CYBER LAW Notes
CYBER LAW Notes
CYBER LAW Notes
A cracker is a person who breaks into or otherwise violates the system integrity of remote
machines, with malicious intent. Crackers, having gained unauthorized access, destroy vital data,
deny legitimate users service, or basically cause problems for their targets. Crackers can easily be
identified because their actions are malicious. a black hat or cracker breaks into systems illegality for
personal gain, vandalism, or bragging rights. A cracker doesn’t need to be particularly
knowledgeable or skillful; in fact, most of them aren’t. Few crackers are skilled enough to create their
own software tools, so most rely on automated programs that they download from disreputable Web
sites.Because crackers know they are breaking the law, they do everything they can to cover their
tracks. Fortunately, security professionals catch quite a few of them because the majority of crackers
lack real skill.
Phreaker, person who hacks into a telecommunications system; a person whomakes fraudulent use
of a telephone or computer system by electronicmeans. A phreak is a hacker who specializes in
phone systems. These days, however, phreaking is more of a cracker activity. At one time, phreaks
were enthusiastic about telephone networks and simply wanted to understand how they worked and
explore them. Ethical phreaks didn’t steal services or cause damage; they just used their technical
skill to play with the system. Phone systems have changed and are less susceptible to technological
hacks. As a result, modern phreaks intent on cracking the telecommunications systems often rely on
criminal acts such as stealing phone cards and cloning cell phones.
Ans:- Practice:
Don't trust email attachments these may contain malicious software that can harm your computer.
Make sure you look for signs a website is safe. There is software available to notify you when a
website isn't safe.
Patches:
New vulnerabilities are often found in software. Software vendors try to stay ahead of attackers by
offering updates. It's a good idea to apply those updates instead of ignoring them.
Passwords:
They are the first line of defense to protect you online. A good password doesn't have to be hard to
remember there is a way you can create an easy to remember password that can keep you safe.
3. Virus hoax.
Ans:- A computer virus hoax is a message warning the recipients of a non-existent computer
virus threat. The message is usually a chain e-mail that tells the recipients to forward it to everyone they
know. Virus hoaxes are usually harmless and accomplish nothing more than annoying people who
identify it as a hoax and waste the time of people who forward the message. Nevertheless, a number of
hoaxes have warned users that vital system files are viruses and encourage the user to delete the file,
possibly damaging the system. Examples of this type include the jdbgmgr.exe virus hoax.
Some consider virus hoaxes and other chain e-mails to be a computer worm in and of themselves. They
replicate by social engineering—exploiting users' concern, ignorance, and disinclination to investigate
before acting.
Hoaxes are distinct from computer pranks, which are harmless programs that perform unwanted and
annoying actions on a computer, such as randomly moving the mouse, turning the screen display upside
down, etc.
4. War Dialing
Ans:- War dialing or wardialing is a technique of using a modem to automatically scan a list
of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin
board systems and fax machines. Hackers use the resulting lists for various purposes: hobbyists for
exploration, and crackers - malicious hackers who specialize in computer security - for guessing user
accounts (by capturing voicemail greetings), or locating modems that might provide an entry-point into
computer or other electronic systems. It may also be used by security personnel, for example, to detect
unauthorized devices, such as modems or faxes, on a company's telephone network.
5. Cyber bullying
Ans:- Cyberbullying is the use of information technology to repeatedly harm or harass other people in a
deliberate manner.
With the increase in use of these technologies, cyberbullying has become increasingly common,
especially among teenagers.Awareness has also risen, due in part to high-profile cases like the suicide
of Tyler Clementi.
Cyberbullying is defined in legal glossaries as
actions that use information and communication technologies to support deliberate, repeated, and hostile
behavior by an individual or group, that is intended to harm another or others.
use of communication technologies for the intention of harming another person
use of internet service and mobile technologies such as web pages and discussion groups as well as
instant messaging or SMS text messaging with the intention of harming another person.
A cyberbully may be a person whom the target knows or an online stranger. A cyber bully may be
anonymous and may solicit involvement of other people online who do not even know the target. This is
known as a "digital pile-on.
