What is Cybersecurity?
• Lack of information security gives rise to cybercrimes
• “Cybersecurity” means protecting information, equipment,
devices, computer, computer resource, communication device and
information stored therein from unauthorized access, use,
disclosure, disruption, modification or destruction. (Indian
Information Technology Act (ITA-2008))
• The term incorporates both the physical security of devices as
well as the information stored therein.
• It covers protection from unauthorized access, use, disclosure,
disruption, modification and destruction.
13
 Advantages of cyber security
• Protection of Sensitive Data • Enhanced Collaboration
• Business Continuity • Remote Work Security
• Compliance with Regulations • Improved Cyber Posture
• Enhanced Customer Trust • Removing Unwanted Programs
• Competitive Benefit • Denying Unwanted Access
• Early Detection and Response • Helps Educate the Workforce
• Intellectual Property Protection • Easy Data Recovery
• Reputation Protection

14
15
One of Cybercrimes

16
17
18
Who are Cybercriminals?

• Cybercrime involves such activities as

• child pornography;
• credit card fraud;
• cyberstalking;
• defaming another online;
• gaining unauthorized access to computer systems;
• ignoring copyright, software licensing and trademark protection;
• overriding encryption to make illegal copies;
• software piracy and stealing another’s identity (known as identity theft) to
perform criminal acts
• Cybercriminals are those who conduct such acts.

12/22/2024 [Link] AM 19
Who are cyber criminals - a categorization
Type I : Cybercriminals hungry for recognition - hobby hackers, IT
professionals using social engineering, politically motivated hackers,
terrorist organizations.
Type II: Cybercriminals not interested in recognition
psychological perverts, financially motivated hackers (corporate
espionage), state sponsored hacking (national espionage , sabotage) ,
organized criminals
Type III : Cybercriminals insiders
Disgruntled or former employees seeking revenge, competing
companies using employees to gain economic advantage through
damage / theft.
20
 Who are Cybercriminals?

Motives for cybercrimes

• Revenge/settling scores
• Greed/money
• Extortion
• Cause disrepute
• Prank/satisfaction of gaining control
• Fraud/illegal gain
• Eve teasing/harassment
• others

12/22/2024 [Link] AM 21
cybercrime classification A scheme for is given in table 1.6 below.

22
Classification of Cybercrimes

[Link] against individual

[Link] against Property
[Link] against organization
[Link] against Society
[Link] emanating from UseNet newsgroup

23
 1. Cybercrime against Individual
• E-Mail Spoofing, spamming and other online frauds: Email spoofing is a
threat that involves sending email messages with a fake sender address.
• Phishing, Spear Phishing and its various other forms such as Vishing and
smishing
• Cyberdefamation: the act of making false statements about someone on
the internet that harm their reputation.
• Cyberstalking and harassment: a crime to harass or stalk online.
• Computer sabotage: input, alteration, erasure or suppression of computer
data or computer programmes, or interference with computer systems
• Pornographic offenses : transmission & distribution of pornographic
content
• Password sniffing: This also belongs to the category of cybercrimes
against organization because the use of password could be by an
individual for his/her personal work or the work he/she is doing using a
computer that belongs to an organization
24
25
3. Cyber crime against organization
1. Unauthorized accessing of computer: Hacking is one method of doing
this and hacking is a punishable offense
2. Password sniffing:
3. Denial-of-service attacks (known as DoS attacks):.
4. Virus attack/dissemination of viruses:
5. E-Mail bombing/mail bombs:
6. Salami attack/Salami technique:
7. Logic bomb: (Computer Sabotage).
8. Trojan Horse:
9. Data diddling:
[Link] emanating from Usenet newsgroup:
[Link] spying/industrial espionage:
[Link] network intrusions:
[Link] piracy
26
Recently the site of MIT (Ministry of Information Technology) was hacked by the
Pakistani hackers and some obscene matter was placed therein. Further the
site of Bombay crime branch was also web jacked
27
5. Crimes emanating from Usenet newsgroup

