Module-1_Notes_Cyber Security
Module-1_Notes_Cyber Security
Notes On
Course Name: Cyber Security & Cyber Law
Module – 1
By
1
INDEX SHEET
SL. PAGE
TOPIC
NO. NO.
VTU Syllabus 2-3
MODULE – 1
Contents:
Introduction to Cybercrime:
Cybercrime: Definition and Origins of the Word,Cybercrime and Information Security,
Who are Cybercriminals? Classifications of Cybercrimes,
An Indian Perspective, Hacking and Indian Laws., Global Perspectives
Text Book:
Sunit Belapure and Nina Godbole, ―Cyber Security: Understanding Cyber Crimes, Computer
Forensics And Legal Perspectives‖, Wiley India Pvt Ltd, ISBN: 978-81- 265-21791, 2011,
First Edition (Reprinted 2018)
WeblinksandVideoLectures(e-Resources):
https://www.youtube.com/watch?v=yC_hFm0BX28&list=PLxApjaSnQGi6Jm7LLSx
vmNQjS_rt9swsu
https://www.youtube.com/watch?v=nzZkKoREEGo&list=PL9ooVrP1hQOGPQVeap
GsJCktzIO4DtI4_
https://www.youtube.com/watch?v=6wi5DI6du4&list=PL_uaeekrhGzJlB8XQBxU3z
hDwT95xlk
https://www.youtube.com/watch?v=KqSqyKwVuA8
1.1.1 Introduction:
The internet in India is growing rapidly. It has given rise to new opportunities in every
field we can think of be it entertainment, business, sports or education. There‘re two sides to
acoin. Internet also has its own disadvantages is Cybercrime- illegal activity committed on
the internet.
Cybercrime is not a new phenomenon, the first recorded cybercrime took place in the year
1820.In 1820, Joseph Marie Jacquard, a textile manufacturer in France, produced the
loom. This device allowed the repetition of a series of steps in the weaving of special fabrics.
This resulted in a fear amongst Jacquard's employees that their traditional employment and
livelihood were being threatened. They committed acts of sabotage to discourage Jacquard
from further use of the new technology. This is the first recorded cyber crime!
1.2.2 : Cyberspace
Cyberspace refers to the virtual computer world and more specifically, an electronic medium
that is used to facilitate online communication. Cyberspace typically involves a large computer
network made up of many worldwide computer subnetworks that employ TCP/IP protocol to
aid in communication and data exchange activities.
Cyberspace is most definitely a place where you chat, explore, research and play
1.2.3 : Cybersquatting
The term cybersquatting refers to the unauthorized registration and use of Internet domain
names that are identical or similar to trademarks, service marks, company names or personal
names. Cybersquatting registrants obtain and use the domain name with the bad faith intent to
profit from the goodwill of the actual trademark owner. Both the federal government and the
Internet Corporation for Assigned Names and Numbers have taken action to protect the owners
of trademarks and businesses against cybersquatting abuses
1.2.4 : Cyberpunk
A programmer who breaks into computer systems in order to steal or change or destroy
information as a form of cyber-terrorism. cyber-terrorist, hacker.
1.2.5 : Cyberwarfare
Cyber warfare is usually defined as a cyber-attack or series of attacks that target a country. It
has the potential to wreak havoc on government and civilian infrastructure and disrupt critical
systems, resulting in damage to the state and even loss of life
OR
Cyber warfare involves the actions by a nation-state or international organization to attack and
attempt to damage another nation's computers or information networks through, for example,
computer viruses or denial-of-service attacks.
1.2.6 : Cyberterrorism
Cyberterrorism is the premeditated, politically motivated attack against information, computer
systems, programs and data which result in violence against noncombatant targets by sub
national groups or clandestine agents. Attackers often do this by damaging or disrupting critical
infrastructure.
OR
Any person, group or organization who, with terrorist intent, utilizes accesses or aids in
accessing a computer or computer network or electronic system or electronic device by any
available means and there by knowingly engages in or attempts to engage in a terrorist act
commits the offence of cyberterrorism.
1.2.7 : Cybercrime
Cybercrime (computer crime) is any illegal behavior, directed by means of electronic
operations, that targets the security of computer systems and the data processed by them.
Techno crime: A premeditated act against a system or systems, with the intent to
copy, steal, prevent access, corrupt or otherwise deface or damage parts of or the
complete computer system.
Techno-vandalism: Techno-vandalism occurs when unauthorized access to a
computer results in damage to files or programs, not so much for profit but for the
challenge. In such cases, the damage or loss may be intentional or accidental
Cyber Security:
Cyber security means protecting information, equipment, devices, computer, computer
resource, communication device and information stored therein from unauthorized access, use,
disclosure, disruption, modification or destruction
Challenges for Securing Data in Business Perspective:
• Cybercrime occupy an important space in information security due to their impact.
• Most organizations do not incorporate the cost of the vast majority of computer
security incidents into their accounting
• The difficulty in attaching a quantifiable monetary value to the corporate data and yet
corporate data get stolen/lost
• Financial loses may not be detected by the victimized organization in case of Insider
attacks: such as leaking customer data
A spoofed email is one in which the e-mail header is forged so that the mail appears to
originate from one source but actually has been sent from another source.
