CYBER CRIME

Presented by-
Group – 6
 INTRODUCTION-Cyber Crime

Any criminal activity that uses a computer either as an
instrument, target or a means for perpetuating
further crimes comes within the ambit of cyber
crime.

The difference between a cyber crime &conventional
crime is that there should be an involvement, at any
stage, of the virtual cyber medium in cyber crime.

 MAJOR EVENTS
Origin-The first recorded cyber crime took place in the
year 1820
1978- 1st spam e-mail sent
1980-Rookits emerges as a malware threat
1982-The elk virus spreads via floppy disk
1983-Fbi nabs high profile computer intruder
1988-Morris worm spreads via arp net
1996-Phishing tricks spawn serties by new web based
scams
1999-Large scale attacks on bank and gambling sites
2006-Criminal target penny stocks in pump and dump of
ear 1820
 CYBER CRIMINALS
Children and adolescents between the age group of 6
–years

Organised hackers

Professional hackers / crackers

Discontented employees
 REASONS FOR CYBER CRIME:
Capacity to store data in comparatively small space

Easy to access

Complex

Negligence

Loss of evidence
 MODE OF CYBER CRIME

Hacking
Theft of information contained in electronic form
Email bombing
Virus
Denial of Service attack
Salami attacks
Data diddling
Trojan attacks
 HACKING
Hacking is the practice of modifying computer
hardware and software to accomplish a goal outside
of the creator’s original purpose.
The impact of computer hacking varies from being
simply invasive and annoying to illegal.
Started with AT&T
1999, security software such as Symantec went
mainstream.

 Methods Of Hacking
• NetBIOS
• ICMP Ping
• FTP
• rpc.statd
• HTTP

 Prevention
Implement a firewall
Install anti-virus software
Keep operating systems up to date
Don't run unnecessary network services
Keep informed about network security

SOFTWARE CRACKING
It is the process of bypassing the registration and
payment options on a software product to remove
copy protection safeguards or to turn a demo
version of software into a fully functional version
without paying for it.
PASSWORD CRACKING


Password cracking is the process of recovering

passwords from data that has been stored in or
transmitted by a computer system.
Methods Of Password Cracking
Weak encryption
Guessing
Precomputation
Salting



Prevention
ensure that attackers cannot get access even to the
encrypted password
constantly shifting password
DENIAL-OF-SERVICE ATTACK
 DoS Attack
Is an attempt to make a computer resource
unavailable to its intended users.
Common method of attack involves saturating the
target machine with external communications
requests, such that it cannot respond to legitimate
traffic, or responds so slowly as to be rendered
effectively unavailable.
 Means Of DoS Attack

Attacks on wired networks require a great deal of

computing power and internet connection.
Attacks on wireless networks require a high-power
NIC and usually a high-gain (directional) external
antenna (to increase range as well as power output).
 Types Of DoS Attacks
ICMP (internet control message protocol) flood
Permanent denial-of-service attacks
Nuke
Distributed attack
Reflected attack
Blind denial of service

 Prevention and response

Surviving attacks
Firewalls
IPS based prevention
Prevention via proactive testing

 VIRAL ATTACKS
A computer virus is a computer program that can
copy itself and infect a computer without the
permission or knowledge of the owner.
Viruses can be divided into two types based on their
behavior when they are executed.
ØNonresident viruses
ØResident viruses

Contd…
Vulnerability of operating systems to viruses
:-
ØThe users of Microsoft software (especially
networking software such as Microsoft Outlook
and Internet Explorer) are especially vulnerable to
the spread of viruses.
preventive measures:-
Øanti-virus software
Øcommon methods that an anti-virus software
application uses to detect viruses:
- Using virus signature definitions
- use a heuristic algorithm
-
Contd…
ØOne may also minimize the damage done by viruses
by making regular backups of data
Øuse different operating systems on different file
systems.
Virus removal-
ØSystem Restore in Windows Me, Windows XP and
Windows Vista restores the registry and critical
system files to a previous checkpoint
Contd…
Operating system reinstallation -
simply reformatting the OS partition and installing
the OS from its original media, or imaging the
partition with a clean backup image.
Benefits-
Øsimple to do
Øfaster than running multiple antivirus scans
ØGuarantees to remove any malwar
 WEBSITE DEFACEMENT
Website defacement is an attack on a website that
changes the visual appearance of the site.
In defacement incidents, the major goal of the hacker
is to gain publicity by demonstrating the weakness
of the existing security measures.
Damage can range from loss of customer trust to loss
of revenue.
How a hacker defaces web page?
by obtaining usernames and passwords
to retrieve this information, hackers use the
following:
Øinformation-gathering techniques e.g. read Web
pages such as 'global.asa'
Ømaking use of publicly available information e.g.
domain registration records
Øusing 'social engineering' tactics e.g. calling an
employee and posing as a system administrator.
ØIf the hacker has a username, he can try to guess the
password by going through a list of popular or
default choices, or by using intelligent guessing.
 Authenticated access to the system

After the hacker is logged on to the system, he tries to

escalate his privileges, i.e., obtain system
administrator privileges
Both Windows NT and UNIX provide a "super user"
account (administrator in NT, root in UNIX); as this
account has full access rights to all system resources,
it's the ultimate goal of any hacker to own it.
Contd..
Using this information, he accesses well-known Web
sites and easily locates hacks that can be exploited.
When these exploits are executed on the machine, the
hacker ends up gaining privileged access rights, and
actually controls the machine.
 Cross-site scripting
It is a client-side attack method that occurs when an
attacker uses a Web-based application to send
malicious code to another user of the same
application. Eg.XSS attack
It is automatically executed when the client’s browser
opens an HTML web page.
The XXS attack is generally invisible to the victim
user.