By its very nature, Usenet groups may carry very offensive,

harmful, inaccurate or otherwise inappropriate material, or
in some cases, postings that have been mis- labeled or are
deceptive in another way. Therefore, it is expected that you
will use caution and common sense and exercise proper
judgment when using Usenet, as well as use the service at
your own risk.
28
Email Spoofing
A spoofed E-Mail is one that appears to originate from
one source but actually has been sent from another
source.
For example, let us say, Roopa has an E-Mail address
roopa@[Link]. Let us say her friend Suresh
becomes her enemy, spoofs her E-Mail and sends
obscene/vulgar messages to all her acquaintances.
Since the E-Mails appear to have originated from Roopa,
her friends could take offense and relationships could be
spoiled for life.
29
 Spamming

People who create electronic Spam are called spammers.

Spam is the abuse of electronic messaging systems (including most broadcast media, digital
delivery systems) to send unsolicited bulk messages indiscriminately. Although the most
widely recognized form of Spam is E-Mail Spam, the term is applied to similar abuses in other
media: instant messaging Spam, Usenet newsgroup Spam, web search engine Spam, Spam
in blogs, wiki Spam, online classified ads Spam, mobile phone messaging Spam, Internet
forum Spam, junk fax transmissions, social networking Spam, file sharing network Spam,
video sharing sites, etc.
Spamming is difficult to control because
it has economic viability - advertisers have no operating costs beyond the management of
their mailing lists, and it is difficult to hold senders accountable for their mass mailings.
Spammers are numerous; the volume of unsolicited mail has become very high because the
barrier to entry is low.
The costs, such as lost productivity and fraud, are borne by the public and by Internet
service providers (ISPs), who are forced to add extra capacity to cope with the deluge.
30
Cyber defamation
Cyber defamation is a cognizable offense.
Whoever, by words either spoken or intended to be read, or by signs or by
visible representations, makes or publishes any imputation concerning any
person intending to harm, or knowing or having reason to believe that
such imputation will harm, the reputation of such person, is said, except in
the cases hereinafter expected, to defame that person.
Cyberdefamation happens when the above takes place in an electronic
form. In other words, "cyberdefamation" occurs when defamation takes
place with the help of computers and/or the Internet, for example,
someone publishes defamatory matter about someone on a website or
sends an E-Mail containing defamatory information to all friends of that
person.
31
Cyber defamation ..
According to the IPC section 499:
1. It may amount to defamation to impute anything to a deceased person, if the
imputation would harm the reputation of that person if living, and is intended to
be hurtful to the feelings of his family or other near relatives.
2. It may amount to defamation to make an imputation concerning a company or an
association or collection of persons as such.
3. An imputation in the form of an alternative or expressed ironically, may amount to
defamation.
4. No imputation is said to harm a person’s reputation unless that imputation directly
or indirectly, in the estimation of others, lowers the moral or intellectual character
of that person, or lowers the character of that person in respect of his caste or of
his calling, or lowers the credit of that person, or causes it to be believed that the
body of that person is in a loathsome state or in a state generally considered as
disgraceful.
32
 Classifications of Cybercrimes - Internet Time Theft

Internet Time Theft

• Such a theft occurs when an unauthorized person uses the Internet
hours paid for by another person.
• Basically, Internet time theft comes under hacking because the person
who gets access to someone else’s ISP user ID and password, either
by hacking or by gaining access to it by illegal means, uses it to access
the Internet without the other person’s knowledge.
• However, one can identify time theft if the Internet time has to be
recharged often, even when one’s own use of the Internet is not
frequent. (related to the crimes conducted through “identity theft.”)

