COMPUTER CRIME AND INVESTIGATION TECHNIQUE –

CCF20203ASSIGNMENT 3

Received Date :
Submission Date : 2 / 5 /
Weightage : 20 %
Semester : FEB 2023

Instruction to students:
• This is GROUP assignment (4 students).
• Complete this cover sheet and attach it to your assignment (first page).

Student declaration:
I declare that:
• This assignment is my own work.
• I understand what is meant by plagiarism.
• My lecturer has the right to deduct my marks in the case of:
- Late submission
- Any plagiarism found in my assignment.

Name Student ID
Dinika Raj Kumar 012022021304

Nimatha Sivasubramaniam 012023022101

Kirthiaini Muraly 012022021201

Total

MARKS:
The expansion of the internet and the broad use of technology in society have led to an increase in
computer crimes in recent years. These crimes can occur in a variety of ways and can have a serious
effect on people, organisations, and even countries. Here are a few instances of computer crimes
that are regularly covered by the media:

1. Cybercrimes: Cybercrimes refer to a broad range of unlawful behaviours carried out online
and on computers. This can include malware attacks, phishing scams, identity theft, and
hacking. Cybercrimes are frequently committed by people or organisations who want to steal
financial or personal data for their own gain.
2. Network Crimes: Internet-based computer networks, such as the one used for the internet,
are used to conduct offences known as "network crimes." Distributed denial of service (DDoS)
assaults, data breaches, and network penetration are a few examples of network crimes.

Two real cases of computer crimes that have occurred in recent years:

l The Equifax Data Breach

l The Wannacry Ransomware attack

The Equifax Data Breach

The Equifax Data Breach: One of the biggest credit reporting companies in the United States,
Equifax, experienced a significant data breach in 2017 that resulted in the exposure of over 143
million people's personal data. A flaw in the company's website software led to the breach, which
gave hackers access to private information such Social Security numbers, birth dates, and
addresses.

One of the three main consumer credit reporting companies, Equifax, announced on Thursday that
hackers had accessed corporate data that may have exposed private information for 143 million
American individuals, including Social Security and driver's licence numbers.

The company's assault is the third significant cybersecurity threat to the organisation since 2015,
and it poses one of the highest current threats to personally identifiable information.

Atlanta-based Equifax is a particularly alluring target for cybercriminals. Identity thieves would go
straight to one of the three big credit reporting agencies if they wanted to target one location and
collect all the information they needed to cause the greatest harm.

Atlanta-based Equifax is a particularly alluring target for cybercriminals. Identity thieves would go
straight to one of the three big credit reporting agencies if they wanted to target one location and
collect all the information they needed to cause the greatest harm.

An examination by Equifax and security experts found that between mid-May and July, criminals
were able to access certain files in the company's system by taking advantage of a flaw in website
software. The business claimed to have uncovered the hack on July 29 and has not subsequently
found any proof of unauthorised activity on its primary consumer or business credit reporting
databases.

Hackers were also able to get names, birthdates, and addresses in addition to the other
information. Documents including the personal information utilised in legal issues for 182,000
persons as well as credit card data for 209,000 customers were stolen.

The penetration at Equifax was dwarfed in magnitude by other intrusions, such as the two
breaches that Yahoo reported in 2016, but the Equifax attack is more severe. Much more private
information was taken by thieves, including the passwords to people's bank accounts, employee
accounts, and medical histories.
According to Avivah Litan, a fraud expert at Gartner, "this is a 10 on a scale of 1 to 10 in terms of
risk to consumers."

An F.B.I. spokeswoman stated that the organisation was monitoring the situation and was aware
of the violation.

Last year, crucial W-2 tax and salary information from an Equifax website was successfully stolen
by identity thieves. And early this year, criminals once more stole W-2 tax data from TALX, an
Equifax subsidiary that offers some of the biggest companies in the country online payroll, tax, and
human resources services.

On Thursday, security experts criticised Equifax for not enhancing its security procedures in the
wake of those earlier breaches. They also pointed out that a straightforward website flaw allowed
hackers to access the company's most valuable assets.

According to Ms. Litan, "Equifax should have multiple layers of controls" to ensure that even if
hackers are successful in breaking in, they can be prevented before they can cause too much
harm.

