Cyber Crime

CYBER CRIME

Presented byGroup – 6

INTRODUCTION-Cyber Crime  Any criminal activity that uses a computer either as an

instrument, target or a means for perpetuating further crimes comes within the ambit of cyber crime.

 The difference between a cyber crime &conventional

crime is that there should be an involvement, at any stage, of the virtual cyber medium in cyber crime.



MAJOR EVENTS Origin-The first recorded cyber crime took place in the

year 1820 1978- 1st spam e-mail sent 1980-Rookits emerges as a malware threat 1982-The elk virus spreads via floppy disk 1983-Fbi nabs high profile computer intruder 1988-Morris worm spreads via arp net 1996-Phishing tricks spawn serties by new web based scams 1999-Large scale attacks on bank and gambling sites 2006-Criminal target penny stocks in pump and dump of ear 1820

CYBER CRIMINALS Children and adolescents between the age group of 6

–years

 Organised hackers  Professional hackers / crackers  Discontented employees

REASONS FOR CYBER CRIME: Capacity to store data in comparatively small space  Easy to access  Complex  Negligence  Loss of evidence

MODE OF CYBER CRIME Hacking Theft of information contained in electronic form Email bombing Virus Denial of Service attack Salami attacks Data diddling Trojan attacks

HACKING Hacking is the practice of modifying computer

hardware and software to accomplish a goal outside of the creator’s original purpose. The impact of computer hacking varies from being simply invasive and annoying to illegal. Started with AT&T 1999, security software such as Symantec went mainstream. 

Methods Of Hacking • • • • • 



NetBIOS ICMP Ping FTP rpc.statd HTTP

Prevention Implement a firewall Install anti-virus software Keep operating systems up to date Don't run unnecessary network services Keep informed about network security 

SOFTWARE CRACKING It is the process of bypassing the registration and

payment options on a software product to remove copy protection safeguards or to turn a demo version of software into a fully functional version without paying for it.

PASSWORD CRACKING



Password cracking is the process of recovering

passwords from data that has been stored in or transmitted by a computer system.

Methods Of Password Cracking Weak encryption Guessing Precomputation Salting 



Prevention

ensure that attackers cannot get access even to the

encrypted password constantly shifting password

DENIAL-OF-SERVICE ATTACK

DoS Attack Is an attempt to make a computer resource

unavailable to its intended users. Common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable.

Means Of DoS Attack Attacks on wired networks require a great deal of

computing power and internet connection. Attacks on wireless networks require a high-power NIC and usually a high-gain (directional) external antenna (to increase range as well as power output).

Types Of DoS Attacks ICMP (internet control message protocol) flood Permanent denial-of-service attacks Nuke Distributed attack Reflected attack Blind denial of service 

Prevention and response Surviving attacks Firewalls IPS based prevention Prevention via proactive testing 

VIRAL ATTACKS A computer virus is a computer program that can

copy itself and infect a computer without the permission or knowledge of the owner. Viruses can be divided into two types based on their behavior when they are executed. ØNonresident viruses ØResident viruses 

Contd… Vulnerability of operating systems to viruses

:ØThe users of Microsoft software (especially networking software such as Microsoft Outlook and Internet Explorer) are especially vulnerable to the spread of viruses. preventive measures:Øanti-virus software Øcommon methods that an anti-virus software application uses to detect viruses: - Using virus signature definitions - use a heuristic algorithm -

Contd… ØOne may also minimize the damage done by viruses by making regular backups of data Øuse different operating systems on different file systems. Virus removalØSystem Restore in Windows Me, Windows XP and Windows Vista restores the registry and critical system files to a previous checkpoint

Contd… Operating system reinstallation simply reformatting the OS partition and installing the OS from its original media, or imaging the partition with a clean backup image. BenefitsØsimple to do Øfaster than running multiple antivirus scans ØGuarantees to remove any malwar 

WEBSITE DEFACEMENT Website defacement is an attack on a website that

changes the visual appearance of the site. In defacement incidents, the major goal of the hacker is to gain publicity by demonstrating the weakness of the existing security measures. Damage can range from loss of customer trust to loss of revenue.

How a hacker defaces web page? by obtaining usernames and passwords to retrieve this information, hackers use the

following: Øinformation-gathering techniques e.g. read Web pages such as 'global.asa' Ømaking use of publicly available information e.g. domain registration records Øusing 'social engineering' tactics e.g. calling an employee and posing as a system administrator. ØIf the hacker has a username, he can try to guess the password by going through a list of popular or default choices, or by using intelligent guessing.

Authenticated access to the system After the hacker is logged on to the system, he tries to

escalate his privileges, i.e., obtain system administrator privileges Both Windows NT and UNIX provide a "super user" account (administrator in NT, root in UNIX); as this account has full access rights to all system resources, it's the ultimate goal of any hacker to own it.

Contd.. Using this information, he accesses well-known Web

sites and easily locates hacks that can be exploited. When these exploits are executed on the machine, the hacker ends up gaining privileged access rights, and actually controls the machine.

