Cyber Crime

A SEMINAR REPORT

Submitted by

Kunal Choudhury
(1704114)

in partial fulfillment for the award of the degree

of

BACHELOR OF
TECHNOLOGY
IN

Electronics and Telecommunication

SCHOOL OF Electronics
ENGINEERING
K IIT Deemed to be UNIVERSITY
BHUBANESWAR
February 2021

School of Electronic Engineering

KIIT Deemed to be University, Bhubaneswar,Odisha,
751024, India.
 Certificate
This is to certify that the SEMINAR REPORT entitled Cyber Crime, is
a bonafide work done by Kunal Choudhury (1704114) in partial
fulfillment for the requirement for the award of the degree of Bachelor of
Electronics and Telecommunication Engineering.

Dr. Arindam Deb

(Seminar Supervisor)
 Abstract
Cybercrime also called Computer crime, is any crime that involves a computer and a
network. As individuals and businesses increase their reliance on technology, they are
exposed to the growing cybercrime threats. Using the computers for our day-to-day
transactions is quite common now a days. For example, we pay our life insurance
premium, electricity bills, reserve flight or train or bus tickets, order book or any other
product online using personal computer, smart phones, public browsing centers etc.
The number of users doing online transactions are growing rapidly ever since,
because of the convenience it gives to the user to transact business without being
physically present in the area where the transaction happens. Criminals committing
cybercrime are also growing day-by-day with the increased number of users doing
online transactions. Cybercrime covers a wide range of different attacks such as
Cyber extortion, Cyber warfare, spreading Computer viruses or Malware, Internet
fraud, Spamming, Phishing, carding (fraud), child pornography and intellectual
property rights violation etc. Because of increased cyber-attacks these days, the online
users must be aware of this kind of attacks and need to cautions while doing online
transactions. In this context, the paper will review the growth of cybercrimes in India
and measures taken by the government of India to combat the cybercrimes.
 Table of Content

1. Introduction
2. History of computer crimes
3. Definition for computer crime
4. Trends Changing Cyber Security
5. Types of Cyber Crime
6. Precautions to prevent cyber crime
7. Conclusion
8. References
 Introduction
Today an increasing number of companies are connecting to the Internet to support
sales activities or to provide their employees and customers with faster information
and services. The virtual world has taken over the real one, E-business and E-
commerce the new mantras and electronic transactions and dominate the overall
business paradigm rapidly evolving e-world that depends on free flowing information,
security is the major pobe to be considered. Security on Internet is challenging.
Security on the internet is a far cry as information having significant value are
constantly being eyed by hackers.
Implementing security involves assessing the servers and information. The goal is
then to minimize it as much as possible.
Hence, this developing world of info has its own negative side effect. It has opened
the door to antisocial and criminal behaviour.
 HISTORY OF COMPUTER CRIMES

It is difficult to determine when the first crime involving a computer actually took
place. The computer has been around in some form since the abacus, which is known
to exist in 3500BC in Japan, China, and India.

In 1801, profit motives encouraged Joseph Jacquard, a textile manufacturer , to design

the forerunner of the computer card. This device allowed the repetition of service
camps in the weaving of special fabrics. This were snatching away the credits from
the employees and they started discouraging the use of technology.

The malicious association with computer crime came to notice when early

computerized phone systems became a target. Technologically savvy
individuals, called “phreakers,” discovered the correct codes and tones that
would result in free long distance service. They impersonated operators, dug
through Bell Telephone company garbage to find secret information, and
performed countless experiments on early telephone hardware to learn how to
exploit the system and steal long-distance telephone time.

This innovative type of crime was a difficult issue for law enforcement, due
in part to lack of legislation to aid in criminal prosecution, and a shortage of
investigators skilled in the technology that was being hacked. It was clear that
computer systems were open to criminal activity, and as more complex
communications became available to the consumer, more opportunities for
cyber crime developed.
 DEFINITION OF COMPUTER CRIMES

Experts debated on what exactly constitutes computer crime or a computer related

crime. Even after several years there is no internationally recognized definition of
these terms.
A global definition of computer crime have not been achieved. Computer Crime has
been defined as any illegal unethical or unauthorized behaviour involving automatic
processing or transmission of data.
COMPUTER CRIME is any crime where --
i. Computer is a target.
ii. Computer is a tool of crime
iii. Computer is incidental to crime

Threats come in two categories:

1. Passive threats.
2. Active threats.

Passive threats:
It involves monitoring the transmission data of an organization. Here
goal of assembler is to obtain information that is being transmitted. Passive threats are
difficult to detect as they do not involve any alteration of data.
These are of two types:

A) Release of message content

B) Traffic Analysis

Active threats:
These threats involve some modification of data stream or the creation of a false
stream.
These are of three types:

A) Modification of data
B) Denial of Message Service
C) Masquerade
 REASONS FOR CYBER CRIME

Capacity to store data in comparatively small space-

The computer has unique characteristics of storing data in a very small space. This
affords to remove information either through physical or virtual medium makes it
much more easier.

