Cyber Security Unit-1
Cyber Security Unit-1
Cyber Security Unit-1
Unit – 1
Introduction to Cyber Crime and Cyber Security
Cyber Crime
Meaning –Criminal activities carried out by means of computers or the internet.
Definition –
Cybercrime is defined as a crime where a computer is the object of the crime or is used as
a tool to commit an offense.
A cybercriminal may use a device to access a user's personal information, confidential
business information, government information, or disable a device.
Cybercrime, also called computer crime, the use of a computer as an instrument to further
illegal ends, such as committing fraud, trafficking in child pornography and intellectual
property, stealing identities, or violating privacy.
Cybercrime, especially through the Internet, has grown in importance as the computer has
become central to commerce, entertainment, and government.
Cyber crime or computer-oriented crime is a crime that includes a computer and a
network. The computer may have been used in the execution of a crime or it may be the
target.
Cyber crime encloses a wide range of activities, but these can generally be divided into two
categories:
(a) Crimes that aim computer networks or devices. These types of crimes involve different
threats (like virus, bugs etc.) and denial-of-service attacks.
(b) Crimes that use computer networks to commit other criminal activities. These types of
crimes include cyber stalking, financial fraud or identity theft.
Information Security:
1|Page
Information security is concerned with safeguarding the data that resides on the network.
Information security measures include encryption, access control, and backup and recovery
systems.
Information security is more concerned with the policies and procedures that govern how data is
accessed, used, and protected.
Information security also includes additional aspects such as authenticity, accountability, and
non-repudiation.
Information security measures are typically implemented at the data level, such as encryption
and access controls.
This is the age of universal electronic connectivity, where the activities like hacking, viruses,
electronic fraud are very common.
Unless security measures are taken, a network conversation or a distributed application can be
compromised easily.
Network Security has been affected by two major developments over the last several decades.
First one is introduction of computers into organizations and the second one being introduction
of distributed systems and the use of networks and communication facilities for carrying data
between users & computers.
These two developments lead to ‘computer security’ and ‘network security’, where the computer
security deals with collection of tools designed to protect data and to thwart hackers.
Network security measures are needed to protect data during transmission. But keep in mind that,
it is the information and our ability to access that information that we are really trying to protect
and not the computers and networks.
Because there are threats Threats A threat is an object, person, or other entity that represents a
constant danger to an asset The 2007 CSI survey 494 computer security practitioners
2|Page
46% suffered security incidents
Forces of nature
Technological obsolesce
3|Page
5. Authorization: Information security controls access to sensitive information and
resources to ensure that only authorized individuals can access them.
6. Non-repudiation: Information security ensures that the origin and authenticity of data can
be verified, so that users cannot deny sending or receiving certain data.
1. Hackers:
The term hacker may refer to anyone with technical skills, however, it typically refers to an
individual who uses his or her skills to achieve unauthorized access to systems or networks so as
to commit crimes.
2. Organized Hackers:
These criminals embody organizations of cyber criminals, terrorists, and state- sponsored
hackers. Cyber criminals are typically teams of skilled criminals targeted on control, power, and
wealth.
These criminals are extremely organized, and should even give crime as a service. These
attackers are usually profoundly prepared and well-funded.
3. Internet stalkers:
Internet stalkers are people who maliciously monitor the web activity of their victims to acquire
personal data. This type of cyber crime is conducted through the use of social networking
platforms and malware, that are able to track an individual’s PC activity with little or no
detection.
4. Disgruntled Employees:
Disgruntled employees become hackers with a particular motive and also commit cyber crimes.
It is hard to believe that dissatisfied employees can become such malicious hackers.
In the previous time, they had the only option of going on strike against employers. But with the
advancement of technology there is increased in work on computers and the automation of
processes, it is simple for disgruntled employees to do more damage to their employers and
organization by committing cyber crimes. The attacks by such employees bring the entire system
down.