Three top officials, including the business's chief financial officer, John Gamble, sold shares worth
about $1.8 million in the days following the breach's discovery, potentially contributing to criticism
of the corporation. According to Bloomberg, the shares were not a part of a transaction that was
preplanned.

According to the company's website, it controls a database containing personnel data from more
than 7,100 firms and handles data on more than 820 million people and 91 million enterprises
globally.

A large portion of the data that is meant to act as a safety net against security breaches is also
housed by Equifax. In the case that clients lose access to their accounts, the agency offers a
service that gives businesses the questions and answers required for their account recovery.
The WannaCry Ransomware

The WannaCry ransomware assault expanded globally in May 2017 and infected hundreds of
thousands of machines across more than 150 nations. Users' files were encrypted during the
attack, which targeted machines running Microsoft Windows and demanded payment in
exchange for a decryption key. When a security researcher discovered a "kill switch" in the virus
code, the attack was eventually terminated.

In May 2017, the WannaCry ransomware attacked thousands of computers across the globe. It
was able to take advantage of a flaw in Microsoft Windows operating systems, which allowed it
to propagate rapidly and wreak extensive harm. The ransom price increased the longer the victim
waited to pay. The spyware encrypts files on infected machines and demands payment in Bitcoin
to decrypt them.

The National Health Service (NHS) and other organizations throughout the world, including
government institutions in China, Russia, the US, and the majority of Europe, were hit by
this WannaCry ransomware. One of the nations most severely impacted by the WannaCry attack
was India. A significant ransomware assault that targeted NHS England also caused the
cancellation of some patient operations.

The attack happened after the US National Security Agency identified the EternalBlue weakness
in Microsoft's software. This exploit was published earlier this year by the Shadow Brokers, a
hacker collective, but Microsoft immediately patched the flaw. Earlier versions of Windows or
those lacking Windows Updates are to blame for the issue because they were not updated by
Microsoft and were thus vulnerable to assaults. Because Windows XP, operating systems was at
risk, yet it was continued to be widely utilised in Russia and India, these nations were particularly
hard hit.

The WannaCry ransomware assault brought attention to the expanding danger of cybercrime
and the need for more effective tools and techniques to stop, identify, and investigate such
attacks. Future directions in cybercrime research could be as follows:

l Developing malware analysis methods: As malware's complexity and sophistication increase,

so too must the methods and tools used to study, analyse, and comprehend it. The development
of more sophisticated techniques for analysing and reverse-engineering malware may be the
 focus of future study, giving investigators a greater understanding of how it functions and
enabling them to detect and lessen its impacts.

l Enhancing cybersecurity defences: It's critical to have strong cybersecurity defences in place to
stop ransomware attacks and other forms of cybercrime. Future studies might concentrate on
creating novel defence mechanisms and tactics, like advanced threat intelligence, machine
learning, and artificial intelligence.

l Enhancing cybercrime investigations: Investigations into cybercrime can involve enormous

volumes of data, various jurisdictions, and are complex and difficult. The development of better
methods and technologies for gathering, processing, and presenting digital evidence as well as
enhancing cooperation between law enforcement agencies and other stakeholders may be the
main topics of future study.

l Targeting the underlying causes of cybercrime: Financial gain or other motivations are often
used as provocation by hackers. Future studies may examine the fundamental economic, social,
and psychological elements that underlie cybercrime and devise tactics for dealing with these
underlying causes.

At last, the WannaCry ransomware attack served as a warning to the world community that
cybercrime is a growing concern. Better tools and tactics for preventing, identifying, and
responding to these threats will be developed with the help of future research directions for
cybercrime investigations.
Future Research Directions for Cyber Crime Investigation

Law enforcement organisations will need to create new methods and instruments to investigate new
kinds of computer crimes that will occur as technology continues to evolve. Here are some potential
directions for future research in the study of cybercrime:

1. Artificial Intelligence (AI): Using AI, investigators may be able to analyse vast amounts of data
and spot trends that may be indicative of criminal conduct. AI may also be utilised to create
predictive models that can be used to stop cybercrime in its tracks.
2. Blockchain technology has the potential to offer a more secure and transparent method of
storing and transferring data, which could assist to reduce data breaches and other forms of
criminality. Blockchain's potential applications for preventing and investigating cybercrime
could be studied by researchers.
3. Big Data Analysis: Investigators may be able to spot patterns and abnormalities that could be
signs of cybercrime by analysing vast amounts of data. This can entail creating fresh methods
and algorithms for processing and analysing data in real-time.

