CSL

Q1) Define Cybercrime and describe its type

a) Definition:
1. **Cybercrime** refers to crimes that involve and use computer devices and the Internet.
2. It encompasses crimes committed using a computer as an instrument.
3. **Cybersecurity** involves securing or protecting information, devices, computers, and computer resources
against unauthorized access, modification, disclosure, or destruction.
4. Cybercrimes can be committed against individuals, groups, governments, or private organizations.
5. These crimes may be intended to harm someone’s reputation, cause physical or mental harm.
6. Cybercrimes can cause direct or indirect harm to victims.
7. They represent a significant threat to the financial security of both individuals and governments.

b) Types of Cybercrime:
1. Hacking:
- Illegally breaching a computer's security for personal gain.

2. Unwarranted Mass Surveillance:

- Spying on individuals or groups without proper authorization, often for personal interest.
- Examples include CCTV surveillance without consent, wiretapping, etc.

3. Child Pornography:
- The sexual abuse of children, with videos or images illegally posted on the internet, often accompanied by
blackmail.

4. Child Grooming:
- The practice of establishing an emotional connection with a child, typically for the purpose of trafficking or
prostitution.

5. Copyright Infringement:
- Unauthorised use or publication of someone’s protected work without permission, often claiming it as one's
own.

6. Money Laundering:
- The unlawful possession of money, typically involving the transfer of funds through foreign banks to legitimize
"black" money.
- It involves transforming illegally earned money into a legitimate financial system.

7. Cyber-Extortion:
- A crime where hackers hold data or sensitive information hostage until their demands for payment are met.
- Examples include ransomware attacks and Distributed Denial-of-Service (DDoS) attacks.

8. Cyber-Terrorism:
- Crimes that involve breaching government security systems or intimidating governments, often with a political
or ideological motive.

9. Social Engineering:
- Manipulating individuals into divulging confidential or personal information, often by pretending to be someone
trustworthy or exploiting human emotions.
Q2) Explain in detail Information Security policy

i. Cybercrime Against Individuals:

1. E-mail Spoofing and Online Frauds:

- Spoofed Mail: This involves sending an email that pretends to come from an authentic source, with the intent
of deceiving the recipient.

2. Phishing:
- Phishing: This is an attempt to steal personal information from someone's computer by sending an email that
appears to be from a legitimate, well-known website.

3. Spamming:
- Spamming: This refers to the act of sending bulk messages indiscriminately, often for advertising purposes or
to spread malware.

4. Cyber Defamation:
- Cyber Defamation: This occurs when someone publishes false or harmful information about another person
through websites or emails, with the intent of damaging that person's reputation.

5. Password Sniffing:
- Password Sniffing: This is the act of stealing passwords by monitoring network traffic to extract sensitive
information.

ii. Cybercrime Against Property:

1. Credit Card Fraud:

- This involves the unauthorized use of someone else's credit card information to make purchases or withdraw
funds.

2. Internet Time Theft:

- Internet time theft occurs when someone uses another person’s internet hours without their knowledge or
consent, often by hacking into their account.

3. Software/Application Piracy/Theft:
- This refers to the unauthorized copying, distribution, or use of software or applications, often to avoid paying
for them.

iii. Cybercrime Against Organizations

1. Unauthorized Accessing of Computers:

- This involves gaining access to a computer system or network without permission, often to steal, alter, or
destroy data.

2. Password Sniffing:
- As mentioned earlier, this is the act of stealing passwords by monitoring network traffic, and it also applies to
organizational targets.

3. DoS Attack:
- A Denial of Service (DoS) attack overwhelms a system or network with traffic, rendering it unavailable to
users.

4. Virus Attack:
 - This involves the deliberate infection of a computer system with a virus, which can corrupt or delete data and
spread to other systems.

5. E-mail Bombing:
- E-mail bombing is the act of sending a large volume of emails to a single recipient, causing their inbox to
overflow and the system to crash.

6. Trojan Horse:
- A Trojan horse is a type of malware disguised as legitimate software, which, once installed, can take control of
a computer or steal information.

7. Software Piracy:
- This is the illegal copying, distribution, or use of software, and is a significant issue for organizations that rely
on proprietary software.

iv. Cybercrime Against Society

1. Duplicate Documents (Forgery):

- This involves creating fake documents or altering real ones to deceive or defraud others.

2. Cyber Terrorism:
- Cyber terrorism refers to the use of digital attacks to create fear, disrupt services, or damage critical
infrastructure, often with political motives.

