Department of Emerging Technologies

Name of the faculty : Mrs. M SilpaRaj

Name of the Subject : CYBER CRIME INVESTIGATIONS AND
DIGITAL FORENSICS
Class and Section : III B. Tech CSE(CS)
Semester : II (Odd Semester)

Lecture Number Unit Number Topic to be covered

UNIT- II
1. Cyber Crime Issues
2. Unauthorized Access to Computers

3. Computer Intrusions

4. White collar Crimes

5. 14 Viruses and Malicious Code

6. Internet Hacking and Cracking
7. Virus Attacks, Pornography, Software Piracy

8. Property Cyber Crime

9. Intellectual Property

10. Mail Bombs

11. Exploitation

12. Stalking and Obscenity in Internet

13. Digital laws and legislation
14. Law Enforcement Roles and Responses

Unit–II: Cyber Crime Issues :

Unauthorized Access to Computers, Computer Intrusions, White
collar Crimes, Viruses and Malicious Code, Internet Hacking and
Cracking, Virus Attacks, Pornography, Software Piracy,
Intellectual Property, Mail Bombs, Exploitation, Stalking and
Obscenity in Internet, Digital laws and legislation, Law
Enforcement Roles and Responses.
 Unit - II
2.0 CYBER CRIME ISSUES :
• Cybercrime issues are the challenges and problems associated with
criminal activities that occur in the digital or online environment.
• These issues arise because cybercrime exploits technology, including
computers, networks, and the internet, to commit illegal acts.

2.1 UNAUTHORIZED ACCESS TO COMPUTERS

• Unauthorized access is the process of gaining entry to computer resources
without permission.
• It could be a system, network, software, or data. Sometimes a person has
permission to access certain resources, but their device doesn’t (like when
someone uses a personal laptop to connect to the work environment) — it
all depends on the company’s security policy.
• Unauthorized access happens when someone enters a computer system,
account, or data without permission. This can be done on purpose by
hackers or even by accident when someone stumbles upon information
they weren’t supposed to see.
• For example, imagine you leave your phone unlocked, and someone reads
your private messages without asking. That’s similar to unauthorized
access in the digital world.
• People can gain unauthorized access in different ways:
- Guessing passwords – Sometimes, people use easy passwords
like "123456" or "password," which can be guessed easily.
- Hacking – Some attackers use advanced techniques to break
into systems.
- Tricking people – Cybercriminals can pretend to be someone
trustworthy to get login details.
- Company insiders – An employee might accidentally or
purposely access files they shouldn’t see.
• Unauthorized access is a big problem because it can lead to stolen
information, financial loss, or even spying on businesses (corporate
espionage). That’s why companies have strict security policies, like using
strong passwords, encryption, and access controls, to protect sensitive
data.
Risks of Unauthorized Access (Simple Summary)
Unauthorized access can be very dangerous and needs to be stopped
immediately. People who break into systems without permission usually do it for
one of these reasons:
1. Disrupt Systems – Some hackers just want to cause trouble, forcing
companies to shut down their systems.
2. Harm the Target – Sensitive data can be misused to damage a person or
company, leading to data breaches.
 3. Steal Data – Hackers steal important information and may demand money
or sell it to others.
4. Cause Physical Damage – If a hacker gets access to certain systems, they
could damage devices or equipment connected to the network.
Tips to Detect and Prevent Unauthorized Access
1. Give Only Necessary Access – Employees should have access only to
what they need for their jobs. Extra access should be temporary.
2. Use Strong Passwords – Set strict password rules to ensure they are
strong, unique, and regularly updated.
3. Enable Multi-Factor Authentication (MFA) – Require extra verification,
like a one-time code, to prevent hackers from using stolen passwords.
4. Monitor User Activity – Keep track of what users do in your system to
quickly spot suspicious activity.
5. Secure Your IT Systems – Use firewalls, update security software, and
test systems regularly to prevent hacking.
6. Analyze User Behavior – Use tools to detect unusual activities, like logins
from unknown locations or odd working hours.
7. Respond to Threats Quickly – If suspicious activity is detected, security
teams should block access immediately and investigate.
8. Train Employees on Cybersecurity – Teach employees how to recognize
and avoid cyber threats, as attackers often target people instead of
systems.