12/22/2024 [Link] AM 33
 Classifications of Cybercrimes - Salami Attack

Salami Attack/Salami Technique

• These attacks are used for committing financial crimes. The idea here
is to make the alteration so insignificant that in a single case it would
go completely unnoticed

Example:
A bank employee inserts a program, into the bank’s servers, that deducts
a small amount of money (say ` 2/- or a few cents in a month) from the
account of every customer. No account holder will probably notice this
unauthorized debit, but the bank employee will make a sizable amount
every month.

12/22/2024 [Link] AM 34
• A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to
its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that
triggers a crash
• A malware attack is where a computer system or network is infected with a computer virus or other type of
malware
• A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your
computer. A Trojan is designed to damage, disrupt, steal, or in general inflict some other harmful action on your
data or network. The victim receives an official-looking email with an attachment. The attachment contains
malicious code that is executed as soon as the victim clicks on the attachment.
• A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function
when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files
(such as a salary database trigger), should they ever be terminated from the company.
• An email bomb is an attack against an email inbox or server designed to overwhelm an
inbox or inhibit the server’s normal function, rendering it unresponsive, preventing
email communications, degrading network performance, or causing downtime.
• A salami attack is a series of smaller attacks that together result in a large-scale attack. For example, slicing
fractions of cents from each transaction wouldn't show in calculations because of rounding up sums, but after
billions of transactions, you can steal a considerable amount
• Data diddling is an illegal or unauthorized data alteration. Changing data before or as it is input into a computer or
output. Example: Account executives can change the employee time sheet information of employees before
entering to the HR payroll application

35
 1.4 Classifications of Cybercrimes - Data Diddling

Data diddling attack

• Involves altering raw data just before it is processed by a computer
and then changing it back after the processing is completed.
• Electricity boards in India have been victims to data diddling programs
inserted when private parties computerize their systems.
Forgery
• Counterfeit currency notes, postage and revenue stamps, marksheets,
etc. can be forged using sophisticated computers, printers and
scanners.
• Outside many colleges there are miscreants soliciting the sale of fake
marksheets or even degree certificates. These are made using
computers and high-quality scanners and printers.
12/22/2024 [Link] AM 36
 1.4 Classifications of Cybercrimes
Web Jacking
• Web jacking occurs when someone forcefully takes control of a website (by
cracking the password and later changing it).
• Thus, the first stage of this crime involves “password sniffing.”
• The actual owner of the website does not have any more control over what
appears on that website.

Newsgroup Spam/Crimes Emanating from Usenet Newsgroup

• The advent of Google Groups, and its large Usenet archive, has made Usenet
more attractive to spammers than ever.
• The first widely recognized Usenet Spam titled Global Alert for All: Jesus is
Coming Soon was posted on 18 January 1994 by Clarence L. Thomas IV, a sys
admin at Andrews University.
12/22/2024 [Link] AM 37
 1.4 Classifications of Cybercrimes
• Industrial Spying/Industrial Espionage
• Spies can get information about product finances, research and
development and marketing strategies , an activity known as “industrial
spying”.
• Highly skilled hackers are contracted by high-profile companies or
certain governments to carryout spying
• With the growing public availability of Trojans and Spyware material
even a low-skilled one can generate high volume profit out of industrial
spying. This is referred to as “Targeted Attacks”

12/22/2024 [Link] AM 38
 1.4 Classifications of Cybercrimes
• Industrial Spying/Industrial Espionage

• There are also the E-Mail worms automating similar “data exfiltration
features”.
• E-Mail worms can scan the hard drive of infected machines for all files
with the following extensions: .. Such files are uploaded on an FTP
server owned by the cybercrooks, with the
pdf, .doc, .dwg, .sch, .pcb, .dwt, .dwf, .max, .mdbaim of stealing as
much IP as possible wherever it can be and then selling it to people who
are ready to pay for it.
• Organizations subject to online extortion tend to keep quiet about it to
avoid negative publicity about them.