3. Web Jacking:
- Web jacking occurs when a website is taken over or hijacked by cybercriminals, often to deface the site, steal
information, or redirect users to malicious sites.

Q4) Explain the features and objectives of IT ACT 2000

i. Information Technology Act 2000.

ii. The Information Technology Act 2000 is a significant legislation passed by the Government of India on October
17, 2000.
iii. It represents the first major step by the Indian government to promote the growth of e-commerce, facilitate
e-transactions, support e-governance, and prevent cybercrimes.

iv. Two sections were added in ITA 2000 :

1. Section 69
2. Section 69A & Section 69B
1. Section 69 : This section includes provisions (preparations) for handling issues related to the monitoring,
interception, or decryption of information from any computer resource to protect national security or prevent
criminal activities.

2. Sections 69A & 69B: These sections provide the government with the authority to block public access to
specific websites and monitor and collect network traffic data from any computer resources for security purposes.

v. The IT Act 2006 was introduced to enhance the provisions of the original Act.
vi. Following this, with the President of India's approval, the IT Amendment Act 2008 was passed in February
2009, and it became effective on October 27, 2009.
vii. This amendment brought a wider range of cybercrimes under legal scrutiny.
Some of the important features of the IT Act include:
1. Protection of Electronic Data Interchange: The Act ensures that electronic data exchanged during transactions
is legally recognized and protected.
2. E-Transactions: The Act supports the secure and legal conduct of electronic transactions.
3. E-Governance: It provides a legal framework for electronic communication between the government and
citizens.
4. Protection of Personal Data: The Act includes provisions to protect personal data from unauthorized access
and misuse.

Q6) Explain the concept of social engineering wid dia:

i. Social Engineering refers to a broad range of malicious activities that are carried out through human
interaction.

ii. It involves using psychological manipulation to deceive users into making security mistakes or
divulging sensitive information.

iii. This approach is a non-technical strategy that exploits human vulnerabilities rather than technical
flaws.

iv. Social engineering relies entirely on human interaction, making the attacker’s ability to manipulate
the victim’s mentality crucial to the attack's success.

v. It is considered one of the greatest security threats due to its effectiveness.

vi. The attacker typically gains unauthorized access to confidential information by tricking the victim.

vii. These attacks usually occur in multiple steps, each designed to further the attacker’s objective.

Dia:
Steps of a Social Engineering Attack:

i. Investigation:

1. Preparation for the Attack: The attacker plans the approach, gathering resources
and determining the best strategy.
2. Identifying the Victim: The attacker selects the target individual or organization.
3. Gathering Background Information: The attacker collects relevant information
about the target to increase the chances of success.
4. Selecting the Attack Method: Based on the gathered information, the attacker
chooses the most effective method to deceive the victim.

ii. Hook (Deceiving the Victim):

1. Engaging the Target: The attacker initiates contact with the victim, often pretending
to be someone trustworthy.
2. Spinning a Story: The attacker creates a convincing narrative to lower the victim’s
guard.
3. Taking Control of the Interaction: The attacker steers the conversation or
interaction to guide the victim towards revealing sensitive information.

iii. Play (Obtaining the Information):

1. Expanding the Foothold: The attacker deepens their engagement, gaining further
trust or access.
2. Executing the Attack: The attacker collects the desired information or achieves the
specific objective of the attack.
3. Disrupting Business: If applicable, the attack may also involve causing disruption to
the victim’s operations.

iv. Exit (Closing the Interaction Without Arousing Suspicion):

1. Removing Traces: The attacker carefully withdraws from the interaction, ensuring no
signs of the breach are left behind.
2. Covering Tracks: The attacker takes steps to cover their tracks, making it difficult for
the victim or authorities to trace the attack back to them.
Q7) Describe the types of social engg attacks

Types of Social Engineering Attacks

i. Baiting:

1. Uses False Promises: Attackers entice victims with deceptive offers, such as free
gifts or benefits.
2. Luring into a Trap: The goal is to draw the victim into a situation where they are
vulnerable to exploitation.
3. Bait Left in Public Places: Attackers may leave malware-infected devices, like flash
drives, in public areas such as washrooms or elevators.
4. Automatic Malware Installation: When the victim inserts the bait device into their
computer, malware is automatically installed.
5. Offline and Online Forms: Baiting can occur both offline (e.g., physical devices) and
online (e.g., malicious downloads).

ii. Scareware:

1. Bombarding Victims with False Alarms: Scareware involves overwhelming the

victim with fake security alerts and threats.
2. Also Known as Fraudware: This type of attack is sometimes referred to as
fraudware due to its deceptive nature.
3. Example: Victims might see legitimate-looking pop-up messages prompting them to
install suspicious software.
4. Distribution via Spam Email: Scareware is often spread through spam emails that
contain malicious links or attachments.

iii. Pretexting:

1. Attacker Pretends to be an Official: The attacker impersonates a trusted authority

to gain access to sensitive information.
2. Establishing Trust: The attacker builds rapport and credibility with the victim to
make the interaction seem legitimate.
3. Personal Information Gathering: Through this deception, the attacker collects
personal or confidential information from the victim.

iv. Phishing:

1. One of the Most Popular Social Engineering Attacks: Phishing is widely

recognized as a common form of social engineering.
2. Email and Text Message-Based: This attack typically involves sending deceptive
emails or text messages.
3. Creating a Sense of Urgency: The attacker aims to provoke a sense of urgency,
curiosity, or fear in the victim to prompt immediate action, such as clicking on a
malicious link or providing sensitive information.
Q8) What is Cyber Stalking. How to avoid Cyber Stalking

Definition :
i. Cyber Stalking : An activity in which a stalker stalks another person by misusing the internet or electronic
media.
ii. A stalker may contact a person either by an email, social media or via other online modes.
iii. Motto is to harass a person.
iv. Some may also track location or online activities.
v. Stalking is committed digitally which is still considered offensive.
vi. Cyber stalkers might terrorize victims by sending unpleasant messages several times a day.
vii. Such messages come from different accounts managed by the same person.
viii. These accounts are supposed to be reported to both the website owners and law enforcement agencies.
ix. Cyber stalking doesn’t have to involve direct communication and some victims may not even realize being
stalked.
x. Attacks can collect your personal data, contact your friends and attempt to harass you offline.

Types :
i. Catfishing :
1. Stalkers create fake profile to approach victims.
2. Sometimes copy the original profile to look the real one.
ii. Monitoring location check-ins on social media :
1. Stalkers keep an eye on the activities of a victim from check-ins.
iii. Visiting virtually via Google maps street view :
1. If a stalker discovers victim’s address, then it is not hard to find the victim’s area, neighborhood, and
surroundings via street view.
iv. Hijacking webcam :
1. Stalkers push malware-infected files into the victim’s computer which gives them access to the webcam.

Prevention :
i. Keep a low profile.
ii. Update your software.
iii. Hide your IP address.
iv. Maintain good digital hygiene.
v. Avoid disclosing sensitive information.

Q9) What is Attack Vector. Describe its types

i. Attack Vector: It is the means by which a hacker gains unauthorized access to a computer system
or network to initiate an attack.

ii. It represents the method or pathway used by a hacker to access or penetrate the target system.

iii. An attack vector can take the form of malware, such as Trojans, which hackers use to deliver
malicious code to their victims.

iv. Examples of attack vectors include infected email attachments, malicious links, and pop-up ads.

v. Hackers exploit known attack vectors to steal information, data, and money by investigating and
exploiting system vulnerabilities.

vi. Once hackers gain access, they inject malicious code that enables them to remotely control, spy on,
or steal data and other resources.
vii. IT organizations can mitigate the risk of cyber attacks by addressing these vectors before they lead
to significant data loss.

viii. Attack vectors describe how cyber criminals gain a foothold in a system.

ix. After gaining access, hackers can perform various malicious activities.

b) Common Attack Vectors:

i. Malwares or Malicious Files: Files containing harmful code that can infect and compromise a
system.

ii. Spam Emails and Attachments: Unsolicited emails that often contain malicious attachments or
links designed to trick users.

iii. Malicious Links: URLs that lead to harmful websites or download malicious software when clicked.

iv. Vulnerabilities in Software and Hardware: Security flaws in software or hardware that can be
exploited to gain unauthorized access.

c) Types of Attack Vectors:

i. Insider Threats: Employees or individuals with authorized access may unintentionally or maliciously
expose confidential internal data.

ii. Phishing: A method that creates a sense of urgency, curiosity, or fear in victims to prompt them to
reveal sensitive information or perform actions that compromise security.

iii. Business Partners: Security incidents or data breaches can arise from vulnerabilities or malicious
actions involving business partners.

iv. Weak Login Credentials: Insufficiently strong or unique authentication methods that can be
exploited to gain unauthorized access.

v. Ransomware: A type of malware that encrypts a victim's data, with the attacker demanding a
ransom for decryption and restoration of access.
Q12) Compare DOS & DDOS attack