2.2 , COMPUTER INTRUSIONS

Computer intrusion happens when someone tries to access your computer
without permission. Any computer connected to the internet can be a target for
hackers. Here’s how they can attack:
• Stealing or Changing Information – Hackers may look at,
change, or delete your files. They might sell your data for
money or disrupt your computer’s normal functions.
• Crashing or Slowing Down Your Computer – If hackers
delete important system files, your computer may crash or
slow down.
• Accessing Private Data – Hackers can look through your files
to find sensitive information and misuse or sell it.
• Using Your Computer to Attack Others – Once they control
your PC, hackers can use it to attack other computers on the
internet.

Types of PC Intrusion
PC intrusion can happen in different ways:
1. Sweeper Attack – Hackers delete important data like internet history,
cache, and documents using a harmful program.
 2. Denial of Service (DoS) – Hackers overload the system, making it stop
working and preventing the real user from accessing it.
3. Password Guessing – Hackers try to guess passwords to break into the
computer and damage security.
4. Snooping – Hackers secretly look through files, track keystrokes, steal
passwords, and monitor online activity without permission.
5. Eavesdropping – Hackers secretly listen to data being sent between
computers and servers to steal information.
Tools and techniques used in detecting and mitigating computer intrusions :
Detecting and stopping computer intrusions (or cyberattacks) is a key part of
keeping systems secure.
Tools for Detecting Computer Intrusions:
1. Intrusion Detection Systems (IDS): These are like security cameras for
your computer or network. They watch for suspicious activity and let you
know if something bad is happening. There are two main types:
o Network-based IDS (NIDS): Watches the network for strange or
dangerous behavior.
o Host-based IDS (HIDS): Looks at activities happening directly on
your computer or server. Examples: Snort and OSSEC.
2. Intrusion Prevention Systems (IPS): IPS not only detects threats but also
stops them immediately. If a bad action is detected, the IPS will block it
automatically. It’s like having a guard who stops the intruder before they
can cause damage. Examples: Cisco Firepower.
3. Firewalls: Firewalls act like a security gate that filters incoming and
outgoing traffic to block unauthorized access. They prevent malicious
actors from getting into your network or system. There are different types:
o Traditional Firewalls: Check if incoming traffic is allowed based on
a set of rules.
o Next-Generation Firewalls (NGFW): Have extra features like
detecting threats and filtering web traffic. Examples: Windows
Firewall or Palo Alto Networks.
4. Antivirus Software: Antivirus programs look for harmful software (like
viruses or malware) on your computer. They can scan your system to find
and remove anything that could harm it. Examples: McAfee, Norton,
Kaspersky.
5. Security Information and Event Management (SIEM): SIEM tools
collect information from different parts of your network and systems, like
logs, and look for signs of problems. They give you a big-picture view of
security and can alert you if something looks off. Examples: Splunk and
IBM QRadar.
 6. Endpoint Detection and Response (EDR): These tools focus on the
devices (endpoints) like laptops, desktops, or servers. They monitor for
suspicious activity on those devices and can quickly respond to block an
attack. Examples: CrowdStrike and Carbon Black.
Techniques for Mitigating (Stopping) Computer Intrusions:
1. Patch Management: Keeping your software up to date is one of the
simplest ways to prevent attacks. When companies find problems (called
vulnerabilities) in their software, they release updates (called patches) to
fix them. Regularly updating software reduces the chances of an attacker
exploiting these weaknesses.
2. Network Segmentation: This technique divides a network into smaller
sections (segments), so if an attacker gets into one part, they can’t easily
access the rest. It's like having different locked rooms in a building to limit
the damage if someone breaks into one.
3. User Authentication: Strong login systems, like two-factor
authentication (2FA), make sure only authorized users can access a
system. It’s like having an extra lock on your door—after entering a
password, you also need a code sent to your phone to get in.
4. Regular Backups: Regularly backing up your data means that if an
attacker messes with your files, you can restore them easily. It’s like
having a backup key for your house—if you lose your original, you still
have access.
5. Network Traffic Monitoring: Continuously watching network activity
helps to

2.3 WHITE COLLAR CRIMES

The term "white-collar crime" was first used by sociologist Edwin Sutherland in
1949. It refers to crimes committed by professionals who work in offices and wear
business attire (like white shirts and ties).