Easy to access-

The problem encountered in guarding a computer system from unauthorized access is

that there is possibility of breach not due to human error but due to the technology. By
secretly implanted logic bomb, key loggers that can steal access cd voice recoders;
retina imagers etc. that can fool biometric systems and bypass f can be utilized to get
past many a security system.

Complex-

The computers work on operating system & these are composed of millions of codes.
Human mind is falliable & is no re might not be a lapse at any stage. The cyber
criminals take advantage of the nd penetrate into the computer system.

Negligence-

Negligence is very closely connected with personal conduct. It is therefore very

probable that while protecting the computer system be any negligence, which in turn
provides a cyber criminal to gain access and mputer system.

Loss of evidence-

Loss of evidence is n & obvious problem as all the data are routinely destroyed.
Further collection the territorial extent also paralyses this system of crime
investigation.
 TYPES OF CYBER CRIMES

1. HACKING
2. DENIAL OF SERVICE ATTACK
3. VIRUS DISSEMINATION
4. COMPUTER FROGERY
5. CREDIT CARD FRAUD
6. PHISHING
7. SPOOFING
8. CYBER STALKING
9. THREATENING
10. SALAMI ATTACK
HACKING:

Hacking is the process of identifying and exploiting weakness in a system or a

network to gain unauthorized access to data and system resources. It can also be
defined as an unauthorized intrusion into the information systems/networks by an
attacker by compromising the security. 
When hacking first started it was not thought of as that serious. The hackers were not
even known as hackers but as practical jokers. The very first hack came in 1878 when
the phone company, Bell Telephone, was started. A group of teenage boys, hired to
run the switchboards, would disconnect or misdirect calls.
The first authentic computer hackers came in the 1960s. During those times,
computers were mainframes, locked away in temperature controlled, glassed in areas.
It cost a lot of money to run these machines, so programmers had limited access to
them. The smarter students, usually MIT students, had an insatiable curiosity about
how things worked. So, the smartest ones created what they called "hacks",
programming shortcuts, to complete computing tasks more quickly. In some cases the
shortcuts were better than the original program. One of the hacks that was created in
the 60s, 1969 to be exact, was created to act as an open set of rules to run machines on
the computer frontier. It was created by two employees from the Bell Lab's think tank.
The two employees were Dennis Ritchie and Ken Thompson and the "hack" was
called UNIX.
In the 1980s, hacking reached the peak of seriousness. By 1980, there was over a total
of one million units being used in the U.S. By 1983, there were over 10 million units.
By 1986, there were over 30 million. So, as you can see computer use increased
drastically during the 80s. The reason for this drastic increase in computer use was
because of IBM who announced that computers could be used for personal use too.

There can be several techniques of hacking,few of which are listed below:

1. Cracking Passwords:
Hackers can obtain your credentials through a number
of means, but commonly they do so through a practice called key logging. Through a
social engineering attack, you could accidentally download software that records your
keystrokes, saving your usernames and passwords as you enter them. This and other
forms of “spyware” are malware that track your activity until a hacker has what they
need to strike. And it’s not just downloading you have to worry about, attackers can
deploy malware on the users machine if they are in your environment and capture
your credentials via key logging too. 

There are also password cracking programs that can run letter and character
combinations, guessing passwords in a matter of minutes, even seconds. It follows a
brute force approach and with the computing power of the CPU, it manages to apply
n! combinations on the password block.

