@ MANIPAL INSTITUTE OF TECHNOLOGY

MANIPAL
P (A constituent wnit of MAHE, Manipal)
 ‘sirt MANIPAL INSTITUTE OF TECHNOLOGY
MANIPAL
T (A constituent unit of MAHE, Manipal)

Objectives
To understand

* Definition of Cyber Crime

* Classification of Cyber crimes

* Computer Intrusions and Hacking

* Computer Security

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 2

 /qtrt MANIPAL INSTITUTE OF TECHNOLOGY
JANIPAL
(A constituent unit of MAHE, Manipal)

Cyber Crime
* Cybercrime also known as Computer crime, refers to any crime that involves

a computer/mobile and a network.

* The computer may have been used in the commission of a crime, or it may be the target.

* Netcrime is criminal exploitation of the internet.

* Experts defined Cybercrime as "Offences that are committed against individuals or groups

of individuals with a criminal motive to intentionally harm the reputation of the victim or
cause physical or mental harm to the victim directly or indirectly, using modern

telecommunication networks such as Internet (Chat rooms, emails, notice boards and

groups) and mobile phones (SMS/MMS)".

* Such crimes may threaten a nation’s security and financial health.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 3
 Tlf MANIPAL INSTITUTE OF TECHNOLOGY
o \li \L it of MAHE, Maripal)

Cyber Crime

A simple yet sturdy definition of cyber crime would be

“unlawful acts wherein the computer is

either a tool or a target or both”.
 “l'l' MANIPAL INSTITUTE OF TECHNOLOGY
o MANIPAL

Biggest Cyber Attacks 2017 T

Equifax Data Breach — 145.5 Million Accounts

W=

Uber Data Breach — 57 Million Records

WannaCry Cyber Attack — 300,000 Systems
Yahoo! Makes History, Again — 3 Billion Accounts
A~

Deep Root Analytics Data Breach — 198 Million U.S. Voters

o

Rasputin Attacks — 60 Universities and Federal Agencies

o

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022

 * MANIPAL INSTITUTE OF TECHNOLOGY
7 MANIPAL
e (A constituent unit of MAHE, Manipal)

Surface Web vs Deep Web vs Dark Web

Subscription____
Information
Competitor
Websites ——. °
o—— Drug Trafficking
o——— Private Communications
o—— Political Protests
o—llegal Information
TOR Enc

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 6

Surface Web vs Deep Web vs Dark Web
Dark Web vs Deep Web vs Surface Web

Restricted to special browsers

Not indexed for Search Engines
Darknet/Dark Web
Large scale illegal activity
Unmeasurable due to nature

Accessible by password, encryption, or through gateway

software
Deep Web Not indexed for Search Engines
Little illegal activity outside of Dark Web
Huge in size and growing exponentially

Accessible
Indexed for Search Engines
Surface Web
Little illegal activity
Relatively small in size

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 7

 MANIPAL INSTITUTE OF TECHNOLOGY
MANIPA]
ent unit of MAHFE. Manipal)

Cost of Information in Dark Web

« Bank credential: $1,000 plus (6% of the total dollar amount in the
account)

« U.S. credit card with track data (account number, expiration date,
name and more): $12

- EU, Asia credit card with track data: $28

« Hacking into a website: $100 to $300

- Counterfeit social security cards: $250 and $400

+ Counterfeit driver's license: $100 to $150

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022

 {7t MANIPAL INSTITUTE OF TECHNOLOGY
elwent unit of MAHE, Manipal)
Classification of Cyber Crimes
* Threatening email, assuming someone’s identity, defamation, SPAM

and Phishing are some examples where computers are used to

commit crime.

* Where as viruses, worms and industrial espionage, software piracy

and hacking are examples where computers become target of crime.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022

 /qtrt MANIPAL INSTITUTE OF TECHNOLOGY
N e, stituent unit of MAHE, Manipal)

Classification of Cyber Crimes

Where computers are used to commit crime
* This category includes traditional offenses such as fraud committed through
the use of a computer.
* Some examples are:
Financial Crime
wNRE

Online Gambling
Intellectual Property Crimes
Email spoofing
oA

Cyber defamation
Cyber stalking

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 10

 /gy MANIPAL INSTITUTE OF TECHNOLOGY
unit of MAHE, Manipal)

1. Financial crimes

*This would include cheating, credit card frauds,

money laundering etc.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 1

 {7t MANIPAL INSTITUTE OF TECHNOLOGY
S ent unit of MAHFE. Manipal)

2. Online gambling
There are millions of websites; all hosted on servers
abroad, that offer online gambling.

«In fact, it is believed that many of these websites are

actually fronts for money laundering.
onzivesamsune §

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 12

 “‘F MANIPAL INSTITUTE OF TECHNOLOGY

3. Intellectual Property crimes

These include software piracy, copyright
infringement, trademarks violations, theft of
computer source code etc.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 13

 g’fi!:} MANIPAL INSTITUTE OF TECHNOLOGY
3 NIPAL
(A constituent unis of MAHE, Manipal)

4. Email spoofing
* A spoofed email is one that appears to originate from one source but actually
has been sent from another source.