Cross-site scripting It is a client-side attack method that occurs when an

attacker uses a Web-based application to send malicious code to another user of the same application. Eg.XSS attack It is automatically executed when the client’s browser opens an HTML web page. The XXS attack is generally invisible to the victim user. 

COMPUTER CONTENT CRIME Pornography-

ØAn immense industry for the production and consumption of pornography has grown, with the increasing use of the VCR, the DVD, and the Internet. ØPornography may use any of a variety of media, ranging from printed literature, photos, sculpture, drawing, painting, animation, sound recording, film, video, or video game.

TECHNOLOGY Mass-distributed pornography is as old as the

printing press. Computer-generated images and manipulationsDigital manipulation requires the use of source photographs, but some pornography is produced without human actors at all. 

Piracy   Use of illegal software or the copyright infringement of software  selling of computer facilities with illegally installed software;  replication and distribution of software copies on information carriers without permission of the copyright owner;  illegal distribution of software through communication networks (Internet, e-mail, etc.);

Signs of Pirated Production Absence, counterfeit or difference of polygraphic packing; reserved label; copyright and Adjacent Rights Protection sign; type of wrapping; stamping on the polygraphic wrapping; more content 

Ongoing actions   Antipiracy campaigns and advertisements in FM

Radios, TV, Internet etc. Initiatives taken by recording companies and manufacturer of CD, DVD companies.

File Sharing It refers to the practice of distributing or providing

access to digitally stored information, such as computer programs, multi-media (audio, video), documents, or electronic books.





Types of sharing

Sharing of digital content- songs, DVD-quality

movies, computer programs and video games through P2P networks. Very large files are to use Bit Torrent. Anonymous networking technologies have been developed to allow the exchange of data between computers and users.

Security Risks Potential security risks including the release of

personal information, bundled spyware, and viruses downloaded from the network. 2009 availability of the blueprints of helicopter Marine One. Tax returns, student loan applications and credit reports are made available online.

Computer Violence   Computer violence can be created through release of

videos, photos. Spread of violence through cyber terrorism.

COMPUTER ASSISTED CRIME

Scams And Thefts 

Internet Fraud Purchase Scams Counterfeit Postal Money Orders 

Virtual Robberies Online Automotive Fraud Re Shippers Call Tag Scam Business Opportunity / Work-at-home Schemes Money Transfers Frauds Dating Scams 

Virtual Robberies Click Fraud Internet marketing and retail fraud Internet Ticket Fraud Paypal Fraud Stock market manipulation schemes Avoiding Internet investment scams 

Sexual Harassment Types Of Stalkers Simple obsessional stalkers Delusional stalkers Vengeful stalker 



Sexual Harassment Motivations To Stalkers love-Obsession, Hate, Revenge, Vendettas Ego and Power Trips Internet Hate Speech  

Internet Hate Speech What is it? How it operates? How to prevent it? 

CYBER LAWS Information Technology Act 2000 was passed and

enforced on 17th May 2000. the preamble of this Act states that its objective is to legalise e-commerce and further amend the Indian Penal Code 1860, the Indian Evidence Act 1872, the Banker’s Book Evidence Act1891 and the Reserve Bank of India Act 1934.

Contd…  The Information Technology Act deals with the

various cyber crimes in chapters IX & XI. The important sections are Ss. 43,65,66,67. The Information Technology Act 2000 was undoubtedly a welcome step at a time when there was no legislation on this specialised field. 

Contd… The Act has however during its application proved to

be inadequate to a certain extent. The various loopholes in the Act areLegislation was passed in a hurry. Cyber torts. Cyber crime in the Act is neither comprehensive nor exhaustive. Ambiguity in the definitions.    

Contd… Uniform law Lack of awareness Jurisdiction issues Extra territorial application Raising a cyber army Cyber savvy bench Dynamic form of cyber crime Hesitation to report offences   

PREVENTION Prevention is better than cure. 5P mantra for online security: Precaution,

Prevention, Protection, Preservation and Perseverance. A netizen should keep in mind the following things:to prevent cyber stalking avoid disclosing any information pertaining to oneself. 

Contd… always avoid sending any photograph online

particularly to strangers and chat friends use latest and up date anti virus software always keep back up volumes so that one may not suffer data loss in case of virus contamination 

Contd… always keep a watch on the sites that children are

accessing to prevent any kind of harassment or depravation in children. never send your credit card number to any site that is not secured, to guard against frauds.     

Contd… web site owners should watch traffic and check any

irregularity on the site. Putting host-based intrusion detection devices on servers may do this. Use of firewalls may be beneficial. web servers running public sites must be physically separate protected from internal corporate network.  

CONCLUSION Capacity of human mind unfathomable. Make people aware of their rights and duties. Need to bring changes in Information Technology Act. Provisions of cyber law should not be made so

stringent that it may retard the growth of the industry.

 

Thank you!