UNIT I: Cyber Crimes- Overview

Introduction– History and Development– Definition, Nature and Extent of

Cyber Crimes in India and other countries - Classification of Cyber Crimes–
Trends in Cyber Crimes across the world.
Introduction
Cyber Crime is one of them Cyber Crime is a common phenomenon in the
world. Cyber Crime is that group of activities made by the people by creating
disturbance in network, stealing others important and private data, documents,
hack bank details and accounts and transferring money to their own.
Cyber Crime, especially through the Internet, has grown in importance as the
computer has become central to commerce, entertainment, and government. Cyber
crime, also called computer crime, the use of a computer as an instrument to
further illegal ends, such as committing fraud, Trafficking in child pornography
and intellectual property, stealing identities, or violating privacy.
The cyber crime and they its impacts over the society in the form of
economical disrupt, psychological disorder, threat to National defense etc.
Restriction of cyber crimes is dependent on proper analysis of their behavior and
understanding of their impacts over various levels of society.
Now a day‟s Cyber crime is increasing day by day. People have been
greatly suffering for it. It is not only creates human suffering but also put effect on
it. So Cyber Crime is one of the major crimes done by computer expert
History and Development
Cybercrime encompasses a wide range of criminal activities that are carried
out using digital devices and/or networks. These crimes involve the use of
technology to commit fraud, identity theft, data breaches, computer viruses, scams,
and expanded upon in other malicious acts.
1962
The modern history of cybercrime began when Allen Scherr launched a cyber
attack against the MIT computer networks, stealing passwords from their database
via punch card.
1971
The first computer virus was created for research purposes by Bob Thomas at BBN
technologies. Referred to as the Creeper Virus, the self-replicating program was
detected on the ARPANET in 1971 and foretold the potential of future viruses to
cause significant damage to computer systems.
1981
Ian Murphy became the first person ever to be convicted for committing a
cybercrime after successfully hacking into AT&T‟s internal systems and changing
their computers‟ clocks, causing havoc.
1988
The first major cyber attack on the internet came courtesy of Cornell grad student
Robert Morris. The “Morris Worm” struck in the year before the World Wide Web
debuted, back when the internet was primarily the domain of academic researchers.
It infected computer systems at Stanford, Princeton, Johns Hopkins, NASA,
Lawrence Livermore Labs, and UC Berkeley, among other institutions.
1989
Ransomware made its first appearance. This first strain of ransomware — the
AIDS Trojan — was easy to remove, rendering it ineffective. Unlike the
ransomware of today, this one appeared on floppy disks, with the cybercriminal
handing out 20,000 infected disks to attendees of the World Health Organization‟s
AIDS conference.
The 1990s: New Technology Brings New Crime
The decade of the „90s gave rise to some of the greatest communication
technologies and changes known to mankind, with the internet connecting people
across different communication networks wherever they were, all over the world.
1994
Datastream Cowboy and Kuji — a 16-year-old British schoolboy and his
accomplice — used a “password sniffer” program to launch a series of attacks that
crippled the Air Force‟s Rome Laboratory, while stealing research data used as
attack instructions for warplanes in battle.
1995
Vladimir Levin was the first known hacker to attempt to rob a bank — and a very
big bank at that. He hacked into Citibank‟s network and conducted many
fraudulent transactions. All told, he transferred more than 10 million dollars into
various bank accounts worldwide.
1995
Kevin Mitnick — one of history‟s most notorious hackers — became the first
person to penetrate large networks by manipulating people and using insiders to
get the codes to access Motorola and Nokia, among others.
1998
Max Butler, a security consultant for the FBI among others, hacked into U.S.
government websites under false pretenses. The U.S Air Force alerted officials to
his misdeeds, and he received an 18-month sentence. Later, for another illicit
foray, he was sentenced to 13 years, a record for a hacker.
1999
Computer viruses were relatively unknown by the general public until the Melissa
Virus struck in March 1999. A document uploaded online and promising access to
adult videos, the virus would take over individual‟s Microsoft Word applications,
then jump to their Microsoft Outlook , and self-propagate by sending itself to
various email accounts. It caused an estimated $80 million in damages and was one
of the first major viruses that expanded beyond AOL.