Spoofs her E-mail and sends obscene/vulgar messagesto all her acquaintrances.
(ii) Phishing :
Phishing attacks are the practice of sending fraudulent communications that appear to come
from a reputable source. It is usually done through email. The goal is to steal sensitive data
like credit card and login information, or to install malware on the victim machine. Phishing
is a common type of cyber attack that everyone should learn about in order to protect
themselves
(iii) Spamming:
Spamming is the use of electronic messaging systems like e-mails and other digital delivery
systems and broadcast media to send unwanted bulk messages indiscriminately. The term
spamming is also applied to other media like in internet forums, instant messaging and
mobile text messaging, social networking spam, junk fax transmissions, television advertising
and file sharing network spam, web search engine spam, video sharing sites etc.
Those who continually attempt to subvert or Spam the search engines may be permanently
excluded from the search index. Therefore the following web publishing techniques should
be avoided.
• Repeating keywords
• Redirection
• IP Cloaking
• Hidden links
This occurs when defamation takes place with the help of computers and/or the Internet. E.g.
someone publishes defamatory matter about someone on a website or sends e-mails containing
defamatory information.
According to the IPC section 499:
Cyber Stalking Means following an individual's activity over internet. It can be done with the
help of many protocols available such as e- mail, chat rooms, user net groups.
Computer sabotage is the input, alteration, erasure or suppression of computer data or computer
programmes, or interference with computer systems, with the intent to hinder the functioning
of a computer or a telecommunication system through the introduction of worms,viruses or
logic bombs.
It can be used to gain economic advantage over a competitor to promote the illegal
activities of terrorists or to steal data or programs for extortion purposes.
Logic bombs are event – dependent programs created to do something only when a
certain event occurs.
Some viruses may be termed as logic bombs because they lie dormant all through the
year and become active only on a particular date.
(vii) Pornographic offenses:
The term ―pornography‖ can be defined as the reporting or portrayal of sexual actions
in order to produce sexual excitement through books, films, or other media.
Pornographic websites, pornographic material created using computers, and the use of
the internet to download and transmit pornographic films, texts, photographs, and
photos, among other things, fall under this category.
Step2: They seek children/teens in the kids areas on the services, such as the Teans
BB,Games BB or chat areas where the children gather.
Step4: They extract personal information from the child/teen by winning his/her
confidence.
Step5: Pedophiles get E-mail address of the child/teen and start making contacts on
the victim‘s E-Mail address as well. Sometimes, these E-Mails contain sexually explicit
language.
Step6: They start sending pornographic images/text to the victim including child
pornographic images in order to help child/teen shed his/her inhibitions so that a feeling
is created in the mind of the victim that what is being fed to him is normal and that
everybody does it.
Step7: The pedophiles set up a meeting with the child/teen out of the house and then
drag him/her into the net to further sexually assault him/her or to use him/her as a sex
object.
Password Sniffing is a hacking technique that uses a special software application that
allows a hacker to steal usernames and passwords simply by observing and passively
recording network traffic. This often happens on public WiFi networks where it is
relatively easy to spy on weak or unencrypted traffic.
Credit card fraud refers to using a credit card to obtain money or goods fraudulently. Thieves
may steal a credit card, copy the number off a credit card, or take over a victim‘s account and
have the credit card mailed to their (the criminal‘s) address. They may also open a new credit
card in the victim‘s name or try a variety of other techniques to steal money or buy assets.
The person who gets access to someone else's ISP(Internet Service Provider) user ID and
password, either by hacking or by gaining access to it by illegal means, uses it to access the
Internet without the other person's knowledge.
1.5.3 Cybercrime Against Organization
• Unauthorized accessing of computer
• Password sniffing
• Denial-of-service attacks
• Logic bomb
• Trojan Horse
• Data diddling
• Software piracy
Password sniffing:
Password sniffing is an attack on the Internet that is used to steal user names and passwords
from the network.
Denial-of-service attacks:
Victims of DoS attacks often target web servers of high-profile organizations such as banking,
commerce, and media companies, or government and trade organizations. Though DoS attacks
do not typically result in the theft or loss of significant information or other assets, they can
cost the victim a great deal of time and money to handle
A computer virus is malicious code that replicates by copying itself to another program,
computer boot sector or document and changes how a computer works. A virus spreads
between systems after some type of human intervention. Viruses replicate by creating their own
files on an infected system, attaching themselves to a legitimate program, infecting a
computer's boot process or infecting user documents. The virus requires someone to knowingly
or unknowingly spread the infection. In contrast, a computer worm is standalone programming
that does not require human interaction to spread. Viruses and worms are two examples of
malware, a broad category that includes any type of malicious code.
A very large number of emails to the victim to crash victim‘s E-mail account or to make
victim‘s mail servers crash. Computer programs can be written to instruct a computer to do
such tasks on a repeated basis. Terrorism has hit the internet in the form of mail bombings.
By instructing a computer to repeatedly send E-Mail to a specified person‘s E-Mail address,
the cybercriminal can overwhelm the recipient‘s personal account and potentially shut down
entire systems.