12/22/2024 [Link] AM 39
 1.4 Classifications of Cybercrimes
Hacking
Purposes
• Greed
• Power
• Publicity
• Revenge
• Adventure
• Desire to access forbidden information
• Destructive mindset
• Every act committed toward breaking into a computer and/or
network is hacking and it is an offense. Those who break into
computer systems are called crackers and those targeting phones are
phreaks.
12/22/2024 [Link] AM 40
 1.4 Classifications of Cybercrimes
Hacking (Cont…)
• Hackers write or use ready-made computer programs to attack the target
computer.
• They possess the desire to destruct, and they get enjoyment out of such
destruction.
• Some hackers hack for personal monetary gains, such as stealing credit card
information, transferring money from various bank accounts to their own account
followed by withdrawal of money.
• They extort money from some corporate giant threatening him to publish the
stolen information that is critical in nature.
• Government websites are hot on hackers’ target lists and attacks on Government
websites receive wide press coverage. (For example, according to the story posted
on December 2009, the NASA site was hacked via SQL Injection)

12/22/2024 [Link] AM 41
 1.4 Classifications of Cybercrimes
Online frauds
• There are a few major types of crimes under the category of
hacking: Spoofing website and E-Mail security alerts, hoax mails
about virus threats, lottery frauds and Spoofing
• In Spoofing websites and E-Mail security threats, fraudsters create
authentic looking websites that are actually nothing but a spoof
• The purpose of these websites is to make the user enter personal
information which is then used to access business and bank
accounts.
• Fraudsters are increasingly turning to E-Mail to generate traffic to
these websites. This kind of online fraud is common in banking
and financial sector.

12/22/2024 [Link] AM 42
 1.4 Classifications of Cybercrimes
Online frauds (Cont…)
• In virus hoax E-Mails, the warnings may be genuine, so there is always a dilemma
whether to take them lightly or seriously.

• A wise action is to first confirm by visiting an antivirus site such as McAfee, Sophos
or Symantec before taking any action, such as forwarding them to friends and
colleagues.

• Lottery frauds are typically letters or E-Mails that inform the recipient that he/she
has won a prize in a lottery. To get the money, the recipient has to reply, after which
another mail is received asking for bank details so that the money can be directly
transferred.

• The E-Mail also asks for a processing fee/handling fee. Of course, the money is
never transferred in this case; the processing fee is swindled, and the banking
details are used for other frauds and scams.

12/22/2024 [Link] AM 43
 1.4 Classifications of Cybercrimes
Online frauds (Cont…)
• “Spoofing” means illegal intrusion, posing as a genuine user. A hacker logs-in
to a computer illegally, using a different identity than his own.

• He is able to do this by having previously obtained the actual password.

• He creates a new identity by fooling the computer into thinking that the
hacker is the genuine system operator and then hacker then takes control of
the system.

• He can commit innumerable number of frauds using this false identity.

12/22/2024 [Link] AM 44
 1.4 Classifications of Cybercrimes
Pornographic Offenses
• “Child pornography” means any visual depiction, including but not limited to the
following:

1. Any photograph that can be considered obscene and/or unsuitable for the
age of child viewer;

2. film, video, picture;

3. computer-generated image or picture of sexually explicit conduct where the

production of such visual depiction involves the use of a minor engaging in
sexually explicit conduct.

12/22/2024 [Link] AM 45
 1.4 Classifications of Cybercrimes

Pornographic Offenses (Cont…)

• “Child pornography” is considered an offense.

• The Internet is being highly used by its abusers to reach and abuse children sexually,
worldwide. Its explosion has made the children a viable victim to the cybercrime.

• As the broad-band connections get into the reach of more and more homes, larger
child population will be using the Internet and therefore greater would be the
chances of falling victim to the aggression of pedophiles.

• “Pedophiles” are people who physically or psychologically coerce minors to

engage in sexual activities, which the minors would not consciously consent to.

12/22/2024 [Link] AM 46
 1.4 Classifications of Cybercrimes

Pornographic Offenses (Cont…)

Here is how pedophiles operate:
Step 1: Pedophiles use a false identity to trap the children/teenagers (using “false identity”)

Step 2: They seek children/teens in the kids’ areas on the services, such as the Teens BB,
Games BB or chat areas where the children gather.