Cyber stalking may include false accusations, monitoring, making threats, identity theft, damage to data
or equipment, the solicitation of minors for sex, or gathering information in order to harass. A repeated
pattern of such actions and harassment against a target by an adult constitutes cyber stalking. Cyber
stalking often features linked patterns of online and offline behavior. There are consequences of law in
offline stalking and online stalking, and cyber stalkers can be put in jail. Cyber stalking is a form of
cyberbullying.
7. Ping of Death
Ans:- A ping of death is a type of attack on a computer that involves sending a malformed or
otherwise malicious ping to a computer. Ping of Death (a.k.a. PoD) is a type of Denial of
Service (DoS) attack in which an attacker attempts to crash, destabilize, or freeze the targeted
computer or service by sending malformed or oversized packets using a simple ping command.
While PoD attacks exploit legacy weaknesses which may have been patched in target systems.
However, in an unpatched systems, the attack is still relevant and dangerous. Recently, a new type
of PoD attack has become popular. This attack, commonly known as a Ping flood, the targeted
system is hit with ICMP packets sent rapidly via ping without waiting for replies.
A correctly formed ping message is typically 56 bytes in size, or 84 bytes when the Internet
Protocol [IP] header is considered. Historically, many computer systems could not properly handle a
ping packet larger than the maximum IPv4 packet size of 65535bytes. Larger packets
could crash the target computer.
Later a different kind of ping attack became widespread—ping flooding simply floods the victim with
so much ping traffic that normal traffic fails to reach the system, a basicdenial-of-service attack.
8. Virus detail
Ans:- A computer virus is a malware program that, when executed, replicates by inserting copies of
itself (possibly modified) into othercomputer programs, data files, or the boot sector of the hard drive;
when this replication succeeds, the affected areas are then said to be "infected". [1][2][3][4] Viruses often
perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time,
accessing private information, corrupting data, displaying political or humorous messages on the user's
screen, spamming their contacts, or logging their keystrokes. A computer virus is a computer program
that can infect other computer programs by modifying them in such a way as to include a (possibly
evolved) copy of it. Note that a program does not have to perform outright damage (such as deleting or
corrupting files) in order to be called a "virus".
Stealth virus
A stealth virus is one that hides the modifications it has made in the file or boot record, usually by
monitoring the system functions used by programs to read files or physical blocks from storage media,
and forging the results of such system functions so that programs which try to read these areas see the
original uninfected form of the file instead of the actual infected form. Thus the viral modifications go
undetected by anti-viral programs. However, in order to do this, the virus must be resident in memory
when the anti-viral program is executed.
The very first DOS virus, Brain, a boot-sector infector, monitors physical disk I/O and redirects any
attempt to read a Brain-infected boot sector to the disk area where the original boot sector is stored. The
next viruses to use this technique were the file infectors Number of the Beast and Frodo. Examples:
Frodo, Joshi, Whale
Resident Viruses
This type of virus is a permanent which dwells in the RAM memory. From there it can overcome and
interrupt all of the operations executed by the system: corrupting files and programs that are opened,
closed, copied, renamed etc.
4. Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that
it infects, rendering them partially or totally useless once they have been infected.
The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing
the original content.
5. Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in
which information on the disk itself is stored together with a program that makes it possible to boot
(start) the computer from the disk.
The best way of avoiding boot viruses is to ensure that floppy disks are write-protected and
never start your computer with an unknown floppy disk in the disk drive.
6. Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain
macros. These mini-programs make it possible to automate series of operations so that they are
performed as a single action, thereby saving the user from having to carry them out one by one.
7. Directory Virus
Directory viruses change the paths that indicate the location of a file. By executing a program (file
with the extension .EXE or .COM) which has been infected by a virus, you are unknowingly running
the virus program, while the original file and program have been previously moved by the virus.
Once infected it becomes impossible to locate the original files. Examples: Dir-2 virus
8. Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and
encryption keys) every time they infect a system.
This makes it impossible for anti-viruses to find them using string or signature searches (because
they are different in each encryption) and also enables them to create a large number of copies of
themselves.
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of
the normal functioning of the computer.