2. Gaining unauthorized access to the computer:

Hackers can get an unauthorized

access to your computer by making you download some backdoor software which can
be in the form of PDF, image etc. and as soon as you open those, a program would be
executed in the victim computer’s environment and with the help of tools and
frameworks like metasploit framework, hackers can gain control of the computer and
do whatever they want.
DENIAL OF SERVICE ATTACK:

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or

network, making it inaccessible to its intended users. DoS attacks accomplish this
by flooding the target with traffic, or sending it information that triggers a crash. In
both instances, the DoS attack deprives legitimate users (i.e. employees, members,
or account holders) of the service or resource they expected.
Victims of DoS attacks often target web servers of high-profile organizations such
as banking, commerce, and media companies, or government and trade
organizations.
Though DoS attacks do not typically result in the theft or loss of significant
information or other assets, they can cost the victim a great deal of time and money
to handle.
There are two general methods of DoS attacks: flooding services or crashing
services. Flood attacks occur when the system receives too much traffic for the
server to buffer, causing them to slow down and eventually stop.
Popular flood attacks include:

 Buffer overflow attacks – The most common DoS attack. The concept is to
send more traffic to a network address than the programmers have built the
system to handle. It includes the attacks listed below, in addition to others
that are designed to exploit bugs specific to certain applications or networks
 ICMP flood – leverages misconfigured network devices by sending spoofed
packets that ping every computer on the targeted network, instead of just
one specific machine. The network is then triggered to amplify the traffic.
This attack is also known as the smurf attack or ping of death.
 SYN flood – sends a request to connect to a server, but never completes
the handshake. Continues until all open ports are saturated with requests and
none are available for legitimate users to connect to.
VIRUS DISSEMINATION:

This category of criminal activity involves either direct or search unauthorized access
to computer system g new programs known as viruses, worms or logic bombs. The
unauthorized modification suppression or erasure of computer data or functions with
the Internet to hinder malfunctioning of the system is clearly a criminal activity and is
commonly as computer sabotage.
Malicious code is computer code that is written with the sole intent to cause damage
to a machine or to invade the machine to steal information. The most common forms
of malicious code are viruses,worms and Trojan programs.

(VIRUS: Vital information resources under seize).

Virus is a series of program codes with the ability to attach itself to legitimate
programs and propagate itself to other computer programs. Viruses are file viruses
and boot sector viruses.
It attacks the fat so that there is no sequence of file content and it destroys the data
content.

WORMS: (Write Once Read Many).

They are just added to the files and they do not manipulate. It differs from a virus in
that it does not have the ability to replicate itself.

LOGIC BOMB: As it involves the programming the destruction or modification of

data is specific time in the future.

Why do people Create These Viruses?

1. To distribute political message.
2. To attack the products of specific companies.
3. Some consider their creations to be works of art, and see as a creative hobby.
4. Financial gain from identity theft
CREDIT CARD FRAUD:-

Intangible assets represented as data format such as money on deposits or hours of

work are the most common targets related to fraud.

Modern business is quickly replacing cash with deposits transacted on computer

system creating computer fraud. Credit Card information as well as personal and
financial information on credit card has been frequently targeted by organized
criminal crimes. Assets represented in data format often have considerably higher
value than traditionally economic assets resulting in potentially greater economic
class.

Computer Forgery:
This happens when data is altered which is stored in documents that are in
computerized form. Computers however can also be used as instruments for
committing forgery. A new generation of fraudulent alteration or duplication emerged
when computerized color laser copies became available.
These copies are capable of high-resolution copying, modification of documents that
are even creating false documents without benefit of original. They produce
documents with an equality that is indistinguishable from original documents.
Experts can only distinguish this.The widespread of computer networks is the need
for people with common and shared interest to communicate with each other.
Information can easily be represented and manipulated in electronic form. To meet
the needs of sharing and communicating information, the computers need to be
connected which is called data communication network.
 PHISHING:

Phishing is a cyber attack that uses disguised email as a weapon. The goal is to
trick the email recipient into believing that the message is something they want or
need — a request from their bank, for instance, or a note from someone in their
company — and to click a link or download an attachment.

What really distinguishes phishing is the form the message takes: the attackers
masquerade as a trusted entity of some kind, often a real or plausibly real person, or
a company the victim might do business with. It's one of the oldest types of cyber
attacks, dating back to the 1990s, and it's still one of the most widespread and
pernicious, with phishing messages and techniques becoming increasingly
sophisticated.

Some phishing scams have succeeded well enough to make waves:

 Perhaps one of the most consequential phishing attacks in history happened

in 2016, when hackers managed to get Hillary Clinton campaign chair John Podesta
to offer up his Gmail password.
 The "fappening" attack, in which intimate photos of a number of celebrities
were made public, was originally thought to be a result of insecurity on Apple's
iCloud servers, but was in fact the product of a number of successful phishing
attempts.
 In 2016, employees at the University of Kansas responded to a phishing
email and handed over access to their paycheck deposit information, resulting in
them losing pay.
SPOOFING:-

Getting one computer on a network to pretend to have identity of another computer,

usually one with special access Privileges , so as to obtain access to the other
computers on the network.