The New Millennium: Cybercrime Ramps Up

The first decade of the new millennium saw more sophisticated attacks and an
abundance of advanced persistent threat actors (APTs), most of which were
sponsored by nation-states. The evolution of cybercrime meant new viruses and
worms, which caused significant damage to critical sectors of the global, digital
economy.
By decade‟s end, cybersecurity was a concern to computer users everywhere, but
especially to government agencies and large corporations who had the most at
stake.
2000
A 15-year-old hacker named Michael Calse — who went by the online handle
“Mafiaboy” — launched a series of distributed denial of service (DDoS) attacks on
some of the largest commercial websites in the world, sites like Amazon, Yahoo,
CNN, and eBay. The attack brought the sites down for hours in some cases and
cost these businesses untold millions.
2000
Another major phishing attack occurred with the ILOVEYOU virus. Sometimes
called the LOVEBUG or Love Letter virus, this worm infected over 10 million
endpoints across the world. It spread as a spam email, accidentally opened by
users, which allowed the worm to gain access to the entire operating system due to
a flaw in Windows. It‟s estimated that this single attack, which originated with an
amateur hacker in the Philippines, caused billions in damages around the globe.
2005
A security breach at a U.S. retailer led to the data leak of 1.4 million HSBC Bank
MasterCard users.
2006
The first ransomware strain to use advanced RSA encryption, named Archievus,
appears. RSA encryption, or public-key encryption, is now the default for most
ransomware attacks.
2008
In one of the largest breaches ever, Heartland Payment systems were attacked
using a combination of SQL injection, password sniffers, and malware,
compromising the data of 134 million users.