Step 3: They befriend children/teens.

Step 4: They extract personal information from the child/teen by winning his/her confidence.

Step 5: Pedophiles get E-Mail address of the child/teen and start making contacts on the
victim’s E-Mail address as well. Sometimes, these E-Mails contain sexually explicit language.

12/22/2024 [Link] AM 47
 1.4 Classifications of Cybercrimes

Pornographic Offenses (Cont…)

Step 6: They start sending pornographic images/text to the victim including
child pornographic images in order to help child/teen shed his/her
inhibitions so that a feeling is created in the mind of the victim that what is
being fed to him is normal and that everybody does it.

Step 7: At the end of it, the pedophiles set up a meeting with the child/teen
out of the house and then drag him/her into the net to further sexually
assault him/her or to use him/her as a sex object.

12/22/2024 [Link] AM 48
 1.4 Classifications of Cybercrimes

Pornographic Offenses (Cont…)

• Parents can follow simple rules to avoid this and accordingly they
advice their children to keep away from dangerous things and ways.

• However, it is possible, even in the modern times most parents may

not know the basics of the Internet and the associated (hidden)
dangers from the services offered over the Internet.

• Hence most children may remain unprotected in the cyberworld.

12/22/2024 [Link] AM 49
 1.4 Classifications of Cybercrimes
Software piracy
• It Is defined as theft of software through the illegal copying of genuine
programs, or the counterfeiting and distribution of products intended to
pass for the original.
• There are many examples of software piracy:
• end-user copying – friends loaning disks to each other, or organizations
under-reporting the number of software installations they have made, or
organizations not tracking their software licenses;
• hard disk loading with illicit means – hard disk vendors load pirated
software;
• counterfeiting – large-scale duplication and distribution of illegally copied
software;
• illegal downloads from the Internet – by intrusion, by cracking serial
numbers, etc.
12/22/2024 [Link] AM 50
 1.4 Classifications of Cybercrimes
Software piracy (Cont…)
• Beware that those who buy pirated software have a lot to lose:
• (a) getting untested software that may have been copied
thousands of times over,
• (b) the software, if pirated, may potentially contain hard-drive-
infecting viruses,
• (c) there is no technical support in the case of software failure,
that is, lack of technical product support available to properly
licensed users,
• (d) there is no warranty protection
• (e) there is no legal right to use the product, etc.

12/22/2024 [Link] AM 51
 1.4 Classifications of Cybercrimes
Software piracy (Cont…)

• Economic impact : According to some Study in Asia Pacific 55% of the

software installed in 2006 on personal computers (PCs) was obtained illegally,
while software losses due to software piracy amounted to US$ 11.6 billion.

• The Study covered software that runs on personal computers, including

desktops, laptops and ultra-portables.

• The study includes operating systems, systems software such as databases

and security packages, business applications and consumer applications such
as PC games, personal finance and reference software.
12/22/2024 [Link] AM 52
 1.4 Classifications of Cybercrimes
Computer sabotage
• The use of the Internet to hinder the normal functioning of a
computer system through the introduction of worms, viruses or logic
bombs. It can be used to gain economic advantage over a competitor,
to promote the illegal activities of terrorists or to steal data or
programs for extortion purposes.
• Logic bombs are event-dependent programs created to do something
only when a certain event occurs.
• Some viruses may be termed as logic bombs because they lie
dormant all through the year and become active only on a particular
date(eg., Chernobyl virus and Y2K viruses).

12/22/2024 [Link] AM 53
 1.4 Classifications of Cybercrimes
E-Mail Bombing/Mail Bombs
• E-Mail bombing refers to sending a large number of E-Mails to the victim
to crash victim’s E-Mail account (in the case of an individual) or to make
victim’s mail servers crash (in the case of a company or an E-Mail service
provider).