• White-collar crime happens when people in high positions, like CEOs or

managers, steal money from businesses. These crimes are different from regular
crimes because they are complicated, involve many people, and are hard to prove
in court.
Examples of White-Collar Crimes:
• Fraud – Lying to gain money or financial benefits.
- A business executive lies to investors about the company’s profits
to encourage more investments. When the truth comes out,
investors lose their money, and the executive may face legal
action.
• Bribery – Giving money or gifts to influence decisions.
- It is a form of cyber corruption that involves offering or accepting
gifts, entertainment, or payments to gain an advantage or retain
business. This can include offering or accepting payments from
 government officials or other entities in exchange for favorable
treatment.
• Extortion – Forcing someone to give money using threats.
- Extortion involves obtaining something, especially money,
through force or threats. It’s a white collar crime often committed
by individuals in positions of power. An example of extortion
could involve a public official who demands bribes in return for
granting contracts. The victims of extortion can suffer financial
loss, emotional distress, and in the case of businesses,
reputational damage.
• Embezzlement – Stealing money from a company or organization.
- A company’s accountant secretly transfers money from the
company’s accounts into their personal bank account. They
cover up the theft by falsifying financial records so that no one
notices the missing money. This is an example of
embezzlement, a common white-collar crime.
• Cybercrime – Using computers to commit crimes, like hacking or identity
theft.
- A company's employee with access to customer data steals
personal information, such as names, credit card details, and
Social Security numbers. They then sell this information on the
dark web or use it to commit fraud, such as opening fake bank
accounts or making unauthorized purchases.
• Fraud is the most common white-collar crime because it covers many illegal
financial activities.
Types of White-Collar Fraud
- Corporate Fraud
- Money Laundering
- Securities and Commodities Fraud
1. Corporate Fraud : Corporate fraud happens when employees or
executives in a company commit illegal acts to benefit themselves, often
leading to financial harm for investors and the company.
o A CEO inflates the company’s profits in financial reports to make
the company seem more successful, tricking investors into investing
money that they lose later.
2. Money Laundering : Money laundering is when people take money made
through illegal activities (like drug trafficking or terrorism) and make it
look like it was earned legally, often by passing it through a legitimate
business.
o Drug dealers run money through a casino, claiming the money
made from gambling to "clean" it and make it appear lawful.
 3. Securities and Commodities Fraud : This type of fraud involves tricking
people into investing in fake or falsified investment opportunities, often
using schemes like Ponzi or pyramid schemes.
o A stockbroker falsely tells investors that a company’s stock is
performing well when it’s not, leading them to invest in something
that’s actually worthless.
Impact of White-Collar Cybercrimes on the Economy and Trust in Digital
Systems:
Impact on the Economy:
1. Financial Losses: Cybercrimes like hacking, fraud, and identity theft
cause businesses and individuals to lose money. Small businesses are
especially vulnerable.
2. Recovery Costs & Legal Fees: Companies must spend on cybersecurity
experts, repairs, and legal fees after a cyberattack.
3. Damage to Reputation: Companies hit by cybercrimes lose customer
trust, which may affect their sales and reputation.
4. Stock Prices: Cybercrimes can lower stock prices as investors see the
company as vulnerable.
5. Innovation & Growth: Small businesses might hold back growth due to
high security costs and fear of cyberattacks.
Impact on Trust in Digital Systems:
1. Erosion of Consumer Confidence: People fear using digital services for
transactions or sharing personal data due to cybercrimes.
2. Loss of Trust in Digital Infrastructure: Cybercrimes make people
question the safety of all digital platforms.
3. Challenges to Digital Payments: Cybercrimes in payment systems can
stop people from using online payment methods.
4. Legal & Regulatory Trust Issues: Confusing rules and weak laws make
businesses unsure and erode trust in digital systems.
5. Increased Security Costs: To prevent cybercrimes, companies and
individuals need to spend more on cybersecurity.

2.4 VIRUSES AND MALICIOUS CODE

• Viruses : A virus is a type of malicious software (malware) that attaches itself
to a legitimate program or file on a computer. When the infected program or file
is run, the virus spreads to other files or computers.
• It can corrupt or delete files, slow down the computer, or even steal information.
• A virus might be sent through an email attachment. When you open the
attachment, the virus infects your computer and spreads to other files or
devices.
• Malicious Code : Malicious code is any software or script that is designed to
cause harm to a computer, network, or system. It can include viruses, worms,
Trojans, and spyware.
• Malicious code can perform a wide range of harmful actions, like stealing data,
damaging systems, or allowing hackers to take control of a computer.
• A Trojan horse is a type of malicious code that appears to be a legitimate
program but secretly gives hackers access to your computer, allowing them to
steal personal information or cause damage.
• Both viruses and malicious code can be spread through downloads, email
attachments, websites, or infected software.
Malicious code comes in many forms:
- Trojans : A Trojan is a type of malware that looks like a normal
program but secretly harms your computer or steals data.
o A fake antivirus program that actually infects your system
instead of protecting it.
- Viruses : A virus is a malicious program that attaches itself to
files or software and spreads when those files are opened.
o A virus hidden in an email attachment that corrupts files
when opened.
- Worms : A worm is malware that spreads on its own across
computers and networks without needing a host file.
o A worm that moves through email contacts, sending itself
to everyone in the victim’s address book.
- Ransomware : Ransomware locks or encrypts a user’s files and
demands a payment (ransom) to unlock them.
o A hacker locks all files on a company’s computer and asks
for money to restore access.
- Backdoor Attack : A backdoor is a hidden way for hackers to
enter a system without needing passwords or permission.
o A hacker installs a secret entry point in software that
allows them to control a system later.