Address Spoofing
Mail from A using C address [email protected]
A
Spammer

Non-delivery report from B

to the sender address
Mail rejected
= - blocked by anti-spam,
- virus in attachment,
- recipient does not exist,
- mailbox full,
- etc

[email protected]

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 1%

 MANIPAL INSTITUTE OF TECHNOLOGY
AL
it of MAHE, Maripal)

5. Cyber Defamation
* This occurs when defamation takes place with the help of computers and / or
the Internet.
* Example: Someone publishes defamatory matter about someone on a website
or sends e-mails containing defamatory information to all of that person's
contacts.

Defamation
=

Dam:
reputs

04/03/2023 CSE 1071 Problem

 MANIPAL INSTITUTE OF TECHNOLOGY
MANIPAL
(A constituent unit of MAHE, Manipal)

6. Cyber stalking
* Cyber stalking involves following a person's movements across the Internet by
posting messages (sometimes threatening) on the bulletin boards frequented by
the victim, entering the chat-rooms frequented by the victim, constantly
bombarding the victim with emails etc.

0059511627 www gopraph.com

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 16

 { %% MANIPAL INSTITUTE OF TECHNOLOGY
MANIPAL
(A constituent wunit of MAHF, Manipal)

Classification of Cyber Crimes

Where computers become target of crime
* This category includes computer oriented cyber crimes.

* Some types are:

Unauthorized Access(Hacking)
P

Malicious Software(Viruses, Trojans- corrupts server)

O ®
mmo

Worm (Self-replicating programs)

Spyware — parasitic software, invades privacy,
Divulging details through tracking cookies.
Cyber terrorism

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022

 \ MANIPAL INSTITUTE OF TECHNOLOGY
© MANIPAL
it of MAHE, Manipal)

A. Unauthorized Access

* Also known as Hacking.

* Involves gaining access illegally to a computer system or network and in some

cases making unauthorized use of this access.

* Hacking is also the act by which other forms of cyber-crime (e.g., fraud,

terrorism) are committed.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 18

 MANIPAL INSTITUTE OF TECHNOLOGY
wunit of MAHE, Manipal)

A. Theft of information

* Theft of any information contained in electronic form such as that stored in

computer hard disks, removal storage media, etc.

* Can extend to identity theft.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 19

 “E} MANIPAL INSTITUTE OF TECHNOLOGY
MANIPAL
(A constituent unis of MAHE, Manipal)

A. Email Bombing

* This refers to sending large number of emails to the victim resulting in the

victim's email account (in case of an individual) or mail servers (in case of a

company or an email service provider) crashing.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 20

 MANIPAL INSTITUTE OF TECHNOLOGY
wunit of MAHE, Manipal)

A. Salami Attacks

* These attacks are often used in committing financial crime and are based on

the idea that an alteration, so insignificant, would go completely unnoticed in a

single case.

* E.g. a bank employee inserts a program, into the bank's servers, that deducts a

small amount of money (say 5 cents a month) from the account of every

customer. This unauthorized debt is likely to go unnoticed by an account

holder.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 21

 i y MANIPAL INSTITUTE OF TECHNOLOGY
it of MAHE, Manipal)

A. Denial of Service (DoS) Attack

* This involves flooding a computer resource with more requests than it can

handle, causing the resource (e.g. a web server) to crash thereby denying

authorized users the service offered by the resource.

DOS ATT ACK

“a
S > E \ TARGET SERVER

AT]‘ACKER P — -

o -E
ZOMBIES

bttp://effectbacking.blogspot.com

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 22

 “?l'? MANIPAL INSTITUTE OF TECHNOLOGY
b MANIPAL
(A constituent unit of MAHE, Manipal)

B. Virus

* Viruses are programs that attach themselves to a computer or a file and then

circulate themselves to other files and to other computers on a network. They

usually affect the data on a computer, either by altering or deleting it.

\V.
'4
r

' & 4
——

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 23

 i1 y MANIPAL INSTITUTE OF TECHNOLOGY
%.AA&‘ MANIPAL
. (A constituent unit of MAHE, Manipal)

B. Logic Bombs

*These are event dependent programs where programs kick into

action only when a certain event (known as a trigger event) occurs.

*Some viruses may be termed logic bombs because they lie dormant

throughout the year and become active only on a particular date

5gic Samb
By CHSPEE - IRNEZ -2 1=2L
(e.g. Chernobyl virus).
12:00:00 H:M:S

31/12/2010 p/W/Y
C:\WINDOWS\S.EXE
AUTOSTART « VISIBLE
Activate Bomb

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 24

 fi!;} MANIPAL INSTITUTE OF TECHNOLOGY
S5 MANIPAL
(A constituent unis of MAHE, Manipal)

B. Trojan Attacks
* An unauthorized program which functions from inside what seems to be an

authorized program, thereby concealing what it is actually doing.