This type of virus attack can be especially dangerous, by preventing access to certain sections of the
disk where important files are stored. Damage caused can result in information losses from
individual files or even entire directories. Examples: Link Virus
1. Cannot exist in a viable form, apart from another (usually legitimate) program.
2. Propagates when the host program is executed.
3. Has an incubation period, during which no damage is done.
4. After incubation period, begins to manifest its behavior.
5. Can be Polymorphic: Some viruses have the ability to modify your code, which means that a virus
may have multiple similar variations, making them difficult to detect.
6. The virus can bring other viruses: A virus can lead to another virus making it much more lethal
and help each other to hide or even assist you to infect a particular section of the computer.
7. Can be furtive: stealthy viruses (stealth) first attach themselves to files on the computer and then
attack the computer, this causes the virus to spread more quickly.
1. In the "boot" sector of any floppy disk. This is a small program which runs whenever the
computer is "booted" from the diskette, whether or not the diskette is "bootable." (This is
the tiny program which puts the message "Non-system disk or disk error" on the screen if
the disk is not bootable!)
2. Attached to any program: shareware, commercial or public domain.
3. Embedded in the hidden system files IO.SYS and MSDOS.SYS on the boot disk or drive.
4. Same as #2, but pay SPECIAL ATTENTION to the file COMMAND.COM on the boot
disk or drive.
5. The "partition table" on a hard drive. (This DOES contain executable information, since it is
attached to the "Master Boot Record" which is consulted at boot-up to determine whether to
boot DOS, OS/2, UNIX, etc.)
1) Dormant Phase
Here, the virus remains idle and gets activated based on a certain action or event(for example, a
user pressing a key or on a certain date and time etc)
2)Propagation Phase
The virus starts propagating, that is multiplying itself. A piece of code copies itself and each copy
starts copying more copies of self, thus propagating.
3)Triggering Phase
A Dormant virus moves into this phase when it gets activated, that is, the event it was waiting
for gets initialised.
4)Execution Phase
This is the actual work of the virus. It can be destructive(deleting files on disk) or
harmless(popping messages on screen).
How does it infect a It inserts itself into a file or executable It exploits a weakness in an
computer system? program. application or operating system by
replicating itself.
It has to rely on users transferring It can use a network to replicate
How can it spread? infected files/programs to other itself to other computer systems
computer systems. without user intervention.
Does it infect files? Yes, it deletes or modifies files. Usually not. Worms usually only
Sometimes a virus also changes the monopolize the CPU and memory.
location of files.
Threat vs Attack
A threat is a category of objects, persons, or other entities that represents a constant danger to
an asset”.
“An attack is an act or event that exploits vulnerability”.
Main difference between threat and attack is a threat can be either intentional or unintentional
where as an attack is intentional. Threat is a circumstance that has potential to cause loss or
damage whereas attack is attempted to cause damage. Threat to the information system doesn’t
mean information was altered or damaged but attack on the information system means there
might be chance to alter, damage, or obtain information when attack was successful.
SMS phishing uses cell phone text messages to deliver the bait to induce people to divulge their personal
information. The hook (the method used to actually capture people's information) in the text message
may be a website URL, but it has become more common to see a telephone number that connects to an
automated voice response system. The SMS phishing message usually contains something that
demands the target's immediate attention. Examples include "We confirm that you have signed up for our
dating service.
Voice phishing is the criminal practice of using social engineering over the telephone system to gain
access to private personal and financial information from the public for the purpose of financial reward.
Sometimes referred to as 'vishing',[1] the word is a combination of "voice" and phishing. Voice phishing
exploits the public's trust in landline telephone services, which have traditionally terminated in physical
locations known to the telephone company, and associated with a bill-payer. Voice phishing is typically
used to steal credit card numbers or other information used in identity theft schemes from individuals.
Some fraudsters use features facilitated by Voice over IP (VoIP). Features such as caller ID spoofing (to
display a number of their choosing on the recipients phone line), and automated systems (IVR).
Voice phishing is difficult for legal authorities to monitor or trace. To protect themselves, consumers are
advised to be highly suspicious when receiving messages directing them to call and provide credit card
or bank numbers — vishers can in some circumstances intercept calls that consumers make when trying
to confirm such messages.