Different Types of Malicious Code Attacks

1. Backdoor Attacks – These attacks secretly bypass security protections,

allowing hackers to access a system without permission.
2. Scripting Attacks – Hackers insert harmful scripts into trusted websites,
making users unknowingly spread the attack. For example, TweetDeck
was attacked, causing many users to automatically share the harmful
script.
3. Computer Worms – These are viruses that spread by themselves from one
computer to another in a network. In 2004, different worms (like MyDoom
and Bagle) infected emails, leading companies to improve email security.
4. Trojan Horse – This type of malware pretends to be a useful or harmless
program but actually gives hackers full access to a system, allowing them
to steal or change data.
5. Spyware – This malware stays hidden while secretly collecting personal
data, tracking keystrokes, taking screenshots, and even controlling the
computer’s camera.
6. Ransomware – This malware locks a computer or important files and
demands money (ransom) before allowing access again.

Detection and Removal of Malicious Code:

• There are several common warning signs that your computer or network has
fallen victim to malicious code or malware.
 • Your computer slows down significantly overnight.
• Computer programs frequently begin crashing, even after restarting.
• Pop-ups spamming your screen often indicate there is spyware on a
computer.
• Having access to network activity while offline is a sign of a virus.
• You experience a sudden increase or decrease in your hard drive’s capacity.
• Your contacts might be receiving strange messages from your email.

Here are some easy ways to keep your computer safe from viruses and
malware :

1. Install and update antivirus software – Antivirus programs help detect

and remove harmful files. Always download antivirus software from
trusted sources and keep it updated.
2. Be careful with links and attachments – Don’t open email attachments
or click on links from unknown sources, as they may contain viruses.
3. Block pop-up ads – Pop-ups can carry hidden malware. Use a pop-up
blocker in your web browser to prevent them from appearing.
4. Use a non-admin account – When browsing the internet, use a regular
user account instead of an admin account. This prevents malware from
making big changes to your computer.
5. Turn off AutoRun and AutoPlay – Disabling these features stops infected
USB drives or external devices from automatically running harmful
programs.
6. Change your passwords regularly – If you suspect a virus, update all
your passwords immediately. Use strong, unique passwords to protect
your accounts.
7. Keep software updated – Install the latest updates for your operating
system, browser, and other software to fix security weaknesses.
8. Back up your important files – Save your important documents, photos,
and emails to an external hard drive or cloud storage so you don’t lose
them in case of an attack.
9. Enable a firewall – Firewalls help block harmful internet traffic before it
reaches your computer. Make sure your system’s firewall is turned on.
10. Use anti-spyware tools – Spyware can track your activity and steal
information. Use an anti-spyware program to detect and remove it.
11. Monitor your accounts – Regularly check your bank and online accounts
for suspicious activity. If you see anything unusual, contact your bank or
service provider.
12. Avoid public Wi-Fi – Public Wi-Fi networks are not secure and can let
hackers steal your data. Use a VPN or avoid logging into sensitive accounts
when using public Wi-Fi.

2.5 INTERNET HACKING AND CRACKING

Internet Hacking:

• Internet hacking is an unauthorized access to websites, online accounts, or

networks using various techniques.
• Hackers may be caused by :
- Find security weaknesses in websites or systems.
- Modify web content (e.g., defacing websites).
 - Steal personal data like passwords, emails, or credit card
details.
- Overload a website with traffic (DDoS attack) to crash it.
• Hacker finds a security flaw in an online banking website and alerts the
company so they can fix it.
Internet Cracking:

• Internet cracking is when someone illegally breaks into online accounts,

networks, or websites to steal, damage, or disrupt services.
• Crackers may be caused by :
- Steal passwords and take control of accounts.
- Spread malware to infect computers.
- Crack software to remove licensing or copy protection.
- Spy on online activity to steal private information.
• A cracker uses phishing emails to trick people into giving their banking login
details, then steals money from their accounts.
• Hacking and cracking both involve accessing computer systems, but they
have different purposes and intentions.
• Ethical hackers (also called white-hat hackers) help companies find security
weaknesses and fix them.
• Hackers have deep knowledge of programming and computer systems.
• Not all hacking is illegal—some hackers work to protect systems.
• Crackers (also called black-hat hackers) steal data, change accounts, spread
viruses, or damage systems.
• They use tricks like phishing emails or hacking public WiFi to steal private
information.
• Cracking is against the law and punishable in most countries.
Types of Hacking (Simple Explanation)
1. White-Hat Hacking (Ethical Hacking) – Authorized security testing to
improve systems and fix vulnerabilities.
o A cybersecurity expert helps a company strengthen its website
security.
2. Black-Hat Hacking (Illegal Hacking) – Unauthorized hacking to steal,
damage, or disrupt systems for personal gain.
o A hacker steals credit card details from an online store.
3. Gray-Hat Hacking (Mixed Intentions) – Hacking without permission but
without harmful intent, often to expose security flaws.
o A hacker finds a security bug on a website and informs the owner
instead of exploiting it.
4. Application Hacking – Modifying or exploiting applications to gain
unauthorized access or manipulate their functions.
o Hacking a banking app to transfer money illegally.
5. Wireless Hacking – Hacking into wireless networks to intercept data, steal
bandwidth, or inject malware.
o Hacking a public Wi-Fi network to spy on users’ online activities.
 Types of Cracking (Simple Explanation)
1. Password Cracking – Gaining unauthorized access to accounts by
breaking passwords using techniques like brute force, dictionary attacks,
or phishing.
o A hacker guesses or cracks a weak email password to steal data.
2. Software Cracking – Removing or bypassing software protections like
activation keys or licenses to use paid software for free.
o Downloading and using a pirated version of Microsoft Office without
paying.
3. Network Cracking – Hacking into secured computer networks to steal
data, inject malware, or disrupt services.
o Breaking into a company’s private network to steal confidential files.
4. Application Cracking – Modifying or reverse-engineering applications to
remove security features or exploit weaknesses.
o Cracking a mobile app to remove ads or unlock premium features
for free.
5. Wireless Cracking – Hacking into Wi-Fi networks by breaking encryption
to gain unauthorized access.
o Cracking a neighbor’s Wi-Fi password to use their internet without
permission.

Difference between Hacker and Cracker :

2.5 VIRUS ATTACKS

• A computer virus is a type of harmful software, also known as malware, that
can spread from one computer to another and cause damage to both data and
software.
 • Computer viruses aim to disrupt systems, cause major operational issues,
and result in data loss and leakage.
• It is typically attach to an executable host file, which results in their viral
codes executing when a file is opened.
• The code then spreads from the document or software it is attached to via
networks, drives, file-sharing programs, or infected email attachments.
• A virus attack occurs when a malicious program infects a computer, typically
causing damage to data, files, or system functions.
Computer viruses spread through various methods :

• In the past, they were transferred using floppy disks, but today, they are more
commonly spread via the internet.
• Viruses can be sent through email attachments, and some even hijack the
victim's email software to spread themselves to others.
• They may also attach to legitimate software, or be bundled within software
packages.
• Viruses can also be downloaded from compromised app stores or infected
online code repositories.
• A key feature of viruses is that they need the victim to run the infected code
or program, which activates the virus and allows it to spread further.
Types of Computer Viruses :

• Resident Virus: This virus infects programs as you open them. It stays
on the computer even when the program is closed and spreads through
other programs.
• Multipartite Virus: It uses several ways to spread and infect your
computer. It can stay in memory and affect other parts of your system,
slowing it down.
• Direct Action Virus: This virus infects files when the system is running,
changes your system settings, and then deletes itself. It can destroy all
data on your computer.
• Browser Hijacker: This virus changes your web browser settings, like
your homepage or search engine. It can also cause pop-up ads and is often
found in free, untrusted software.
• Overwrite Virus: This virus replaces your files with its own content. Once
your files are infected, they can’t be restored unless deleted. It affects all
types of systems.
• Web Scripting Virus: This virus attacks your browser security and adds
harmful code to websites. It can steal information, send spam, or damage
website files.
• File Infector: This is a common virus that infects files like .exe or .com.
It spreads when you open those files and can quickly spread across your
computer or network.
• Network Virus: These viruses are dangerous because they can infect an
entire network of computers. They spread quickly and can be hard to
detect.
 • Boot Sector Virus: This virus targets the part of your computer that starts
it up. It infects the boot-up process and can cause problems with starting
your computer. Modern computers have protections to stop this virus.