 COMPUTER CONTENT CRIME
Pornography-
ØAn immense industry for the production and
consumption of pornography has grown, with the
increasing use of the VCR, the DVD, and the
Internet.
ØPornography may use any of a variety of media,
ranging from printed literature, photos, sculpture,
drawing, painting, animation, sound recording, film,
video, or video game.
 TECHNOLOGY
Mass-distributed pornography is as old as the
printing press.
Computer-generated images and
manipulations-
Digital manipulation requires the use of source
photographs, but some pornography is produced
without human actors at all.

 Piracy

 Use of illegal software or the copyright
infringement of software
 selling of computer facilities with illegally
installed software;
 replication and distribution of software copies
on information carriers without permission of
the copyright owner;
 illegal distribution of software through
communication networks (Internet, e-mail,
etc.);
 Signs of Pirated Production
Absence, counterfeit or difference of
polygraphic packing;
reserved label;
copyright and Adjacent Rights Protection sign;
type of wrapping;
stamping on the polygraphic wrapping;
more content

 Ongoing actions


Antipiracy campaigns and advertisements in FM
Radios, TV, Internet etc.
Initiatives taken by recording companies and
manufacturer of CD, DVD companies.
 File Sharing
It refers to the practice of distributing or providing
access to digitally stored information, such as
computer programs, multi-media (audio, video),
documents, or electronic books.


Types of sharing
Sharing of digital content- songs, DVD-quality
movies, computer programs and video games
through P2P networks.
Very large files are to use Bit Torrent.
Anonymous networking technologies have been
developed to allow the exchange of data between
computers and users.
 Security Risks
Potential security risks including the release of
personal information, bundled spyware, and
viruses downloaded from the network.
2009 availability of the blueprints of helicopter
Marine One.
Tax returns, student loan applications and credit
reports are made available online.
 Computer Violence


Computer violence can be created through release of
videos, photos.
Spread of violence through cyber terrorism.
COMPUTER ASSISTED
CRIME
 Scams And Thefts


Internet Fraud
Purchase Scams
Counterfeit Postal Money Orders

 Virtual Robberies
Online Automotive Fraud
Re Shippers
Call Tag Scam
Business Opportunity / Work-at-home Schemes
Money Transfers Frauds
Dating Scams

 Virtual Robberies
Click Fraud
Internet marketing and retail fraud
Internet Ticket Fraud
Paypal Fraud
Stock market manipulation schemes
Avoiding Internet investment scams

 Sexual Harassment
Types Of Stalkers


Simple obsessional stalkers

Delusional stalkers
Vengeful stalker

 Sexual Harassment
Motivations To Stalkers
love-Obsession, Hate, Revenge, Vendettas
Ego and Power Trips
Internet Hate Speech



 Internet Hate Speech
What is it?
How it operates?
How to prevent it?

 CYBER LAWS

Information Technology Act 2000 was passed and

enforced on 17th May 2000.
the preamble of this Act states that its objective is to
legalise e-commerce and further amend the Indian
Penal Code 1860, the Indian Evidence Act 1872,
the Banker’s Book Evidence Act1891 and the
Reserve Bank of India Act 1934.
Contd…
 The Information Technology Act deals with the
various cyber crimes in chapters IX & XI. The
important sections are Ss. 43,65,66,67.
The Information Technology Act 2000 was
undoubtedly a welcome step at a time when there
was no legislation on this specialised field.

Contd…
The Act has however during its application proved to
be inadequate to a certain extent. The various
loopholes in the Act are-
Legislation was passed in a hurry.
Cyber torts.
Cyber crime in the Act is neither comprehensive nor
exhaustive.
Ambiguity in the definitions.



Contd…
Uniform law
Lack of awareness
Jurisdiction issues
Extra territorial application
Raising a cyber army
Cyber savvy bench
Dynamic form of cyber crime
Hesitation to report offences



 PREVENTION
Prevention is better than cure.
5P mantra for online security: Precaution,
Prevention, Protection, Preservation and
Perseverance.
A netizen should keep in mind the following things:-
to prevent cyber stalking avoid disclosing any
information pertaining to oneself.

Contd…
always avoid sending any photograph online
particularly to strangers and chat friends
use latest and up date anti virus software
always keep back up volumes so that one may not
suffer data loss in case of virus contamination

Contd…
always keep a watch on the sites that children are
accessing to prevent any kind of harassment or
depravation in children.
never send your credit card number to any site that is
not secured, to guard against frauds.





Contd…
web site owners should watch traffic and check any
irregularity on the site. Putting host-based intrusion
detection devices on servers may do this.
Use of firewalls may be beneficial.
web servers running public sites must be physically
separate protected from internal corporate network.


 CONCLUSION
Capacity of human mind unfathomable.
Make people aware of their rights and duties.
Need to bring changes in Information Technology Act.
Provisions of cyber law should not be made so
stringent that it may retard the growth of the
industry.
 

 Thank you!