For e.g. Pranab Mitra , former executive of Gujrat Ambuja Cement posed as a
woman,Rita Basu, and created a fake e-mail ID through which he contacted V.R.
Ninawe an Abu Dhabi businessmen. After long cyber relationships and emotional
messages Mitra sent an Email that “She would commit suicide”, if Ninawe ended the
relationship. He also gave him his friend’s, Ms. Sengupta’s Email ID , which was one
of his own bogus Id’s again. When Ninawe mailed Ms. Sengupta, he was shocked to
find out that Mitra has died and Police is searching for Ninawe. Mitra extorted few
lacs Rupees as advocate fees etc. Mitra even sent e-mails as high court and police
officials to extort more money. Ninawe finally came down to Mumbai to lodge a
police case.

CYBER STALKING :-

The Criminal follows the victim by sending emails,, entering the chat rooms
frequently. In order to harass a women her telephone number is given to others as if
she wants to befriend males befriend males.
SALAMI ATTACKS:

A salami attack is when small attacks add up to one major attack that can go
undetected due to the nature of this type of cyber crime. It also known as salami
slicing. Although salami slicing is often used to carry out illegal activities, it is only a
strategy for gaining an advantage over time by accumulating it in small increments, so
it can be used in perfectly legal ways as well .
The attacker uses an online database to seize the information of customers that is
bank/credit card details deducting very little amounts from every account over a
period of time. The customers remain unaware of the slicing and hence no complaint
is launched thus keeping the hacker away from detection.

In January 1993, four executives of a rental-car franchise in Florida were charged

with defrauding at least 47,000 customers using a salami technique.
In Los Angeles, in October 1998, district attorneys charged four men with fraud for
allegedly installing computer chips in gasoline pumps that cheated consumers by
overstating the amounts pumped.
In 2008, a man was arrested for fraudulently creating 58,000 accounts which he used
to collect money through verification deposits from online brokerage firms a few
cents at a time. While opening the accounts and retaining the funds may not have been
illegal by themselves, the authorities charged that the individual opened the accounts
using false names (including those of cartoon characters), addresses, and social
security numbers, thus violating the laws against mail fraud, wire fraud, and Bank
Fraud.
 PRECAUTIONS TO PREVENT CYBER CRIME

No data is completely safe. But we can take precautionary measures by which our
data can be kept protected. Some steps are:

1. Firewalls:
These are the gatekeepers to a network from the outside. Firewall should
be installed at every point where the computer system comes in contact with other
networks, including the internet a separate local area network at a customer’s site or
telecommunication switch.

2. Password protection:
At minimum, each item they logon, all PC use e required to
type-in password that only they and network administrator know. PC users should
avoid picking words,phrases or numbers that anyone can guess easily, such as birth
dates or child name. A password must contain at least one upper case, one lower case,
one special character and should be of minimum length of 8 letters.

3. Viruses:
Viruses generally infect local area networks through workstations. So anti-
virus software that works only on the server is not enough.
You cannot get a virus or any system-damaging software by reading e-mail.Viruses
and system-destroying bugs can only exist in files, and e-mail is not a system file.
Viruses cannot exist there. Viruses are almost always specific of the operating system
involved. Meaning viruses designed to infect DOS application can do no damage to
MAC systems, and vice versa. Only exception is the microsoft word macro virus that
infects documents instead of program.
4. Encryption:
Even if intruders manage to break through a firewall, the data on a
network can be made safe if it is encrypted. Many software packages and network
programs Microsoft Windows NT, Novel NetWare, and lotus notes among others-
offer and on encryption schemes that encode all the data sent on the network. In
addition, companies can buy stand alone encryption packages to work with individual
applications. Almost every encryption package is based on an approach known as
public-private key.
Scrambled data is encoded using a secret key unique to that transmission. Receiver
uses combination of sender’s public key and their own private encryption key to
unlock the secret code of the message to decipher it.

5. Never send your credit card number to any site which is not secured.
 CONCLUSION

The issue of network and Internet security has become increasingly more important as
more and more business and people go on-line. To avoid the information from
hackers we use the passwords secretly and change the passwords regularly. We
cannot use our names, initials as passwords that are traced. We should not download
any executable files from unknown sources, inform o any sources without checking
for virus. We have to use licensed anti-virus software. Also teams like CERT and
FIRST assist in solving hacker attacks and to disseminate a information on security.
 REFERENCES

1. www.google.com

2. www.usdoj.gov/criminal/cybercrime/index.html

3. https://www.floridatechonline.com/blog/information-

technology/a-brief-history-of-cyber-crime/