In conclusion, network crimes and cybercrime are common and can have a big impact on people,
businesses, and governments. New methods and instruments must be created in order to
investigate and stop these crimes as technology advances. Future studies may focus on using
blockchain technology, artificial intelligence, and big data analysis.

REFERENCE

I. https://www.nytimes.com/2017/09/07/business/equifax-cyberattack.html

II. https://www.geeksforgeeks.org/what-is-wannacry-how-does-wannacry-ransomware-work/
Report Assessment Rubrics
Name:
Matrix No:
Semester: FEB 2023

Needs Below Proficient Excellent Mark

Improvement Average/Developing s
Category 6-8 mark 9-10 mark
0-2 mark 3-5 mark
Cannot understand Difficult to follow Information in Information in
questions--no questions--student logical sequence logical, interesting
Organization /5
sequence of jumps around sequence
information
Some relevant Facts identified, but Student covers Unavailable facts
facts not identified. some may not be most (at least 4) of that were relative to
Knowledge of Topic
relevant to case or required areas in the ethical outcome
and all parts of Student is missing
may be slightly project, but a few were also identified.
project are most of the
misinterpreted. points are missing
represented. required areas (3 or Facts were
Student is missing and not explained
more) in the assembled before.
more than a few (2 or fully. Student
project. Pages All five required
3) required areas in mostly provides
1. Summary of contain little to no the project. details which show
areas are
Person/Company information and they did above
represented in
the student does Ethics and Law is not project. Student
2. Define and not elaborate on fully explained. Less average research provides detail
explain code of any points outside than most of the on the person/ which shows they
ethics and Law of the report. information contained company chosen did sufficient
and most of the
3. Describe the Student did very in the project is research on the /10
computer crimes
ethical issues little research on a accurate and justified. person/company
are explained and
person/ company chosen as well as the
4. Able to Explain a for the project. justified.
Ethics and Law
situation for involved.
potential ethical
problems
5. Identify the
affected parties
(stakeholders)
Writing lacks Writing is coherent Writing is coherent Writing shows high
logical and logically and logically degree of attention
organization. It organized. organized with to logic and
shows some. transitions used reasoning of points.
Some points remain
coherence but between Unity clearly leads
Organization misplaced and stray
ideas lack unity. the reader to the /10
from the topic. ideas and
Serious errors. conclusion and stirs
paragraphs to thought.
create coherence.
 Does not justify Presents only Uses a variety of Uses a variety of
conclusions with evidence that sources in reaching sources in reaching
Research /5
research evidence supports a conclusions accurate
conclusions
preconceived point of
view
Presenter didn’t Student showed good Student showed a Extensive
understand topic. understanding of good knowledge of topic.
Majority of some parts of topic. understanding of Accurately
Comprehension questions topic. answered all /10
answered questions posed.
incorrectly.
Following format, Following format and Following format, Not following
include table of include reference but there is no format and there is
content, title of reference no reference
Formatting each topic and /10
include
reference
Total 50
 Rubric for Grading Oral Presentation (Assignment 3)

Name: Dinika Raj Kumar

Matrix No:
012022021304

Semester: FEB 2023

No. 0-2 3-5 6-8 9-10

Category Mark
poor Acceptable Good Excellent
Not all questions Answers weren’t Good answers but Technical terms
Content were answered. enough to cover it lacks to a good are well-defined in
1. all the formatting and appropriate /10
questions. English grammar. language and
formatting.

Presenter didn’t Student showed Student showed a Extensive

understand good good knowledge of
2. Comprehension topic. Majority of understanding of understanding of topic. Accurately /10
questions some parts of topic. Answered all
answered topic. questions posed.
incorrectly.
Writing lacks Writing is Writing is Writing shows
logical coherent and coherent and high degree of
organization. It logically logically organized attention.
shows some. organized. with to logic and
coherence but Some transitions used reasoning of
3 Organization ideas lack points remain between points. Unity /10
unity. Serious misplaced and ideas and clearly leads the
errors. stray from the paragraphs to reader to the
topic. create. conclusion and
coherence. stirs thought.