2010s: An Explosion of Cyber Attacks

2010-2020 saw an explosion in cybercrime, turning what was once a cottage
industry into a big, global business. Attackers developed new malicious programs
and techniques, which increased both the cybercrime rate and the number of
attacks per day. Trillions of dollars were lost.
The decade also saw the rise of ransomware, as digital currencies like Bitcoin, the
digitizing of organizations, and the proliferation of mobile devices, new operating
systems, and the dark web, gave threat actors new avenues and resources for
attacks.
Cybercrime wasn‟t the only industry that saw huge growth. Organizations began
employing more cybersecurity professionals to counter the risk of cyber threats as
the sense of assumed digital security dissipated. And, due to the demand for
constant data security, a new field emerged known as ethical hacking, whose sole
purpose is to discover vulnerabilities prior to malicious exploitation.
The evolution and increased sophistication of different types of cyber threats and
how they‟re leveraged in attacks puts organizations in precarious positions when it
comes to defending against them.
2010
The Stuxnet worm — called the world‟s first “digital weapon” — attacked nuclear
plants in Iran, sabotaging the country‟s uranium enrichment facilities.
2010
The Zeus Trojan virus was distributed around the world via email in an attack
targeting financial services organizations. The 100-plus-person crime ring, based
largely in the U.S., managed to steal more than $70 million from American banks.
2010
In a notorious nation-state attack, Operation Aurora was launched by Chinese
military hackers on more than 20 leading technology companies. The public was
first made aware of the attacks when Google notified the public that its intellectual
property had been seized in the attack.
2011
Sony Corporation announced In April that, over the course of a few days, hackers
stole information from 77 million users of its PlayStation Network. This included
gamers‟ usernames and passwords, their birthdates, answers to security questions,
and more. It took 23 days to recover the system and remediate the threat.
2013
In perhaps the largest high-profile data leak of all time, whistleblower Edward
Snowden revealed sensitive information stolen from several foreign governments
with spyware software as part of the National Security Agency‟s PRISM
surveillance program.
2013
Over 110 million Target customers had their credit card records stolen in a
phishing attack. The scheme involved a malware-laden email to the company‟s
HVAC subcontractor, allowing the cybercriminals to gain access credentials to the
data.
2013
A researcher discovered that Finnish telecommunications Nokia was essentially
conducting man-in-the-middle attacks on its smart phone users by sending HTTPs
traffic through its servers and decrypting data. The company said it did so to help
compress data and keep rates and charges reduced.
2013
CryptoLocker, the first ransomware to be spread by botnet and social engineering,
shows both threat actors and the cybersecurity world how easily ransomware could
spread and take over a system.
2013
In a now infamous and often referenced data breach, the information of 38 million
Adobe users, including credit card information for three million of them, was
leaked online. In an interview, Adobe’s CSO said a move to the cloud made
Adobe vulnerable to threat actors.
2014
Celebgate occurs, as nude and intimate photos of celebrities are taken from hacked
iCloud accounts and leaked online. This hack placed new attention on password
hygiene and mobile device security.
2015
The first strains of SamSam ransomware appeared, which by 2018 had earned its
creator nearly $6 million USD. Among its highest-profile “hostage-taking” strikes
were the City of Atlanta and the Colorado Department of Transportation.
2015
A successful spear phishing attack against high-value Defense Department targets
with customized emails led to a data breach of information for 4,000 military and
civilian personnel who worked for the Joint Chiefs of Staff. The attack forced the
Pentagon to shut down its email system.
2015
A cybercrime group known as Impact Team leaks the internal database of Ashley
Madison, a dating site frequented by those looking to have an extramarital affair.
The group initially held the data for ransom, demanding the site be shut down, and
after Ashley Madison resisted, the database was released. The breach brought to
light the importance of data security, specifically around user data, as the site had
archived and kept the personal information of past users, including credit card
information and legal names.
2016
TeleCrypt ransomware appeared and targeted gamers, who downloaded it while
playing games online. Luckily, a free decrypt tool was quickly created by
researchers at Malwarebytes.
2016
Petya becomes the first ransomware variant to overwrite the master-boot record
and encrypt the master file table within a system, locking victims out of the entire
hard drive faster.
2016
The Austrian Aerospace firm, FACC AG, was defrauded of 50 million Euros in a
spear- phishing scheme that tricked a finance employee to transfer the money into
bank accounts controlled by the cybercriminals. As a result, the company‟s CEO
was fired.
2017
Perhaps the most insidious of all ransomware strains, WannaCry, managed to
affect more than 200,000 Windows computers in 150 countries. It was especially
dangerous — and deadly — as the U.K.‟s National Health Service Hospitals were
among the most devastated. It is widely assumed hackers in North Korea were
behind the attack.
2017
Just a month later, piggybacking on the success of WannaCry was NotPetya, an
updated version of the earlier ransomware strain. It took out organizations from
shipping giant Maersk to multinational pharmaceutical manufacturer Merck.
2017
A Lithuanian cybercriminal posed as an Asian manufacturer to deceive Google and
Facebook employees into wiring over $100 million to untraceable offshore bank
