Cyber crime and cyber security

Introduction to Cyber crime and Cyber Security

Prepared By:-

KAUSHAL SOLANKI

Definition of a computer crime

• All crimes performed or resorted to by abuse of electronic media or otherwise, with the purpose of influencing the functioning of computer or computer system

• Computer crime is when– Computer is a target– Computer is a tool for the crime– Computer is incidental to a crime

• Disgruntled employees• Teenagers• Political activist• Professional Hackers• Business Rival• Ex wife or husband/BF or GF

The Usual SuspectsThe Usual Suspects

• Gullible• Greedy people• Unskilled and Inexperienced • Trusting People • Unlucky people

• Anonymity

• Computer’s storage capacity

• Weakness in operating system

• Lack of Awareness from user

• Hacking

• Denial of service attack

• Virus dissemination

• Software Piracy

• Pornography

• IRC Crimes

• Credit Card Fraud

• NET Extortion

• Phishing

• Spoofing

• Cyber Stalking

• Cyber Defamation

• Threatening

• Salami Attack

Different types ofof Cyber Crimes

• Hacking: Illegal intrusion into a computer system without the permission of the computer owner/user

Denial of Service Attack

• An act by the criminal, who floods the bandwidth of the victim’s network or fills their e-mail box with spam mail depriving him of the services he is entitled to access or provide

• Malicious software that attaches itself to other software.

• (Virus, Worms, Trojan Horse, Time Bomb, Logic Bomb)

Software Piracy

• Theft of Software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original– Examples(Pirate Bay, Bootlegs, etc)– End user copying, Downloads

• Internet allows them to– Instant access to other predators worldwide;– Open discussion with children– Support from other pedophiles– Disguise their identities

PedophilesPedophiles

Pedophiles

• Pedophile organizations include• – NAMBLA (The North American Man-Boy Love

Association) and• – PAN (Pedophile Alert Network) in the Netherlands.• – Members receive monthly magazines and

newsletters that include seduction techniques and advice on avoiding detection and prosecution. Pedophiles meet each other via the Internet where they swap methods, success stories, even names, descriptions, and images of children.

Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world can come together and chat with each other

• Criminals use it for meeting coconspirators.• Hackers use it for discussing their exploits / sharing the

techniques• Pedophiles use chat rooms to allure small children

• Cyber Stalking - In order to harass a woman her telephone number is given to others as if she wants to befriend males

Credit Card Fraud

• If electronic transactions are not secured the credit card numbers can be stolen by the hackers who can misuse this card by impersonating the credit card owner

• Copying the company’s confidential data in order to extort the company for a huge amount

• A technique of pulling out confidential information from the bank/financial accounts by deceptive means

EX: of Phishing EmailFrom: *****Bank [mailto:support@****Bank.com]

Sent: 08 June 2004 03:25To: India

Subject: Official information from ***** BankDear valued ***** Bank Customer!

For security purposes your account has beenrandomly chosen for verification. To verify

your account information we are asking you toprovide us with all the data we are requesting.

Otherwise we will not be able to verify your identityand access to your account will be denied. Please click

on the link below to get to the bank securepage and verify your account details. Thank you.

https://infinity.*****bank.co.in/Verify.jsp****** Bank Limited

• Getting one Computer on the network to pretend to have the identity of another computer, usually one with special access privileges, so as to obtain access to the other computers on the network.

• The criminal follows the victim by sending emails, entering the chat rooms as the person being stalked frequently

• The Criminal sends emails containing defamatory matters to all concerned off the victim or post the defamatory matters on a website..

• (disgruntled employee may do this against boss,, ex-boys friend against girl,, divorced husband against wife etc)

• The criminal sends threatening email or comes in contact in the chat rooms with victim

• (Anyone disgruntled may do this against boss, friend or official)

• In such crime criminal makes insignificant changes in such a manner that such changes would go unnoticed.

• Criminal makes such program that deducts small amount like Rs. 2.50 per month from the account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount.

Salami AttackSalami Attack

• Sale and Purchase through the net• Websites offer sales and shipment of

contraband drugs• May use hidden messages to sell the drugs

Sale of Narcotics

WHAT IS CYBER-SAFETY?

26

Cyber-safety is a common term used to describe a set of practices, measures and/or actions you can take to protect personal information and your computer from attacks.

What

is…

TOP FIVE CYBER-SAFETY ACTIONS

27

1. Run Anti-virus Software

2. Prevent Identity Theft

3. Turn on Personal Firewalls

5. Back up Important Files

Additional information about each of the actions below is provided on slides 8-14. Faculty and staff should work with their technical support coordinator before implementing these measures.

4. Protect Passwords

RUN ANTI-VIRUS SOFTWARE

28

To avoid computer problems caused by viruses, install and run an anti-virus program.

Periodically, check to see if your anti-virus is up to date by opening your anti-virus program and checking the Last updated: date.

Anti-virus software removes viruses, quarantines and repairs infected files, and can help prevent future viruses.

PREVENT IDENTITY THEFT

29

Don't give out financial account numbers, Social Security numbers, driver’s license numbers or other personal identity information unless you know exactly who's receiving it. Protect others people’s information as you would your own.

Never send personal or confidential information via email or instant messages as these can be easily intercepted.

TURN ON PERSONAL FIREWALLS

Check your computer's security settings for a built-in personal firewall. If you have one, turn it on. Microsoft Vista and Mac OSX have built-in firewalls

Firewalls act as protective barriers between computers and the internet.

Hackers search the Internet by sending out pings (calls) to random computers and wait for responses. Firewalls prevent your computer from responding to these calls.

30

PROTECT PASSWORDS

31

Do not share your passwords, and always make new passwords difficult to guess by avoiding dictionary words, and mixing letters, numbers and punctuation.

Do not use one of these common passwords or any variation of them: qwerty1, abc123, letmein, password1, iloveyou1, (yourname1), baseball1.

Change your passwords periodically.

When choosing a password:o Mix upper and lower case letterso Use a minimum of 8 characterso Use mnemonics to help you remember a difficult password

BACK UP IMPORTANT FILES

Reduce your risk of losing important files to a virus, computer crash, theft or disaster by creating back-up copies.

Keep your critical files in one place on your computer’s hard drive so you can easily create a back up copy.

Save copies of your important documents and files to a CD, online back up service, flash or USB drive, or a server.

Store your back-up media in a secure place away from your computer, in case of fire or theft.

Test your back up media periodically to make sure the files are accessible and readable.

32

CYBER-SAFETY AT HOME

Avoid leaving your laptop unsupervised and in plain view in the library or coffee house, or in your car, dorm room or home.

Set up a user account and password to prevent unauthorized access to your computer files.

Do not install unnecessary programs on your computer.

33

Home

CYBER-SAFETY AT WORK Be sure to work with your technical support coordinator before implementing

new cyber-safety measures.

Talk with your technical support coordinator about what cyber-safety measures are in place in your department.

Do not install unnecessary programs on your work computer.

34

Work

• vlc-record-2014-09-22-22h25m35s-Facts+about+Cybercrime.WebM-.mkv

IT ACT PROVISIONS• email would now be a valid and legal form of

communication in our country that can be duly produced and approved in a court of law.

• Companies shall now be able to carry out electronic commerce using the legal infrastructure provided by the Act.

• Digital signatures have been given legal validity and sanction in the Act.

IT ACT PROVISIONS

• The Act now allows Government to issue notification on the web thus heralding e-governance

• statutory remedy in case if anyone breaks into companies computer systems or network and causes damages or copies data