How To Prevent Your Computer From Viruses :

1. Use a trusted antivirus product
2. Avoid clicking pop-up advertisements
3. Scan your email attachments
4. Scan the files that you download using file-sharing programs

2.7 PORNOGRAPHY
• The prevalence of pornography in cybercrime is a serious issue with various
consequences. While pornography itself isn't always illegal, its connection to
cybercrime is concerning because it can be used as a tool to exploit or
manipulate people.
• Here’s how it contributes to cybercrime:
1. Child Exploitation: Pornography is often used as a way to distribute
illegal content, such as child pornography, which is a severe crime.
Cybercriminals use websites, social media platforms, and file-sharing
networks to share this content.
2. Revenge Porn: The non-consensual sharing of explicit content, commonly
known as "revenge porn," has become a growing issue. Cybercriminals
may exploit personal videos or images, leaking them online to damage the
victim's reputation or extort money.
3. Phishing and Scams: Some cybercriminals use pornography websites or
email offers as bait to lure victims into clicking malicious links. These links
often lead to phishing websites or download malware.
4. Online Trafficking: Cybercrime networks may use pornographic material
to facilitate human trafficking. They may exploit vulnerable individuals by
tricking or coercing them into creating explicit content that is then sold or
distributed.
5. Ransomware and Extortion: Cybercriminals might threaten to release
private explicit content unless the victim pays money. This form of
blackmail is becoming more common, with attackers using explicit
material to manipulate their targets.
The challenges in addressing the issue of pornography-related cybercrime are
multifaceted:
1. Anonymity and Accessibility: The internet allows individuals to hide
their identities, making it difficult to trace cybercriminals. The ability to
quickly access and share content—whether legal or illegal—adds to the
problem, as harmful material can be distributed widely with little effort.
This makes monitoring and preventing such activities more challenging
for authorities.
 2. Global Nature: Cybercrime doesn't adhere to national borders. This
means that criminals can operate from any part of the world, and
investigating these crimes requires cooperation across different countries.
However, each country has its own laws and regulations, and varying
levels of enforcement. This makes it difficult to create a unified global
strategy to tackle pornography-related cybercrimes effectively.
3. Technological Advancements: As technology evolves, so do the methods
used by cybercriminals. One major advancement is the creation of
deepfakes—realistic but fake videos or images that can be used to
manipulate and create harmful explicit content. These fake materials are
often difficult to distinguish from real ones, complicating investigations.
The rapid pace of technological change makes it harder for laws, tools, and
investigators to keep up.
Ethical Challenges:
• Freedom of Expression vs. Protection: Balancing free speech with
protecting people from harmful content.
• Impact on Minors: Protecting children from exposure to harmful or
inappropriate material.
• Consent Issues: Ensuring all content is created with consent to avoid
exploitation.
Social Challenges:
• Normalization of Harmful Content: Pornography can normalize harmful
behaviors and unrealistic views of relationships.
• Addiction and Mental Health: Excessive pornography use can lead to
addiction and mental health issues.
• Gender and Power Dynamics: Pornography often reinforces harmful
stereotypes and power imbalances.
• Privacy Violations: Non-consensual sharing of intimate content can
cause significant social harm to victims.
Legal Challenges:
• Regulation and Enforcement: Controlling cyber pornography is difficult
due to the global nature of the internet.
• Age Verification: Verifying ages to prevent minors from accessing explicit
content is challenging.
• Protection of Minors: Laws must protect children from exposure to
explicit material.
• International Cooperation: Legal systems across countries need to
cooperate to combat cyber pornography.
• Free Speech vs. Censorship: Balancing free speech with controlling
harmful content is a key challenge.

2.8 SOFTWARE PIRACY

• Software piracy is the act of using, sharing, or distributing software without
having the legal right to do so.
• This typically happens when software is copied and used without purchasing a
legitimate license or authorization from the software's creator or copyright
holder.
 • Software piracy is illegal because it violates copyright laws, deprives developers
of income, and undermines the efforts of legitimate software companies.
• It can also expose users to risks like malware or viruses, as pirated software
may be tampered with and come with harmful code.