accounts. The attack occurred two years before his capture. For their part, Google
claimed to have recouped the funds it had lost.
2018
In the biggest DDoS inundation to date, GitHub — a popular developer platform
— experienced traffic of 1.3 terabytes per second, which halted all operations on
its server. GitHub had security measures in place, far more than most
organizations, but was simply overwhelmed by the sheer size of the attack.
2018
Perhaps the most noteworthy of all crypto jacking attacks in this decade was
Coinhive, a popular cryptocurrency mining service that, for a time, was considered
by leading security firms as the top malicious threat to web users. Its computer
code could be used on hacked websites to steal the processing power of that site‟s
visitors‟ devices. For 15 long months, cybercriminals used the malicious program
to infect millions of devices.
2019
Capital One fell victim to one of the largest data breaches in banking history when
over 100 million credit card applications were accessed and thousands of Social
Security and bank account numbers were taken. Capital One spent around $150M
mitigating damages.
2020 to Today: Billions of Dollars Lost
If the 2010s were the decade where cybercrime was finding its footing, the 2020s
have seen the ecosystem sophisticate in new ways.
There have been two colliding forces this decade: One is an overall rise in
cybercrime driven by technological advances as well as socioeconomic forces
particularly in Eastern Europe and Asia, and the other is the rapid digitization of
organizations who are turning to the cloud, individual endpoints, and global
expansion, but are doing so faster than their cybersecurity measures can keep up.
2020
Neiman Marcus notified 4.6 million customers that a hacker had compromised
online accounts in May 2020, gaining access to personal data such as usernames
and passwords, customer names, contact information, credit card numbers, as well
as expiration dates and virtual card numbers.
2020
Russian cyber attacks on U.S. governmental institutions have been on the rise and,
in one of the most catastrophic data breaches during all of 2020, foreign
intelligence operatives took advantage of a compromised SolarWinds program and
invaded an estimated 18,000 private and government-affiliated networks. These
data breaches granted attackers access to an abundance of identifiable information,
including financial information, source code, passwords, and usernames.
2021
In early May, a suspected Russian hacking group took Colonial Pipeline offline for
more than three days in an attack that made ransomware a household word. As
Colonial provides 45% of the East Coast‟s supply of gasoline, diesel fuel, and jet
fuel, this was a major blow. Gas prices spiked across the country, some gas stations
ran out of fuel, over-the-road deliveries were delayed, and there were even reports
of gasoline hoarding.
2021
The infamous REvil collective hit Florida-based software provider Kaseya with a
ransomware attack, demanding $70 million in bitcoin. This attack impacted
businesses across five continents — including shutting down public schools in
New Zealand, closing a major grocery chain in Sweden, and disrupting operations
for hundreds of businesses across the U.S.
2021
2021 closed out with the revelation of a zero-day threat that created massive waves
in the cybersecurity industry, when security researchers published a proof-of-
concept critical exploit for a remote code execution (RCE) vulnerability in Log4j,
a Java logging library used in a significant number of internet applications.
In the weeks following, businesses worldwide worked frantically to identify and
mitigate the impact of the exploit, while security pros and experts released patches
and scanning tools, and guided organizations on how to best protect themselves
from attack.
2022
In one of the more frightening displays of cybercriminals‟ willingness to endanger
the lives and livelihoods of strangers, the agency that administers Social Security
for Costa Rica was shut down by a late May ransomware attack, an attack which
spread to other offices in the country and caused a state of emergency.
2022
A mid-September hack yielded a striking amount of material from a titan of the
gaming industry. The hotly anticipated release of Rockstar Games‟ Grand Theft
Auto 6 was thrown into disarray when a hacker known as “teapotuberhacker”
breached Rockstar‟s internal Slack channel and purloined 90 videos of work-in-
progress gameplay. But this hacker wasn‟t done.
In an extremely similar Slack attack, teapotuberhacker lived up to their screen
name on September 14 when they, well, hacked Uber. The international ride-share
company was breached even more deeply than Rockstar, with the hacker gaining
“pretty much full access to Uber,” including email systems, internal
communications, cloud storage, and code repositories.
2023
Popular genetic testing and sharing site 23and Me fell victim to a credential
stuffing attack which exposed the personally identifiable data (PII) of 6.9 million
users. The initial data leak on the dark web showed threat actors offered to sell data
profiles in bulk for $1-$10 per 23andMe account, depending on how many were
purchased.
2023
Sony found themselves breached again, this time by ransomware gang Rhysida,
who attacked their subsidiary, Insomniac Games. The ransomware group, after
asking for an initial ransom of $2 million USD, released 1.3 million files onto the
dark web. This data included both in development materials for upcoming games
and employee information.
2023
LockBit, a highly active ransomware group, was able to breach health insurance
group MCNA dental, exfiltrating 700GB of data and holding it for a $10 million
USD ransom. LockBit ultimately published the exfiltrated data on the dark web,
which contained PII for 8.9 million individuals
2023
Social engineering was behind this breach of MGM Resorts systems, which cost
the casino giant $100 million in lost bookings plus $10 million due to breach clean
up. Ransomware gang Scattered Spider was behind the attack.
Definition