• Computer program can be written to instruct a computer to do such tasks

on a repeated basis.
• In recent times, terrorism has hit the Internet in the form of mail
bombings. By instructing a computer to repeatedly send E-Mail to a
specified person’s E-Mail address, the cybercriminal can overwhelm the
recipient’s personal account and potentially shut down entire systems.
• This may or may not be illegal, but it is certainly disruptive.
12/22/2024 [Link] AM 54
 1.4 Classifications of Cybercrimes

Usenet Newsgroup as the source of cybercrimes

• Usenet is a mechanism that allows sharing information in a many-to-
many manner.
• In reality, however, there is no technical method available for
controlling the contents of any newsgroup. It is merely subject to self-
regulation and net etiquette. It is possible to put Usenet to following
criminal use:
1. Distribution/sale of pornographic material
2. Distribution/sale of pirated software packages
3. Distribution of hacking software
4. Sale of stolen credit card numbers
5. Sale of stolen data/stolen property
12/22/2024 [Link] AM 55
 1.4 Classifications of Cybercrimes

Computer network intrusions

• Crackers who are often misnamed Hackers can break into computer
systems from anywhere in the world and steal data, plant viruses,
create backdoors, insert Trojan horses or change user names and
passwords.
• Network intrusions are illegal, but detection and enforcement are
difficult. Current laws are limited and many intrusions go undetected.
• The cracker can bypass existing password protection by creating a
program to capture logon IDs and passwords.
• The practice of “strong password” is therefore important

12/22/2024 [Link] AM 56
 1.4 Classifications of Cybercrimes
Password sniffing
• These are programs that monitor and record the name and password
of network users as they login
• Whoever installs the Sniffer can then impersonate an authorized user
and login to access restricted documents.
• Laws are not yet set up to adequately prosecute a person for
impersonating another person online.
• Laws designed to prevent unauthorized access to information may be
effective in apprehending crackers using Sniffer programs.

12/22/2024 [Link] AM 57
 1.4 Classifications of Cybercrimes

Credit card frauds

• Bulletin boards and other online services are frequent targets for
hackers who want to access large databases of credit card information.

• Such attacks usually result in the implementation of stronger security

systems.

• credit card Security measures are improving, and traditional methods

of law enforcement seem to be sufficient for prosecuting the thieves of
such information.
12/22/2024 [Link] AM 58
 1.4 Classifications of Cybercrimes

Identity theft
• This fraud involves another person’s identity for an illicit purpose.
• Phishing and identity theft are related offenses.
• Examples include fraudulently obtaining credit, stealing money from
the victim’s bank accounts, using the victim’s credit card number,
establishing accounts with utility companies, renting an apartment or
even filing bankruptcy using the victim’s name.
• The cyberimpersonator can steal unlimited funds in the victim’s name
without the victim even knowing about it for months,

12/22/2024 [Link] AM 59
60
Social Engineering

61
Classification of Social Engineering
• Human Based Social Engineering : Person-person interaction to get
the required / desired information . Ex. Calling the help desk and
trying to find out a password.

• Computer Based social Engineering : An attempt made to get the

required/desired information by using computer software/internet.
Ex. Sending a fake email to an user and asking to reenter the
password in a web page to confirm it.

62
Human based social engineering

63
Computer based social engineering

64
Examples of typical of Social Engineering Attacks
[Link]: tactics include deceptive emails, websites, and text messages to steal information.
[Link] Phishing: email is used to carry out targeted attacks against individuals or businesses.
[Link]: an online and physical social engineering attack that promises the victim a reward.
[Link]: victims are tricked into believing that malware is installed on their computer and
that if they pay, the malware will be removed.
[Link]: uses false identity to trick victims into giving up information.
[Link] Pro Quo: relies on an exchange of information or service to convince the victim to act.
[Link]: relies on human trust to give the criminal physical access to a secure building or
area.
[Link]: urgent voice mails convince victims they need to act quickly to protect themselves
from arrest or other risk.
[Link]-Holing: an advanced social engineering attack that infects both a website and its
visitors with malware.
65
Property Cybercrime : Cybercrimes Resulting in Harm to Property