Types of software piracy:

• Softlifting or End-User Piracy: This occurs when someone buys software

and then shares it with others who are not authorized to use it. For
example, in schools or businesses, one copy of software might be used on
multiple computers even though only one license was purchased. It can
also include using an upgrade for a software version without having the
original licensed version.
• Counterfeiting: Counterfeiting involves illegally copying, distributing, or
selling software that is presented as authentic. It often includes copying
the software's packaging, license agreement, and other elements, making
it look like the real thing while being sold for a lower price.
• Hard-Disk Loading: This form of piracy happens when a computer reseller
buys legal software, copies it, and installs it onto the computers they sell.
Customers often don’t realize they are buying a computer with unlicensed
software on it.
• Client-Server Overuse: This occurs when a company installs software on
a network but exceeds the number of users allowed by its license. For
example, a company might install software on multiple computers in a
network, even though the license only allows for a limited number of users.
• Online Piracy: Online piracy is the illegal distribution and downloading of
software over the internet. This can happen on:
o Online auction sites selling pirated or counterfeit software.
o Peer-to-peer file sharing networks that allow users to share
pirated software.
o Usenet and other forums that distribute pirated content.
o Websites offering free downloads of pirated software

Measures Taken by Organizations and Governments to Prevent Software

Piracy:

1. Software Licensing and Registration:

o Product Activation and Serial Numbers: Many companies require
users to enter a product key or serial number to activate software,
ensuring only licensed users can use it.
o Online Registration: Some software requires users to register
online, making it easier to track legitimate users and prevent
unauthorized access.
2. Digital Rights Management (DRM):
o Encryption and Copy Protection: DRM systems are implemented
to restrict the copying, sharing, and unauthorized use of software,
often using encryption or special codes to protect software from
being pirated.
o Watermarking: Some companies add invisible digital watermarks
to software to trace its source in case of piracy.
3. Legal Enforcement:
 o Intellectual Property Laws: Governments enforce strict
intellectual property (IP) laws that protect software developers'
rights to their creations. Violators face civil and criminal penalties,
such as fines or jail time.
o Anti-Piracy Laws: Many countries have specific laws against
software piracy, which are reinforced through local courts and
international treaties.
o Collaboration with Law Enforcement: Governments work with law
enforcement agencies to detect and investigate software piracy
activities, leading to arrests and fines.
4. Public Awareness Campaigns:
o Education on Legal Software Usage: Organizations and
governments run campaigns to educate users and businesses about
the risks of using pirated software, including security threats and
legal consequences.
o Promoting Legal Alternatives: Many organizations encourage the
use of legal alternatives by providing discounts, student versions, or
lower-cost options for software.
5. Monitoring and Audits:
o Software Audits: Companies may conduct regular audits to check
whether their software is being used in compliance with licensing
agreements. Organizations found using unlicensed software may
face penalties or lawsuits.
o Monitoring Online Marketplaces: Governments and companies
monitor online platforms where pirated software may be sold, taking
down illegal listings and prosecuting sellers.
6. Collaboration with International Organizations:
o International Treaties and Agreements: Organizations like the
World Intellectual Property Organization (WIPO) work to create
global standards and agreements that help prevent software piracy
across borders.
o Cooperation with Internet Service Providers (ISPs):
Governments and organizations work with ISPs to detect and block
illegal distribution of pirated software online.
7. Offering Affordable and Accessible Alternatives:
o Freemium or Subscription Models: Some software companies offer
lower-cost or subscription-based models, making it more affordable
for users to access legal versions of software.
o Open-Source Software: Encouraging the use of open-source or free
software alternatives that are legal and offer many of the same
functionalities as commercial software.
8. Penalties and Legal Action:
o Lawsuits and Fines: Companies and governments can file lawsuits
against individuals or businesses found using pirated software. This
can result in significant fines or legal penalties.
o Civil and Criminal Prosecution: In cases of large-scale piracy,
criminal charges can be brought against perpetrators, leading to jail
time or heavy fines.
 Preventive Measures:

• Education and Awareness: Spreading the word about the risks and legal
issues of software piracy can encourage businesses and individuals to use
legitimate software.
• Software Licensing and Auditing: Organizations should keep track of the
software they use by conducting regular audits to ensure they are
compliant with licensing agreements.
• Legal Alternatives: Offering affordable, accessible, and legitimate
software options can encourage users to choose the legal route over piracy.