4|Page
Classification of Cyber Crimes:
Email spoofing
Email spoofing is a form of cyber attack in which a hacker sends an email that has been
manipulated to seem as if it originated from a trusted source.
For example, a spoofed email may pretend to be from a well-known shopping
website, asking the recipient to provide sensitive data, such as a password or credit
card number.
Alternatively, a spoofed email may include a link that installs malware on the
user's device if clicked.
An example of spoofing is when an email is sent from a false sender address, that
asks the recipient to provide sensitive data.
This email could also contain a link to a malicious website that contains malware.
Spamming
Spamming is the use of electronic messaging systems like e-mails and other digital
delivery systems and broadcast media to send unwanted bulk messages
indiscriminately.
The term spamming is also applied to other media like in internet forums, instant
messaging, and mobile text messaging, social networking spam, junk fax transmissions,
television advertising and sharing network spam.
Spam is any kind of unwanted, unsolicited digital communication that gets sent out
in bulk. Often spam is sent via email, but it can also be distributed via text
messages, phone calls, or social media.
Cyber defamation
The tort of cyber defamation is an act of intentionally insulting, defaming or
offending another individual or a party through a virtual medium.
It can be both written and oral.
Defamation means giving an “injury to the reputation of a person” resulting from a
statement which is false. The term defamation is used in the section 499 of Indian
Penal Code, 1860.
Cyber defamation is also known as internet defamation or online defamation in the
world of internet and its users.
Cyber defamation is a new concept but it virtually defames a person through new
medium. The medium of defaming the individual's identity is through the help of
computers via internet.
Internet time theft
5|Page
It refers to the theft in a manner where the unauthorized person uses internet hours
paid by another person.
The authorized person gets access to another person's ISP user ID and password, either
by hacking or by illegal means without that person's knowledge.
Salami Attack
A salami attack is a small attack that can be repeated many times very efficiently.
Thus the combined output of the attack is great.
In the example above, it refers to stealing the round-off from interest in bank
accounts.
Even though it is less than 1 cent per account, when multiplied by millions of
accounts over many months, the adversary can retrieve quite a large amount. It is
also less likely to be noticeable since your average customer would assume that the
amount was rounded down to the nearest cent.
Data Diddling
Data diddling is a type of cybercrime in which data is altered as it is entered into a
computer system, most often by a data entry clerk or a computer virus.
Data diddling is an illegal or unauthorized data alteration. Changing data before or as
it is input into a computer or output.
Example: Account executives can change the employee timesheet
information of employees before entering to the HR payroll application.
Forgery
Forger" redirects here.
When a perpetrator alters documents stored in computerized form, the crime
committed may be forgery. In this instance, computer systems are the target of
criminal activity.
The term forgery usually describes a message related attack against a cryptographic
digital signature scheme. That is an attack trying to fabricate a digital signature for
a message without having access to the respective signer's private signing key.
Among the many examples of this crime, taking another's work, whether it be
written or visual, such as a artwork, and attempting to distribute it as either your own
or as an original is an example of forgery.
6|Page
Likewise, either creating fake documents or producing counterfeit items is
considered to be forgery as well.
Web Jacking
Illegally seeking control of a website by taking over a domain is know as Web
Jacking.
Web jacking attack method is one kind of trap which is spread by the attacker to
steal the sensitive data of any people, and those people got trapped who are not
aware about cyber security.
Web jacking attack method is another type of social engineering phishing attack
where an attacker create a fake web page of victim website
An attacker send it to the victim and when a victim click on that link, a message
display on the browser “the site abc.com has move on another address, click here to
go to the new location”
If a victim does click on the link, he/she will redirect on the fake website page
where an attacker can ask for any sensitive data such as credit card number,
username, password etc.
Emanating from UseNet
Usenet is a kind of discussion group where people can share views on topic of their
interest. The article posted to a newsgroup becomes available to all readers of the
newsgroup.
By its very nature, Usenet groups may carry very offensive, harmful, inaccurate or
otherwise inappropriate material, or in some cases, postings that have been
mislabeled or are deceptive in another way.