Cybercrime resulting in property harm is generally carried out using cracking

techniques and includes such common variations as:
• 1. Flooding—a form of cyberspace vandalism resulting in denial-of-service
(DoS) to authorized users of a site or system.
• 2. Virus and worm production and release—a form of cyberspace vandalism
causing corruption, and possibly Erasing of data.
• 3. Spoofing—the cyberspace appropriation of an authentic user’s identity by
nonauthentic users, causing fraud or attempted fraud in some cases, and critical
infrastructure breakdowns in other cases.
• 4. Phreaking—a form of cyberspace theft and/or fraud consisting of using
technology to make free telephone calls.
• 5. Infringing intellectual property rights and copyright—a form of cyberspace
theft involving the copying of a target’s information or software without consent.
66
 Technical Non offenses
• Politically motivated, controversial, and technical nonoffenses in the
cybercrime world include:
• Hacktivism—hacker activists, or hacktivists, pairing heir activism interests with
their hacker skill their platforms and missions.

• Cybervigilantism—the convergence of cyberspace and vigilantism.

Cyber vigilantism refers to the actions of individuals or groups to combat
and expose perceived online wrongdoing or cybercrimes outside the
traditional legal system. For example, investigate, track, and publicly
expose cybercriminals or unethical activities of people, companies, and
countries. 67
 Cybercrimes: An Indian perspective (1.7)
India has the fourth highest number of Internet users in the world.
45 million Internet users in India, 37% of all Internet accesses happen from cybercafes
and 57% of Indian Internet users are between 18 and 35 years.
The population of educated youth is high in India; majority of offenders were under 30
years.
Compared to the year 2006, cybercrime there is 50% increase in the year 2007.
The maximum cybercrime cases, about 46%, were related to incidents of
cyberpornography, and hacking.
The Indian Government is doing its best to control cybercrimes. For example, Delhi
Police have now trained 100 of its officers in handling cybercrime and placed them in
its Economic Offences Wing. The officers were trained for 6 weeks in computer
hardware and software, computer networks comprising data communication
networks, network protocols, wireless networks and network security.
68
Cybercrimes : Indian statistics

69
Cybercrimes : Indian statistics (contd..)

70
Cybercrimes : Indian statistics (contd..)

71
Cybercrimes : Indian statistics (contd..)

72
 Cybercrime and the Indian ITA 2000 (chapter1.8)
In India, the ITA 2000 was enacted after the United Nation General Assembly
Resolution A/RES/51/162 in January 30, 1997 by adopting the Model Law on
Electronic Commerce adopted by the United Nations Commission on
International Trade Law. This was the first step toward the Law relating to E-
Commerce at inter- national level to regulate an alternative form of
commerce and to give legal status in the area of E-Commerce. It was enacted
taking into consideration UNCITRAL model of Law on Electronic Commerce.
1) Hacking and the Indian Law: Cybercrimes are punishable under two
categories: the ITA 2000 (Information technology Act) and the IPC . A total of
207 cases of cybercrime were registered under the IT Act in 2007 compared
to 142 cases are registered.

73
Indian ITA 2000 – main provisions (sections )

Contd..

74
Indian ITA 2000 (contd..)

75
Cyber Offenses: How criminals plan then
(ch.2)
An attacker exploits the vulnerabilities of the network because the
network is not adequately protected. These categories of vulnerabilities
are as below.
[Link] border protection (border as in the sense of network
periphery);
2. Remote access servers (RASS) with weak access controls;
3. Application servers with well-known exploits;
4. Misconfigured systems and systems with default configurations.