Cybercrime is any criminal activity that involves a computer, network or

networked device. Some examples of cybercrime include:

1. Child Pornography OR Child sexually abusive material (CSAM)

Child sexually abusive material (CSAM) refers to a material containing
sexual images in any form, of a child who is abused or sexually exploited. Section
67 (B) of the IT Act states that “it is punishable for publishing or transmitting of
material depicting children in the sexually explicit act, etc. in electronic form.

2. Cyber Bullying
A form of harassment or bullying inflicted through the use of electronic or
communication devices such as computers, mobile phones, laptops, etc.

3. Cyber Stalking
Cyberstalking is the use of electronic communication by a person to follow a
person, or attempts to contact a person to foster personal interaction repeatedly
despite a clear indication of disinterest by such person; or monitors the internet,
email or any other form of electronic communication commits the offence of
stalking.

4. Cyber Grooming
Cyber Grooming is when a person builds an online relationship with a young
person and tricks or pressures him/ her into doing a sexual act.
5. Online Job Fraud
Online Job Fraud is an attempt to defraud people who are in need of
employment by giving them false hope/ promise of better employment with higher
wages.

6. Online Sextortion
Online Sextortion occurs when someone threatens to distribute private and
sensitive material using an electronic medium if he/ she doesn‟t provide images of
a sexual nature, sexual favours, or money.

7. Phishing
Phishing is a type of fraud that involves stealing personal information such
as Customer ID, IPIN, Credit/Debit Card number, Card expiry date, CVV number,
etc. through emails that appear to be from a legitimate source.

8. Vishing
Vishing is an attempt where fraudsters try to seek personal information like
Customer ID, Net Banking password, ATM PIN, OTP, Card expiry date, CVV etc.
through a phone call.

9. Smishing
Smishing is a type of fraud that uses mobile phone text messages to lure
victims into calling back on a fraudulent phone number, visiting fraudulent
websites or downloading malicious content via phone or web.

10. Sexting
Sexting is an act of sending sexually explicit digital images, videos, text
messages, or emails, usually by cell phone.

11. SIM Swap Scam

SIM Swap Scam occurs when fraudsters manage to get a new SIM card
issued against a registered mobile number fraudulently through the mobile service
provider. With the help of this new SIM card, they get One Time Password (OTP)
and alerts, required for making financial transactions through the victim‟s bank
account. Getting a new SIM card against a registered mobile number fraudulently
is known as SIM Swap.

12. Credit Card Fraud or Debit Card Fraud

Credit card (or debit card) fraud involves the unauthorized use of another‟s
credit or debit card information for the purpose of purchases or withdrawing funds
from it.

13. Impersonation and identity theft

Impersonation and identity theft is an act of fraudulently or dishonestly
making use of the electronic signature, password or any other unique identification
feature of any other person.

14. Spamming
Spamming occurs when someone receives an unsolicited commercial
message sent via email, SMS, MMS and any other similar electronic messaging
media. They may try to persuade the recipient to buy a product or service, or visit a
website where he can make purchases, or they may attempt to trick him/ her into
divulging bank account or credit card details.

15. Ransomware
Ransomware is a type of computer malware that encrypts the files, storage
media on communication devices like desktops, Laptops, Mobile phones etc.,
holding data/information as a hostage. The victim is asked to pay the demanded
ransom to get his device decrypts

16. Viruses, Worms, and Trojans

A computer virus is a program written to enter your computer and
damage/alter your files/data and replicate itself.

Worms are malicious programs that make copies of themselves again and
again on the local drive, network shares, etc.

A Trojan horse is not a virus. It is a destructive program that looks like a

genuine application. Unlike viruses, Trojan horses do not replicate themselves but
they can be just as destructive. Trojans open a backdoor entry to your computer
which gives malicious users/programs access to your system, allowing confidential
and personal information to be theft.

17. Data Breach

A data breach is an incident in which information is accessed without
authorization.

18. Denial of Services (DoS) attack

A denial of Services (DoS) attack is an attack intended for denying access to
computer resources without the permission of the owner or any other person who is
in charge of a computer, computer system or computer network.

A Distributed Denial of Service (DDoS) attack is an attempt to make an

online service unavailable by overwhelming it with traffic from multiple sources.