Therefore, it is expected that you will use caution and common sense and exercise
proper judgment when using Usenet, as well as use the service at your own risk.
Industrial Espionage
Industrial espionage describes a series of covert activities in the corporate world
such as the theft of trade secrets by the removal, copying, or recording of
confidential or valuable information in a company. The information obtained is
meant for use by a competitor.
Economic or industrial espionage commonly occurs in one of two ways.
i) a dissatisfied employee appropriates information to advance interests or to
damage the company.
ii) Secondly, a competitor or foreign government seeks information to advance its
own technological or financial interest.
Industrial espionage and spying can occur in any industry -- from food and
7|Page
beverage to fashion and entertainment.
However, technology is one of the most targeted industries.
Key technology industries that are often targeted include computer, semiconductor,
electronics, automotive, aerospace, biotechnology, energy, pharmaceutical and high-
tech manufacturing.
Hacking
Hacking refers to activities that seek to compromise digital devices, such as computers,
smartphones, tablets, and even entire networks.
Hacking is an attempt to exploit a computer system or a private network inside a
computer. Simply put, it is the unauthorized access to or control over computer
network security systems for some illicit purpose.
They can destroy, steal or even prevent authorized users from accessing the
system.
Kevin Mitnick likely holds the title as the world's best hacker ever. Kevin Mitnick
started hacking at an early age. He broke into the realm of public attention in the
1980s after he hacked into the North American Defense Command
Types of Hackers
a) White Hat Hackers – These hackers utilize their programming aptitudes for a
good and lawful reason. These hackers may perform network penetration tests in an
attempt to compromise networks to discover network vulnerabilities. Security
vulnerabilities are then reported to developers to fix them.
c) Gray Hat Hackers – These hackers carry out violations and do seemingly
deceptive things however not for individual addition or to cause harm. These
hackers may disclose a vulnerability to the affected organization after having
compromised their network.
Email bombing
An email bomb or "mail bomb" is a malicious act in which a large number of
email messages are sent to a single email address in a short period of time. The
purpose of an email bomb is typically to overflow a user's inbox. In some cases, it
will also make the mail server unresponsive.
Email bombing is often done from a single system in which one user sends
hundreds or thousands of messages to another user. In order to send the messages
8|Page
quickly, the email bomber may use a script to automate the process. By sending
emails with a script, it is possible to send several thousand messages per minute.
Fortunately, most mail servers are capable of detecting email bombs before a large
number of messages are sent. For example, if the server detects that more than ten
messages are received from the same email address within one minute,
it may block the sender's email address or IP address. This simple action will stop
the email bomb by rejecting additional emails from the sender.
Intrusion
The definition of an intrusion is an unwelcome interruption or a situation where
somewhere private has an unwelcome visit or addition.
When you are having a quiet nap in your backyard and your neighbor's dog comes
in uninvited and jumps all over you to wake you up, this is an example of an intrusion.
Password sniffing is an attack on the Internet that is used to steal user names and
passwords from the network. Today, it is mostly of historical interest, as most
protocols nowadays use strong encryption for passwords. However, it used to be the
worst security problem on the Internet in the 1990s, when news of major password
sniffing attacks were almost weekly.
The password sniffer is a small program that listens to all traffic in the attached
network(s), builds data streams out of TCP/IP packets,and extracts user names and
passwords from those streams that contain protocols that send cleartext passwords.
9|Page
The attack can also be performed in switches, routers, and printers. It is common
nowadays for attackers to install presence on such devices.
They don't run anti-virus and aren't easy to audit. Furthermore, traffic naturally
goes through switches and routers, so no extra network packets need to be sent to fool
switches into sending traffic of interest to the listening node.
Identity Theft
Identity theft is the crime of obtaining the personal or financial information of
another person to use their identity to commit fraud, such as making unauthorized
transactions or purchases.
10 | P a g e
BusinessWeek/Symantec)
China–United States cooperation is one of the most striking progress recently, because
they are the top two source countries of cybercrime.