10.Trozan horse
Ans:- A Trojan horse, or Trojan, in computing is generally a non-self-replicating type
of malware program containing malicious code that, when executed, carries out actions determined by
the nature of the Trojan, typically causing loss or theft of data, and possible system harm. A Trojan may
give a hacker remote access to a targeted computer system. Operations that could be performed by a
hacker, or be caused unintentionally by program operation, on a targeted computer system include:
Trojan horses in this way may require interaction with a malicious controller (not necessarily distributing
the Trojan horse) to fulfill their purpose. It is possible for those involved with Trojans to scan computers
on a network to locate any with a Trojan horse installed, which the hacker can then control. [
Notable Trojan horses
Logic Bombs
Logic bombs are small programs or sections of a program triggered by some event such as a certain
date or time, a certain percentage of disk space filled, the removal of a file, and so on. For example, a
programmer could establish a logic bomb to delete critical sections of code if she is terminated from the
company. Logic bombs are most commonly installed by insiders with access to the system.
Trojan Horses
Trojan horses (often just called Trojans) are programs that must be installed or executed by a user to be
effective. Often, these are disguised as helpful or entertaining programs which can include operating
system patches, Linux packages, or games. Once executed, however, Trojans perform actions the user
did not intend such as opening certain ports for later intruder access, replacing certain files with other
malicious files, and so on.1
Trap doors
Trap doors, also referred to as backdoors, are bits of code embedded in programs by the
programmer(s) to quickly gain access at a later time, often during the testing or debugging phase. If an
unscrupulous programmer purposely leaves this code in or simply forgets to remove it, a potential
security hole is introduced. Hackers often plant a backdoor on previously compromised systems to gain
later access. Trap doors can be almost impossible to remove in a reliable manner. Often, reformatting the
system is the only sure way.
There are many types of cyber crimes and the most common ones are explained below:
Hacking: This is a type of crime wherein a person’s computer is broken into so that his personal or
sensitive information can be accessed. In the United States, hacking is classified as a felony and
punishable as such. This is different from ethical hacking, which many organizations use to check their
Internet security protection. In hacking, the criminal uses a variety of software to enter a person’s
computer and the person may not be aware that his computer is being accessed from a remote location.
Theft: This crime occurs when a person violates copyrights and downloads music, movies, games and
software. There are even peer sharing websites which encourage software piracy and many of these
websites are now being targeted by the FBI. Today, the justice system is addressing this cyber crime and
there are laws that prevent people from illegal downloading.
Cyber Stalking: This is a kind of online harassment wherein the victim is subjected to a barrage of online
messages and emails. Typically, these stalkers know their victims and instead of resorting to offline
stalking, they use the Internet to stalk. However, if they notice that cyber stalking is not having the
desired effect, they begin offline stalking along with cyber stalking to make the victims’ lives more
miserable.
Identity Theft: This has become a major problem with people using the Internet for cash transactions
and banking services. In this cyber crime, a criminal accesses data about a person’s bank account, credit
cards, Social Security, debit card and other sensitive information to siphon money or to buy things online
in the victim’s name. It can result in major financial losses for the victim and even spoil the victim’s credit
history.
Malicious Software: These are Internet-based software or programs that are used to disrupt a network.
The software is used to gain access to a system to steal sensitive information or data or causing damage
to software present in the system.
Child soliciting and Abuse: This is also a type of cyber crime wherein criminals solicit minors via chat
rooms for the purpose of child pornography. The FBI has been spending a lot of time monitoring chat
rooms frequented by children with the hopes of reducing and preventing child abuse and soliciting.
This Act aims to provide the legal infrastructure for e-commerce in India. And the cyber laws have a major
impact for e-businesses and the new economy in India. So, it is important to understand what are the various
perspectives of the IT Act, 2000 and what it offers.
The Information Technology Act, 2000 also aims to provide for the legal framework so that legal sanctity is
accorded to all electronic records and other activities carried out by electronic means. The Act states that
unless otherwise agreed, an acceptance of contract may be expressed by electronic means of communication
and the same shall have legal validity and enforceability.