Minimal eye Presenter Most members Regular/constant

contact by focused on only spoke to majority eye contact, the
presenter part of audience. of audience; audience was
focusing on Sporadic eye steady eye engaged, and
small part of contact. contact. presenters held
audience. The audience The audience was the audience’s
Communication The audience was distracted. engaged by the attention.
4. was not Speaker could presentation. Appropriate /10
skills engaged. be heard by only Majority of
speaking volume.
Presenter spoke half of the presenters spoke
too quickly or audience. at a suitable
quietly making it volume.
difficult to
understand.

Disinterested Body language Some fidgeting by Appropriate body

5. Psychomotor body language. was distracting. speaker. language /10

Total 50
 Rubric for Grading Oral Presentation (Assignment 3)

Name: Nimatha Sivasubramaniam

Matrix No:
012023022101

Semester: FEB 2023

No. 0-2 3-5 6-8 9-10

Category Mark
poor Acceptable Good Excellent
Not all questions Answers weren’t Good answers but Technical terms
Content were answered. enough to cover it lacks to a good are well-defined in
1. all the formatting and appropriate /10
questions. English grammar. language and
formatting.

Presenter didn’t Student showed Student showed a Extensive

understand good good knowledge of
2. Comprehension topic. Majority of understanding of understanding of topic. Accurately /10
questions some parts of topic. Answered all
answered topic. questions posed.
incorrectly.
Writing lacks Writing is Writing is Writing shows
logical coherent and coherent and high degree of
organization. It logically logically organized attention.
shows some. organized. with to logic and
coherence but Some transitions used reasoning of
3 Organization ideas lack points remain between points. Unity /10
unity. Serious misplaced and ideas and clearly leads the
errors. stray from the paragraphs to reader to the
topic. create. conclusion and
coherence. stirs thought.

Minimal eye Presenter Most members Regular/constant

contact by focused on only spoke to majority eye contact, the
presenter part of audience. of audience; audience was
focusing on Sporadic eye steady eye engaged, and
small part of contact. contact. presenters held
audience. The audience The audience was the audience’s
Communication The audience was distracted. engaged by the attention.
4. was not Speaker could presentation. Appropriate /10
skills engaged. be heard by only Majority of
speaking volume.
Presenter spoke half of the presenters spoke
too quickly or audience. at a suitable
quietly making it volume.
difficult to
understand.

Disinterested Body language Some fidgeting by Appropriate body

5. Psychomotor body language. was distracting. speaker. language /10

Total 50
 Rubric for Grading Oral Presentation (Assignment 3)

Name: Kirthiaini Muraly

Matrix No:
012022021201

Semester: FEB 2023

No. 0-2 3-5 6-8 9-10

Category Mark
poor Acceptable Good Excellent
Not all questions Answers weren’t Good answers but Technical terms
Content were answered. enough to cover it lacks to a good are well-defined in
1. all the formatting and appropriate /10
questions. English grammar. language and
formatting.

Presenter didn’t Student showed Student showed a Extensive

understand good good knowledge of
2. Comprehension topic. Majority of understanding of understanding of topic. Accurately /10
questions some parts of topic. Answered all
answered topic. questions posed.
incorrectly.
Writing lacks Writing is Writing is Writing shows
logical coherent and coherent and high degree of
organization. It logically logically organized attention.
shows some. organized. with to logic and
coherence but Some transitions used reasoning of
3 Organization ideas lack points remain between points. Unity /10
unity. Serious misplaced and ideas and clearly leads the
errors. stray from the paragraphs to reader to the
topic. create. conclusion and
coherence. stirs thought.

Minimal eye Presenter Most members Regular/constant

contact by focused on only spoke to majority eye contact, the
presenter part of audience. of audience; audience was
focusing on Sporadic eye steady eye engaged, and
small part of contact. contact. presenters held
audience. The audience The audience was the audience’s
Communication The audience was distracted. engaged by the attention.
4. was not Speaker could presentation. Appropriate /10
skills engaged. be heard by only Majority of
speaking volume.
Presenter spoke half of the presenters spoke
too quickly or audience. at a suitable
quietly making it volume.
difficult to
understand.

Disinterested Body language Some fidgeting by Appropriate body

5. Psychomotor body language. was distracting. speaker. language /10

Total 50