In today’s techno-savvy environment, the world is becoming more and more digitally
sophisticated and so are the crimes. Internet was initially developed as a research and
information sharing tool and was in an unregulated manner.
As the number of internet users is on the rise, the need for cyber laws and their application
has also gathered great momentum.
In today’s highly digitalized world, almost everyone is affected by cyber law. For
example:
11 | P a g e
Technology is never a disputed issue but for whom and at what cost has been the issue in
the ambit of governance.
The cyber revolution holds the promise of quickly reaching the masses as opposed to the
earlier technologies, which had a trickle-down effect. Such a promise and potential can
only be realized with an appropriate legal regime based on a given socio-economic matrix.
Cyber-law is important in a country like India where the internet is used to a large extent.
The law is enacted to save people and organizations from cybercrime and other internet-
related crimes.
It protects the privacy of every individual and organization. Before the enactment of
Cyber-law, no specific law existed in India to deal with cybercrime.
As per rules and regulations of the Cyber-law, a person who commits cybercrime is liable
to get punishment. If anyone violates and breaks the provisions of the law, then it allows
another person or organization to take legal action against that person.
Cyber Law also called IT Law is the law regarding Information-technology including
computers and internet. It is related to legal informatics and supervises the digital
circulation of information, software, information security and e- commerce.
The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act)
is an Act of the Indian Parliament (No 21 of 2000) notified on17th October 2000.
The Information Technology Act, 2000 provides legal recognition to the transaction done
via electronic exchange of data and other electronic means of communication or electronic
commerce transactions.
12 | P a g e
Objectives of the Act
The Information Technology Act, 2000 provides legal recognition to the transaction done
via electronic exchange of data and other electronic means of communication or electronic
commerce transactions.
Further, this act amended the Indian Penal Code 1860, the Indian Evidence Act 1872, the
Bankers’ Books Evidence Act 1891, and the Reserve Bank of India Act 1934.
i. Grant legal recognition to all transactions done via electronic exchange of data or
other electronic means of communication or e-commerce, in place of the earlier
paper-based method of communication.
ii. Give legal recognition to digital signatures for the authentication of any information
or matters requiring legal authentication
iii. Facilitate the electronic filing of documents with Government agencies and also
departments
v. Give legal sanction and also facilitate the electronic transfer of funds between
banks and financial institutions
vi. Grant legal recognition to bankers under the Evidence Act, 1891 and the
Reserve Bank of India Act, 1934, for keeping the books of accounts in electronic
form.
Certain sections like Section 69 which provides authority to the Indian government for
interception, monitoring, decryption and blocking electronic data traffic have come under
major criticism. "The Act has provided Indian government with the power of surveillance,
monitoring and blocking data traffic. The new powers under the amendment act tend to give
Indian government a texture and color of being a surveillance state,"
14 | P a g e
Penalties under Cyber Crimes:-
a) Section 43 and 66 –
Section 43 and 66 of the IT Act punishes a person committing data theft, transmitting
virus into a system, hacking, destroying data, or denying access to the network to an
authorized person with maximum imprisonment up to 3 years or a fine of rupees 5 lacs or
both. At the same time data theft is also punishable under Section 378 and Section 424 of
IPC with maximum imprisonment of 3 years or fine or both; and imprisonment of 2 years
or fine or both respectively. Denying access to an authorized person or damaging a
computer system is penalized under Section 426 of IPC with imprisonment of up to 3
months or fine or both.
66E - Tampering with computer source documents is a punishable offence under Section
65 of the IT Act. Section 66E provides the punishment for violation of privacy. It states
that if any person captures, publishes, or distributes an image of a private area of a person
without his/her consent has committed a breach of privacy and is punishable with
imprisonment up to 3 years or a fine up to 2 lacs or both.