[o- —y
2=

e
~
Change? —=

Transmit? -

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 25

 “?l"% MANIPAL INSTITUTE OF TECHNOLOGY
b MANIPAL
(A constituent unis of MAHE, Manipal)

C. Worm

* Worms, unlike viruses do not need the host to attach themselves to. They merely

make functional copies of themselves and do this repeatedly till they eat up all the

available space on a computer's memory.

\Y
vr4
oes
=

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 26

 ;fir MANIPAL INSTITUTE OF TECHNOLOGY
“a MANIPAL
ne (A constituent wnitof MAHF, Manipal)

D. Web Jacking

* This occurs when someone forcefully takes control of a website (by cracking the

password and later changing it).

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 27

 41‘@} MANIPAL INSTITUTE OF TECHNOLOGY
MANIPAL
(A constituent unit of MAHE, Manipal)

E. Cyber-Terrorism

* Hacking designed to cause terror. Like conventional terrorism, ‘e-terrorism'

utilizes hacking to cause violence against persons or property, or at least cause

enough harm to generate fear.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 28

 MANIPAL INSTITUTE OF TECHNOLOGY
wunit of MAHE, Manipal)

Computer Security
* Computer security (also known as cyber security or IT security) is information

security as applied to computing devices such as computers and smartphones, as

well as computer networks such as private and public networks, including the

Internet as a whole.

* Computer Security is the protection of computing systems and the data that they

store or access.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 29

 MANIPAL INSTITUTE OF TECHNOLOGY
wunit of MAHE, Manipal)

Computer Security

* Computer Security covers all the processes and mechanisms by which computer-

based equipment, information and services are protected from unintended or

unauthorized access, change or destruction.

» Computer security also includes protection from unplanned events and natural

disasters.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 30

 gfi!;} MANIPAL INSTITUTE OF TECHNOLOGY
L MANIPAL
(A constituent unis of MAHE, Manipal)

Why is Computer Security Important?

* Enabling people to carry out their jobs, education, and research.

* Supporting critical business process.

* Protecting personal and sensitive information.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 3

* Good Security Standards follow the "90 / 10" Rule:

* 10% of security safeguards are technical.

* 90% of security safeguards rely on the computer user ("YOU") to adhere to good

computing practices

* Example: The lock on the door is the 10%. You remembering to lock the lock,

checking to see if the door is closed, ensuring others do not prop the door open,

keeping control of the keys, etc. is the 90%. You need both parts for effective

security.

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 32

 /gy MANIPAL INSTITUTE OF TECHNOLOGY
© MANIPAL
it of MAHE, Manipal)

What Does This Mean for Me?

* This means that everyone who uses a computer needs to understand how to keep

their computer and data secure.

* Information Technology Security is everyone's responsibility

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 33

 /qtrt MANIPAL INSTITUTE OF TECHNOLOGY
N e, stituent unit of MAHE, Manipal)

Simple measures to be followed...

* Many cyber security threats are largely avoidable. Some key steps that everyone

can take include:

—Use good, cryptic passwords that can't be easily guessed and keep your

passwords secret

—Make sure your operating system and applications are protected with all

necessary security patches and updates

—Make sure your computer is protected with up-to-date antivirus and anti-

spyware software

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 34

 /qtrt MANIPAL INSTITUTE OF TECHNOLOGY
N e, stituent unit of MAHE, Manipal)

Simple measures to be followed...

—Don't click on unknown or unsolicited links or attachments, and don't download

unknown files or programs onto your computer

—Remember that information and passwords sent via standard, unencrypted

wireless are especially easy for hackers to intercept

* To help reduce the risk, look for https in the URL and the little padlock that
appears in the URL bar or in a corner of the browser window before you enter
any sensitive information or a password.

* Also avoid standard, unencrypted e-mail and unencrypted Instant Messaging

(IM) if you are concerned about privacy

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 35

* Risk to security and integrity of personal or confidential information

* e.g. identity theft, data corruption or destruction, unavailability of critical information

in an emergency, etc.

* Loss of valuable business information

* Loss of employee and public trust, embarrassment, bad publicity, media coverage, news
reports

* Costly reporting requirements in the case of a compromise of certain types of personal,

financial and health information

* Internal disciplinary action(s) up to and including termination of employment, as well as

possible penalties, prosecution and the potential for sanctions / lawsuits

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 36
 'y MANIPAL INSTITUTE OF TECHNOLOGY
3 - MANIPAL
Yeurns (A constituent unit of MAHF, Manipal)

Summary

* Definition of Cyber Crime

* Classification of Cyber crimes

* Computer Intrusions and Hacking

* Computer Security

04/03/2023 CSE 1071 Problem Solving using Computers (PSUC) - 2022 37