A salami attack is a type of cybercrime that attackers typically use to commit financial crimes.
Criminals steal money or resources from financial accounts on a system one at a time.This
attack occurs when several minor attacks combine to form a powerful attack. Because ofthis
type of cybercrime, these attacks frequently go undetected.
Ex: A bank employee inserts a program, into the bank‘s servers, that deducts a small amount
of money (say ₹2/- or a few cents in a month) from the account of every customer. No account
holder will probably notice this unauthorized debit, but the bank employee will makea sizable
amount every month.
Logic bomb:
It can be used to gain economic advantage over a competitor to promote the illegal
activities of terrorists or to steal data or programs for extortion purposes.
Logic bombs are event – dependent programs created to do something only when a
certain event occurs.
Some viruses may be termed as logic bombs because they lie dormant all through the
year and become active only on a particular date.
Trojan Horse:
Trojan Horse is a program in which malicious or harmful code is contained inside apparently
harmless programming or data in such a way that it can get control and cause harm.
Ex: Ruining the file allocation table on the hard disk.A Trojan Horse may get widely
redistributed as part of a computer virus. The term Trojan Horse comes from Greek mythology
about the Trojan War.
Data diddling:
• In other words, information is changed from the way it should be entered by a person
typing in the data.
• Usually, a virus that changes data or a programmer of the database or application has
pre-programmed it to be changed.
• For example, a person entering accounting may change data to show their account, or
that or a friend or family member, is paid in full. By changing or failing to enter the
information, they are able to steal from the company.
• To deal with this type of crime, a company must implement policies and internal
controls.
• This may include performing regular audits, using software with built-in features to
combat such problems, and supervising employees.
Usenet convention defines spamming as "excessive multiple posting (EMP)", that is, the
repeated posting of a message (or substantially similar messages). The first widely recognized
Usenet spam (though not the most famous) was posted on 18 January 1994 by
Clarence L. Thomas IV, a sysadmin at Andrews University.[Entitled "Global Alert for All:
Jesus is Coming Soon", it was a fundamentalist religious tract claiming that "this world's history
is coming to a climax." The newsgroup posting Bot Serdar Argic also appeared in early 1994,
posting tens of thousands of messages to various newsgroups, consisting of identical copies of
a political screed relating to the Armenian genocide.
• In many cases, industrial spies are simply seeking any data that their organization can
exploit to its advantage.
• An intrusion to computer network from anywhere in the world and steal data, plant
viruses, create backdoors, insert trojan horse or change passwords and user names.
• An intrusion detection system (IDS) inspects all inbound and outbound networkactivity
and identifies suspicious patterns that may indicate a network or system attack from
someone attempting to break into or compromise a system.
Software piracy:
Theft of software through the illegal copying of genuine programs or the counterfeiting
and distribution of products intended to pass for the original.
Examples:
• End-user copying- Friends loaning disks to each other or organizations under reporting
the number of software installations they have made or organizations not tracking their
software licences
• Hard disk loading with illicit means – Hard disk vendors load pirated software
• Cyberterrorism
• Web Jacking
Forgery
• Something that has been forged, especially a document that has been copied or
remade to look like the original.
• Counterfeit currency notes, postage, revenue stamps, marksheets, etc., can be forged
using sophisticated computers, printers and scanners
Cyberterrorism
OR
Any person, group or organization who, with terrorist intent, utilizes accesses or aids in
accessing a computer or computer network or electronic system or electronic device by any
available means and thereby knowingly engages in or attempts to engage in a terrorist act
commits the offence of cyberterrorism.
Web Jacking:
• In these kinds of offences, the hacker gains access and control over the web
site of another.
• The actual owner of the website does not have any more control over what appears
on that website
• Recently the site of MIT (Ministry of Information Technology) was hacked by the
Pakistani hackers and some obscene matter was placed therein.
• Further the site of Bombay crime branch was also web jacked.
• Another case of web jacking is that of the ‗gold fish‘ case. In this case the site
was hacked and the information pertaining to gold fish was changed.
• There is no technical method available for controlling the contents of any newsgroup.
Hacking:
The Purposes of hacking are many, the main ones are as follows.
1.Greed
2. Power
3. Publicity
4. Revenge
5.Adventure
6.Desire to access forbidden information
7.Destructive mindset
Every act committed toward breaking into a computer and/ or network is hacking. Hackers
write or use ready-made computer programs to attack the target computer. Theypossess
the desire to destruct and they get enjoyment out of such destruction. Some hackers hack
for personal monetary gains, such as stealing credit card information, transferring money
from various bank accounts to their own account followed by withdrawal of money.
Government websites are hot on hackers target lists.
The network context of cybercrime make it one of the most globalized offenses of the
present and most modernized threats of the future.
Solution:
1. Divide information system into segments bordered by state boundaries.
boundaries.
• CoE Cyber Crime Convention (1997-2001) was the first international treaty seekingto
address internet crimes by harmonizing national laws, improving investigative
techniques and increasing cooperation among nations.
• Private sectors expertise should be increasingly involved in the development and
implementation of a country‘s cybersecurity strategy.