66F
Section 66F covers a crucial matter which is cyber terrorism and prescribes punishment
for the same. It provides the acts which constitute cyber terrorism like denial of access or
penetrating through a network or transmitting virus/malware utilizing which he is likely to
cause death or injury to any person, which is all done with the purpose to threat the
integrity, sovereignty, unity, and security of India or create terror in the minds of its
citizen.
66B and 66 C
Section 66B of the IT Act and Section 411 of IPC deal with the offense of dishonestly
receiving stolen computer resources or devices.
Section 66C of the IT Act prescribes punishment for identity theft and states that any
person who uses the identity credentials of a person for fraud or in a dishonest manner is
liable for punishment with imprisonment up to 3 years and a fine up to Rupees 3 lacs.
Cheating by personation using a computer resource is punishable under Section 66D of the
IT Act.
Similar provisions for these offenses are given under IPC under Section 419, 463, 465,
and 468. IT Act not only punishes persons but corporate as well if they fail to implement
and maintain a reasonable and diligent mechanism to protect the sensitive data of any
person in their possession. Such a body corporate is liable to pay compensation to the
aggrieved person who has suffered a loss due to the negligence of the corporation.
15 | P a g e
Apart from the provisions for punishment, the IT Act also empowers the Central
Government to issue directions to block access of any information on an intermediary or
computer resource for the public, if it feels necessary in the interest of the State. It can also
intercept, decrypt or monitor such information.
The IT Act 2000 w1as mainly to ensure legal recognition of e-commerce within India. Due
to this most provisions are mainly concerned with establishing digital certification
processes within the country. Cybercrime as a term was not defined in the act. It only
delved with few instances of computer-related crimes. These acts as defined in Chapter XI
of the Act are:
1. Section 43– Illegal access, the introduction of the virus, denial of services, causing
damage and manipulating computer accounts.
2. Section 65– Tampering, destroying and concealing computer code.
3. Section 66– Acts of hacking leading to wrongful loss or damage.
4. Section 67– Acts related to publishing, transmission or causing publication of
obscene/ lascivious in nature.
Punishment in Section 65 and 66 is three years or fine up to two lakh rupees or both. For
Section 67 the first time offenders can be punished up to 5 years with a fine up to one
lakhs of rupees. A subsequent offense can lead to ten years of punishment and fine up to
two lakhs of rupees.
17 | P a g e
subsequent offence.
Digital Signature
A digital signature is a way to identify yourself online. Just like passports, driving licenses,
and PAN cards allow you to prove your identity offline, digital signatures let you prove
your identity online. To do this, you need a digital signature certificate and that lets you
sign documents digitally.
Digital signatures work by proving that a digital message or document was not modified—
intentionally or unintentionally—from the time it was signed. Digital signatures do this by
generating a unique hash of the message or document and encrypting it using the sender's
private key.
You can use digital signature certificates to e-file your income tax returns, for a Registrar
of Companies e-filing, online auctions (such as e-tenders), and to sign documents such as
PDFs.
Digital signatures were given legal status in India, by Information Technology (IT ACT
2000) in the year 2000. It granted e-signatures on electronic documents, the same legal
status as the handwritten signatures on physical documents.
The IT Act, 2000 introduced the concept of digital signatures under Sec. 2(1)(p) as
authentication of any electronic record by a subscriber, i.e., a person in whose name the
Digital Signature Certificate' (DSC) is issued,by means of an electronic method or
procedure in accordance with the provisions of Sec. 3
18 | P a g e
The Spam legislation scenario mentions “none” about India as far as E-mail legislation in India
is concerned. The legislation refers to India as a “loose” legislation, although there is a mention
in Section 67 of ITA 2000. About 30 countries have enacted some form of anti-spam legislation.
There are also technical solutions by ISPs and end-users.
Inspite of this, so far there has been no significant impact on the volume of spam. Spam is used
to support fraudulent and criminal activities. As there are no national boundaries to such crimes
under cybercrime realm, it requires international cooperation between those who seek to enforce
anti-spam laws.
………………………………….********************…………………………
19 | P a g e