19. Website Defacement

Website Defacement is an attack intended to change the visual appearance of
a website and/ or make it dysfunctional. The attacker may post indecent, hostile
and obscene images, messages, videos, etc.

20. Cyber-Squatting
Cyber-Squatting is an act of registering, trafficking in or using a domain
name with an intent to profit from the goodwill of a trademark belonging to
someone else.

21. Pharming
Pharming is a cyber-attack aiming to redirect a website‟s traffic to another,
bogus website.

22. Cryptojacking
Cryptojacking is the unauthorized use of computing resources to mine
cryptocurrencies.
 23. Online Drug Trafficking
Online Drug Trafficking is a crime of selling, transporting, or illegally
importing unlawful controlled substances, such as heroin, cocaine, marijuana, or
other illegal drugs using electronic means.

24. Spy
Spy is the act or practice of obtaining data and information without the
permission and knowledge of the owner.
Understanding Cyber Crime
Cyber crime refers to illegal activities conducted via the internet or through
the use of information technology. It encompasses a wide range of offences
including hacking, data theft, online fraud, cyber terrorism and identity theft. The
anonymity provided by the digital space allows cyber criminals to operate with a
degree of impunity, making cyber crime an appealing avenue for illicit activities.
Nature of Cyber Crime in India
The nature of cyber crime in India is multifaceted and constantly evolving.
The most common forms of cyber crime in the country include:
 Phishing: Fraudulent attempts to obtain sensitive information such as usernames,
passwords and credit card details by disguising as a trustworthy entity in an
electronic communication.
 Ransomware: A type of malicious software designed to block access to a
computer system until a sum of money is paid.
 Data Breaches: Unauthorised access and theft of personal or corporate data.
 Online Scams: Various schemes that deceive users into paying money for
fraudulent services or goods.
 Cyber Stalking and Harassment: Using the internet to stalk or harass an
individual, group or organisation.
 Identity Theft: Stealing personal information to impersonate someone else for
financial gain or other benefits.

Extent of Cyber Crimes in India and other countries-The extent of cybercrime

varies across countries, and it is challenging to provide precise statistics as
cybercrime incidents are often underreported.
1. India: India has witnessed a significant increase in cybercrime incidents in
recent years. According to the National Crime Records Bureau (NCRB) data
for 2019, there were over 44,000 reported cybercrime cases in the country,
representing a 63% increase compared to the previous year. These cases
 include online financial frauds, identity theft, cyberbullying, and various
other forms of cybercrime.
Some specific cybercrime challenges faced by India include:
Online Financial Frauds: Fraudulent activities involving credit/debit cards,
online banking, and e-commerce transactions are common.
Social Media Misuse: Instances of fake profiles, online harassment, and
spreading misinformation on social media platforms have been on the rise.
Phishing and Identity Theft: Cybercriminals often use phishing techniques to
deceive individuals and steal their sensitive information, such as login
credentials and financial details.
Ransomware Attacks: Incidents of ransomware attacks, where malware
encrypts a victim's data and demands a ransom for its release, have also been
reported.
The Indian government has taken several initiatives to tackle cybercrime,
including the establishment of cybercrime cells, the enactment of the
Information Technology Act, 2000, and the formation of the Indian Computer
Emergency Response Team (CERT-In) to handle cybersecurity incidents.
2. Other Countries: Cybercrime is a global issue, and countries worldwide are
affected to varying degrees. Some countries have faced significant
challenges in dealing with cybercrime due to factors such as technological
infrastructure, awareness levels, and legal frameworks. Here are a few
examples:
United States: As a highly connected country, the United States
experiences a significant number of cybercrime incidents. It faces various
cyber threats, including hacking, identity theft, online fraud, and data
breaches.
United Kingdom: The UK has also seen a rise in cybercrime incidents, with
financial fraud, hacking, and online scams being prevalent. The government
has established organizations like the National Cyber Security Centre
(NCSC) to address cybersecurity challenges.
Australia: Cybercrime is a growing concern in Australia, with reports of
online scams, identity theft, and ransomware attacks. The Australian Cyber
Security Centre (ACSC) plays a crucial role in coordinating cybersecurity
efforts.
 China and Russia: These countries have been associated with cyber
espionage and state-sponsored cyber activities targeting other nations. They
have faced allegations of engaging in cybercrime activities for political and
economic purposes.
It is important to note that cybercrime is a constantly evolving
phenomenon, and the extent and nature of cybercrime can change over time
as new technologies emerge and cybersecurity measures evolve.
Classification of cyber crimes