The IT Act 2000 attempts to change outdated laws and provides ways to deal with cyber crimes. We need
such laws so that people can perform purchase transactions over the Net through credit cards without fear of
misuse. The Act offers the much-needed legal framework so that information is not denied legal effect, validity
or enforceability, solely on the ground that it is in the form of electronic records.
In view of the growth in transactions and communications carried out through electronic records, the Act
seeks to empower government departments to accept filing, creating and retention of official documents in the
digital format. The Act has also proposed a legal framework for the authentication and origin of electronic
records / communications through digital signature.
From the perspective of e-commerce in India, the IT Act 2000 and its provisions contain many positive
aspects. Firstly, the implications of these provisions for the e-businesses would be that email would now be a
valid and legal form of communication in our country that can be duly produced and approved in a court of
law.
Companies shall now be able to carry out electronic commerce using the legal infrastructure provided by the
Act.
Digital signatures have been given legal validity and sanction in the Act.
The Act throws open the doors for the entry of corporate companies in the business of being Certifying
Authorities for issuing Digital Signatures Certificates.
The Act now allows Government to issue notification on the web thus heralding e-governance.
The term is derived from "squatting", which is the act of occupying an abandoned or unoccupied space or
building that the squatter does not own, rent, or otherwise have permission to use. Cybersquatting,
however, is a bit different in that the domain names that are being "squatted" are (sometimes but not
always) being paid for through the registration process by the cybersquatters. Cybersquatters usually ask
for prices far greater than that at which they purchased it. Some cybersquatters put up derogatory
remarks about the person or company the domain is meant to represent in an effort to encourage the
subject to buy the domain from them. Others post paid links via advertising networks to the actual site
that the user likely wanted, thus monetizing their squatting.
Under the Computer Misuse Act it is an offence to hack into somebody else’s computer or send them a form
of virus that allows them to obtain information from somebody else’s computer.
The reasoning for the introduction of this Act was the fear that individuals, in particular private investigators,
might be able to obtain information about other individuals without their knowledge or consent.
A common target for computer hackers is the intellectual property of a particular individual or company.
Intellectual property is a form of original creation which has the protection of a patent or copyright. But if
another individual or company can claim to have come up with the product without copying the original they
may well be able to sell it legally.
Cyber attacks
An increasing concern to all governments around the word is the role of what is known as cyber attacks.
Cyber attacks occur when an individual or group of individuals hack into the computer system of a company,
association or even government department and attempts to paralyse the system.
The motivation for carrying out a cyber attack can be vast; groups can range from those seeking information
to sell on, to interest groups looking to bring down whole companies, and even terrorist groups looking to
paralyse government departments.
14. Pharming
Ans:- Pharming is a cyber attack intended to redirect a website's traffic to another, fake site. Pharming can be
conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS
server software. DNS servers are computers responsible for resolving Internet names into their real IP
addresses. Compromised DNS servers are sometimes referred to as "poisoned". Pharming requires
unprotected access to target a computer, such as altering a customer's home computer, rather than a
corporate business server.
The term "pharming" is a neologism based on the words "farming" and "phishing". Phishing is a type of social-
engineering attack to obtain access credentials, such as user names and passwords. In recent years, both
pharming and phishing have been used to gain information for online identity theft. Pharming has become of
major concern to businesses hosting ecommerce and online banking websites. Sophisticated measures
known as anti-pharming are required to protect against this serious threat. Antivirus software and spyware
removal software cannot protect against pharming.
Steganography deals with composing hidden messages so that only the sender and the receiver know that
the message even exists. Since nobody except the sender and the receiver knows the existence of the
message, it does not attract unwanted attention. Steganography was used even in ancient times and these
ancient methods are called Physical Steganography. Some examples for these methods are messages
hidden in messages body, messages written in secret inks, messages written on envelopes in areas covered
by stamps, etc. Modern Steganography methods are called Digital Steganography. These modern methods
include hiding messages within noisy images, embedding a message within random data, embedding pictures
with the message within video files, etc. Furthermore, Network Steganography is used in telecommunication
networks. This includes techniques like Steganophony (hiding a message in Voice-over-IP conversations) and
WLAN Steganography (methods for transmitting Steganograms in Wireless Local Area Networks).