76
2.1
Introduction Few tools for hacking

12/22/2024 [Link] AM [Link] 77

2.2
How Criminals Plan the Attacks - Categories of attacks

1. Crimes targeted at individuals:

• The goal is to exploit human weakness such as greed and naivety.
• These crimes include financial frauds, sale of non-existent or stolen items,
child pornography, copyright violation, harassment, etc.
2. Crimes targeted at property:
• This includes stealing mobile devices such as cell phone, laptops, PDAs, and
removable medias;
• Transmitting harmful programs that can disrupt functions of the systems
and/or can wipe out data from hard disk, and can create the malfunctioning of
the attached devices in the system such as modem, CD drive, etc.

12/22/2024 [Link] AM 78
2.2
How Criminals Plan the Attacks

3. Crimes targeted at organizations:

• Attackers use computer tools and the Internet to usually terrorize the citizens of a
particular country by stealing the private information, and also to damage the
programs and files or plant programs to get control of the network and/or system.

4. Single event of cybercrime:

• For e.g., unknowingly open an attachment that may contain virus that will infect the
system.

5. Series of events:
• This involves attacker interacting with the victims repetitively.
• For e.g., attacker interacts with the victim on the phone and/or via chat rooms to
establish relationship first and then they exploit that relationship to commit the
sexual assault.
12/22/2024 [Link] AM 79
 How Criminals plan the attacks
• Criminals use many methods and tools to locate the vulnerabilities of their target.
The target can be an individual and/or an organization. Criminals plan passive and
active attacks .
• Active attacks are usually used to alter the system (i.e., computer network)
whereas passive attacks attempt to gain information about the target.
• Active attacks may affect the availability, integrity and authenticity of data whereas
passive attacks lead to breaches of confidentiality.
• Attacks can also be categorized as either inside or outside. An attack originating
and/or attempted within the security perimeter of an organization is an inside
attack; it is usually attempted by an "insider" who gains access to more resources
than expected. An outside attack is attempted by a source outside the security
perimeter, maybe attempted by an insider and/or an outsider, who is indirectly
associated with the organization, it is attempted through the Internet or a remote
access connection.
Contd..

81
Passive Attack

82
Active attack

83
2.2
How Criminals Plan the Attacks

12/22/2024 [Link] AM [Link] 84

2.2
How Criminals Plan the Attacks
Inside attack and outside attack
• An attack originating and/or attempted within the security parameter of an
organization is an inside attack; it is usually attempted by an insider who gains access
to more resources than expected.
• An outside attack is attempted by a source outside of the security parameter, maybe
attempted by an outsider, who is indirectly associated with the organization, it is
attempted through the Internet or a remote access connection.

12/22/2024 [Link] AM [Link] 85

Phases in planning cybercrime

86
2.2
How Criminals Plan the Attacks
The following phases are involved in planning
cybercrime:

Scanning and
Reconnaissance Attack
scrutinizing

the gathered
(information gathering) information for the Launching an attack
is the first phase and is validity of the (gaining and
treated as passive information as well as maintaining system
attacks. to identify the existing access).
vulnerabilities.

12/22/2024 [Link] AM 87
2.2
How Criminals Plan the Attacks
1. Reconnaissance:
• The literal meaning of “Reconnaissance” is an act of reconnoitering – explore,
often with the goal of finding something or somebody (especially to gain
information about an enemy or potential enemy).
• In the world of “hacking,” reconnaissance phase begins with “Footprinting” –
this is the preparation toward preattack phase, and involves accumulating data
about the target’s environment and computer architecture to find ways to
intrude into that environment.
• Footprinting gives an overview about system vulnerabilities and provides a
judgment about possible exploitation of those vulnerabilities.
• The objective of this preparatory phase is to understand the system, its
networking ports and services, and any other aspects of its security that are
needful for launching the attack.
• Thus, an attacker attempts to gather information in two phases: passive and
active attacks.
12/22/2024 [Link] AM 88
Scanning and scrutinizing gathered
information

89
Attack : gaining and maintaining the system access

90