Cyber Crime against individuals: ordinary individuals are the most vulnerable
targets of cybercriminals. This is due to various reasons like lack of information,
guidance, and cyber-security.

A spoofed email is one in which e-mail header is forged so that mail appears
to originate from one sour
Spamming : Spamming means sending multiple copies of unsolicited mails or
mass e-mails such as chain letters.

This occurs when defamation takes place with the help of computers and / or
the Internet. E.g. someone publishes defamatory matter about someone on a
website or sends e-mails containing defamatory information.
 Cyber Stalking Means following the moves of an individual‟s activity over
internet. It can be done with the help of many protocols available such at e- mail,
chat rooms, user net groups.
Cyber crime against Property: These type of crimes include unauthorized
computer trespassing through cyberspace, computer vandalism, transmission of
harmful programs, and unauthorized possession of computerized information.

copying of programs, distribution of copies of software.

 Copyright infringement
 Trademarks violations
 Theft of computer source code

person which is actually paid by another person.

Cyber crime against Organisation:
Crimes done to threaten any organisation or international government by
using internet facilities. These cybercrimes are known against organisation.
These crimes are committed to spread terror among people.

ossession of unauthorized information

without permission from the owner.

it can be of 2 forms:
o Changing/deleting data: Unauthorized changing of data.
o Computer voyeur: The criminal reads or copies confidential or proprietary
information, but the data is neither deleted nor changed.

requests so as to denying legitimate users to use the server or to crash the server.
program that can infect other computer programs by modifying them in such a way
as to include a (possibly evolved) copy of it. Viruses can be file infecting or
affecting boot sector of the computer. Worms, unlike viruses do not need the host
to attach themselves to.

company or mail servers thereby ultimately resulting into crashing.

ack : When negligible amounts are removed & accumulated in
to something larger. These attacks are used for the commission of financial crimes.

designated event occurs, it crashes the computer, release a virus or any other
harmful possibilities.

what seems to be an authorized program, thereby concealing what it is actually

doing.

before it is processed by a computer and then changing it back after the processing
is completed.

Cyber Crime against Society:

These cybercrimes which affect the society at large are known as ..

can be forged
using computers and high quality scanners and printers.

others.

another, even they change the content of website for fulfilling political objective or
for money.

Emerging trends in cyber crime across the world:

 Cybercrime is the fastest growing crime across the world and the global cost
could exceed $6 trillion by end of 2021and reach 10.5 trillion by 2025 as per the
Cybersecurity ventures report on cybercrime. If that total amount is a country‟s
GDP, it‟s next only to the income of the US and China.
As technology keeps evolving at a rapid pace, so do cybercrooks. Apart
from newer forms of cyber threats, even the oldest tricks in the book are not
completely useless for these cybercriminals. They take these tricks out of the box
and make modifications and updates to bypass security measures especially created
for them.
Some of the common emerging trends of cybercrime across the world include:
1. Pandemic-Related Phishing: Cybercriminals have been using the
pandemic narrative to peddle fear and con individuals to provide them access to
sensitive information. One example was recorded in the UK. Elderly peo-ple
received emails and calls that promised them Covid-19 vaccination as long as they
provide the data that the email sender or caller asked (Infosec, 2021). Another such
email campaign even uses the name of CDC to con people in US(CDC,
2020).Google‟s Threat Analysis Group shared that they blocked 18 million Covid-
19 themed emails that contained phishing links and malware downloads per day
(Security Magazine, 2020).
2. Ransomware Attacks: Ransomware remains one of the biggest threats
on the web today. First coming into the fore in 2017 with the effects of global
campaigns NotPeya and WannaCry, reports show that the number of ran-somware
attacks doubled in 2018, hitting 10.5 billion globally. In the following year,
however, that figure de-creased to 9.9 billion (SonicWall, 2020).In 2020, 51% of
organizations were hit by a ransomware attack; three-quarters of which resulted in
data becoming encrypted. As a result, 26% of victims paid the ransom to get their
data back. Unfortunately, 1% of those who did so did not have their data freed and
released back to them (Sophos, 2021).
3. Increase in Business Email Compromise(BEC) Attacks: The first half
of 2020 saw a 200% increase in BEC attacks (Bitdefender, 2020). The targets of
these cyberattacks were businesses that frequently dealt with suppli-ers abroad and
who exchange money online. To commit this kind of cybercrime, hackers pose as
vendors, sup-pliers, or customers, they are able to hijack money exchanges and
redirect those to their own accounts.
 4. Mobile Malware: In the third quarter of 2020, Iran, Bangladesh, and
Algeria topped the list of countries with the most mobile malware attacks. The
report shows that 30.29% of mobile users in Iran experienced a mobile malware
attack. Bangladesh and Algeria follow closely behind, with 17.18% and 16.28%,
respectively of mo-bile users reporting mobile malware (Securelist, 2020).Last
2020, the Microsoft 365 Defender Research Team uncovered a new Android
malware, which fully disabled the use of Android devices and forced individuals to
pay the ransom to gain back control (Microsoft, 2020).
5. Cyberactivism: Cyberactivists are the online equivalents of protesters
fighting for a particular agenda. One of their main purposes is to interrupt the
website operations of a company or an organization as a way of getting across their
messages to the higher-ups. In 2010, a group of cyber activists who claimed to be
part of Anony-mous executed a DDoS attack on PayPal in response to PayPal‟s
shutdown of payment services to WikiLeaks. The group of hackers called
Anonymous publicly listed names that were related to Jeffrey Epstein and his clan-
destine activities. This action was in response to the killing of George Floyd (AS,
2020).
6. Artificial Intelligence(AI) and Internet of Things(IoT) in Cybercrime:
With the advent of IoT devices, AI is predicted to commit more cybercrimes than
actual people in the year 2040. AI and IoT are gradually making things easier for
cybercriminals. Any device that can be connected to the Internet carries the risk of
getting hacked. And with the rapid growth of the technological advancements in
the AI aspect, IoT devices are facing security issues that seem to have no solutions
as of yet
.7. Supply Chain Attacks: While supply chain attacks are not the most
common cybercrime, they are still ex-tremely damaging. These can occur when
cybercriminals find a weakness or a number of vulnerabilities in an organization‟s
ecosystem, particularly through third-party systems.A most damaging supply chain
attack hap-pened to Solar Winds in 2020. The company deals in system
management tools that are widely used by IT pro-fessionals, the most popular of
which is Orion NMS. Hackers exploited the configurations of the software, in-
serted malware into SolarWinds‟s servers, which was packaged as part of an
update. This effectively allowed the threat group to get inside the systems of all
organizations using Orion NMS, among which are the US De-partment of Defense
and 425 names in the US Fortune 500 (SANS Institute, 2020).
 8. Data Breaches: Data breaches happen daily, and it is one of the biggest
cyber threats on the web today. Every year, the number of data breaches continues
to increase. Just between January and September 2019, more than 7.9 billion data
records were breached. This figure was a 33% increase from 2018. In the first
quarter of 2020 alone, there was a 273% rise in incidents. From this alone, we can
surmise that data breaches are most likely go-ing to continue and may become
more damaging in the coming years. (IdentityForce, 2020). Sony Pictures came
under attack in 2014 as it prepared to release “The Interview,” a comedy which
depicted an assassination attempt on North Korean leader Kim Jong Un. Hackers
pilfered sensitive information, including embarrassing e-mails and performance
evaluations from its staff. As a result, Sony Pictures pulled the film from most
theatersin favor of an online release, a move that cost it $30 million, according to
the National Association of Theater Owners.