Cryptography is the study of hiding information, while Steganography deals with composing hidden messages
so that only the sender and the receiver know that the message even exists. In Steganography, only the
sender and the receiver know the existence of the message, whereas in cryptography the existence of the
encrypted message is visible to the world. Due to this, Steganography removes the unwanted attention
coming to the hidden message. Cryptographic methods try to protect the content of a message, while
Steganography uses methods that would hide both the message as well as the content. By combining
Steganography and Cryptography one can achieve better security.
Web cramming involves billing consumers for a web page they did not even know they had.This is
most often accomplished when criminals develop new web pages for small businesses and non-profit
groups for little or no expense.
Fighting cramming
Phone companies like Verizon respond by removing cramming charges from a consumer's bill upon
request, and will cease business with the company that crams. [11] Verizon, at the customer's request, will
put a Cramming Block on the customer's account, that prevents third parties from adding charges.
Spamming:- Spam is the term used for unsolicited, impersonal bulk electronic messages. Although email
spam is the most common form of spamming, others exist, like mobile phone messaging spam and instant
messaging spam.
Spam involves sending nearly identical messages to thousands (or millions) of recipients. Spammers use
software robots, called spambots (also Web crawlers or Web spiders) in order to get valid email addresses
from company Web sites, blogs and newsgroups. Common subjects of spam messages are pornographic or
other sexually related Web sites, various financial services or get-rich-quick schemes and health products.
Spam messages normally have a fake origin address, which is randomly generated, in order to keep the
author of the message from being easily discovered.
The term “cracking” means trying to get into computer systems in order to steal, corrupt, or illegitimately view
data. The popular press refers to such activities as hacking, but hackers see themselves as expert, elite
programmers and maintain that such illegitimate activity should be called “cracking.”
A keylogger is a tool that captures and records a user’s keystrokes. It can record instant messages, email,
passwords and any other information you type at any time using your keyboard. Keyloggers can be hardware
or software.
One common example of keylogging hardware is a small, battery-sized device that connects between the
keyboard and the computer. Since the device resembles an ordinary keyboard plug, it is relatively easy for
someone who wants to monitor a user’s behavior to physically hide such a device in plain sight.
Smurfinf refers to the use of smurf programs to us internet protocol and internet control message protocol
to send a request using a packet internet gopher to an internet host to test its response.
Computer intrusion is any malicious activity that harms a computer, or causes a computer or a computer
network to work in an unexpected manner. These attacks involves spreading of virus, denial of services or
exploitation of the operating system or a software feature.
Social Engineering
The term “social Engineering” means to fool a user by sending him an email or calling him to provide
confidential data like passwords etc.
Masquerading
In this type of attack a system is fooled into giving access by sending a TCP Packet that has a forged source
address which makes the packet appears to come from a trusted host.
This type of attack intent is to make resources or service unavailable to its intended users. Such DOS attacks
are carried out on websites to stop them from functioning.
Smurf Attack
This attack generates large amount of traffic on a victims network, which causes the network to crash. Smurf
Attack is a type of DOS attack.
Fraggle Attach
It is a type of DOS attach where the attacker sends a large amount of UDP echo traffic to IP broadcast
addresses.
Email Bombing
Email bombing means sending thousands of email to a victim causing the victim’s mail account or mail server
to crash.
Logic Bomb
A logic Bomb is an event driver attack. This type of attack activates only if certain even occurs.
Salami Attack
This type of attack is carried out for financial gains. In Salami Attack, the key is to make changes so small that
in a single case it can go unnoticed. For instance, a bank employee deducts 2 Dollars from every single
customer or transaction. The customer is unlikely to notice the change but the employee gets a fortune.
18.Clickjacking
20. Malvertisime
Ans:- Malvertising (from "malicious advertising") is the use of online advertising to spread malware.
Malvertising involves injecting malicious or malware-laden advertisements into legitimate online advertising
networks and webpages. Online advertisements provide a solid platform for spreading malware because
significant effort is put into them in order to attract users and sell or advertise the product. Because
advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors
an opportunity to push their attacks to web users who might not otherwise see the ads, due to firewalls, more
safety precautions, or the like. Malvertising is "attractive to attackers because they 'can be easily spread
across a large number of legitimate websites without directly compromising those websites'."
Malvertising is a fairly new concept for spreading malware and is even harder to combat because it can work
its way into a webpage and spread through a system unknowingly
Data diddling is the changing of data before or during entry into the computer system. diddling.
Examples include forging or counterfeiting documents used for data entry and exchanging valid disks and
tapes with modified replacements.
Super zapping is a technique made possible by a special program available on most computer systems- a
program that bypasses all system controls when the computer crashes and cannot be restarted with normal
recovery procedures.
This program, in effect, is a “master key” that can provide access to any part of the system. The super zap
program is a highly privileged “disaster aid” that very few computer system professionals are authorized to
use. In the wrong hands, it can be used to perform almost any unauthorized task.
Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) In
the world of information technology, dumpster diving is a technique used to retrieve information that could be
used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the
trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent
information like a phone list, calendar, or organizational chart can be used to assist an attacker using social
engineering techniques to gain access to the network. To prevent dumpster divers from learning anything
valuable from your trash, experts recommend that your company establish a disposal policy where all paper,
including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased,
and all staff is educated about the danger of untracked trash.
Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on
a network. For instance, programs such as Carnivore and NarusInsight have been used by
the FBI and NSA to eavesdrop on the systems of internet service providers. Even machines that operate
as a closed system (i.e., with no contact to the outside world) can be eavesdropped upon via monitoring
the faint electro-magnetic transmissions generated by the hardware; TEMPEST is a specification by the
NSA referring to these attacks.
Malware, short for malicious software, is any software used to disrupt computer operation, gather
sensitive information, or gain access to private computer systems. [1] Malware is defined by its malicious
intent, acting against the requirements of the computer user, and does not include software that causes
unintentional harm due to some deficiency. The term badware is sometimes used, and applied to both
true (malicious) malware and unintentionally harmful software. Malware may be stealthy, intended to
steal information or spy on computer users for an extended period without their knowledge.
In the context of network security, a spoofing attack is a situation in which one person or program
successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Evil Twin, the latest security threat to web users, according to wireless internet and cyber crime, hotspots
present a hidden danger for web usersusers think they’ve logged on to a wireless hotspot connection when, in
fact, they’ve been tricked to connect to the attacker’s unauthorised base station. The latter jams the connection to a
legitimate base station by sending a stronger signal within close proximity to the wireless client – thereby turning
itself into an ‘Evil Twin’, Once the user is connected to the ‘Evil Twin’, the cyber criminal can intercept data being
transmitted, such as bank details or personal information. “Cyber criminals don’t have to be that clever to carry out
such an attack. “Because wireless networks are based on radio signals, they can be easily detected by
unauthorised users tuning into the same frequency."
cyber espionage, is the act or practice of obtaining secrets without the permission of the holder of the
information (personal, sensitive, proprietary or of classified nature), from individuals, competitors, rivals,
groups, governments and enemies for personal, economic, political or military advantage using methods
on the Internet, networks or individual computers through the use of cracking techniques and malicious
software including Trojan horses and spyware. It may wholly be perpetrated online from computer desks
of professionals on bases in far away countries or may involve infiltration at home by computer trained
conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious
hackers and software programmers.
Distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource
unavailable to its intended users. DDOS are a special kind of hacking. A criminal salts an array of
computers with computer programs that can be triggered by an external computer user. These
programs are known as Trojan horses since they enter the unknowing users’ computers as
something benign, such as a photo or document attached to an e-mail. At a predesignated time, this
Trojan horse program begins to send messages to a predetermined site. If enough computers have
been compromised, it is likely that the selected site can be tied up so effectively that little if any
legitimate traffic can reach it. One important insight offered by these events has been that much
software is insecure, making it easy for even an unskilled hacker to compromise a vast number of
machines. Although software companies regularly offer patches to fix software vulnerabilities, not all
users implement the updates, and their computers remain vulnerable to criminals wanting to launch
DoS attacks.