2.9 INTELLECTUAL PROPERTY

• Intellectual property (IP) in the context of cybercrime refers to the legal rights and
protections afforded to creations of the mind, such as inventions, literary and
artistic works, designs, symbols, names, and images used in commerce.
• Protecting intellectual property in the digital age presents unique challenges due
to the ease of reproduction, distribution, and manipulation facilitated by digital
technologies and the internet.
Types of Intellectual Property :

• Copyright: Protects original works of authorship fixed in a tangible medium,

such as literary works, music, films, and software.
• Patents: Grants exclusive rights to inventors for new and useful inventions,
such as processes, machines, or compositions of matter.
• Trademarks: Protects distinctive signs, symbols, or logos used to distinguish
goods or services in the marketplace.
• Trade Secrets: Confidential business information that provides a
competitive advantage and is not generally known or readily ascertainable
by others.
Cybercrime Issues Involving Intellectual Property
o Online Piracy o Counterfeiting
o Cyber Espionage
o Domain Name Hijacking
Impacts of Intellectual Property Theft:

• Economic Losses: Businesses and creators suffer financial losses due to

lost sales, decreased market share, and erosion of competitive advantage
caused by intellectual property theft.
• Innovation and Creativity: Theft of intellectual property discourages
innovation and creativity by undermining the incentive for creators and
inventors to invest in research and development.
• Reputation Damage: Counterfeit or pirated products can damage the
reputation of brands and creators if they are of inferior quality or
misrepresent the original product.
Legal and Regulatory Framework:

- Copyright and Patent Laws: Governments enforce laws and

regulations to protect intellectual property rights, including civil
and criminal penalties for infringement.
- International Cooperation: Given the global nature of the
internet, international cooperation and treaties are crucial for
combating cross-border intellectual property theft and enforcing
rights globally.

Role of International Laws and Agreements in Protecting Intellectual Property Rights

(IPR):

1. Standardizing Protection: International agreements help create

consistent rules for protecting intellectual property across different
countries.
2. Key International Agreements:
- Berne Convention (1886): Ensures automatic copyright
protection for authors in member countries.
- TRIPS Agreement (WTO): Sets minimum standards for
protecting patents, copyrights, and trademarks.
- Paris Convention (1883): Protects industrial property like
patents and trademarks.
- WIPO Copyright Treaty (1996): Protects digital content from
piracy.
- Madrid Agreement (1891): Provides an international system for
registering trademarks.
3. Supporting Global Trade: IPR protection helps businesses trade globally
by reducing the risk of their intellectual property being copied or stolen.
4. Fighting Piracy and Counterfeiting: International laws make it harder for
counterfeit goods to cross borders and protect legitimate businesses from
piracy.
5. Encouraging Innovation: Strong IPR protection motivates businesses and
creators to innovate, knowing their work will be protected.
6. Dispute Resolution: International agreements provide ways to resolve IP-
related disputes between countries.
7. Challenges: Enforcement of IPR protection can be difficult due to
differences in laws between countries and resources available for
enforcement.
8. Important Organizations:
- WIPO (World Intellectual Property Organization): Manages
treaties and provides help to countries.
- WTO: Handles global trade rules, including IPR protection
through TRIPS.

2.10 MAIL BOMBS

A mail bomb is a type of cyberattack where a large number of emails are sent to a
specific email address or server to overwhelm the recipient's system. The goal of a
mail bomb is typically to cause a disruption in the target's email service, often as
part of a Denial-of-Service (DoS) attack.
How Mail Bombs Work:
• Overwhelming the Inbox: The attacker sends an excessive number of
emails to flood the target’s inbox, making it impossible for the recipient to
manage their messages. This can block legitimate communications from
coming through.
• Server Overload: If the mail bomb is severe, it can cause the email server
to become overloaded, slowing down its operations or even causing it to
crash entirely. This can disrupt the email service for the target
organization or individual.
• Disruption: The main goal is to interrupt the target’s ability to use their
email effectively, causing productivity loss and communication
breakdown.
Types of Mail Bombs

• Mass Mailing: Sending multiple copies of the same email to the same
address.
• List Linking: Subscribing the victim to multiple mailing lists, creating a
constant influx of emails.
• Zip Bombing: Attaching large, compressed files to emails, overloading the
recipient's email system.
Motivations for Mail Bombing

• Harassment: Targeting individuals with a malicious intent.

• Denial of Service: Disrupting a service or individual's ability to use email.
• Distraction: Concealing other cyberattacks by creating a smokescreen.
• Fun or Vandalism: Some individuals may engage in mail bombing for
amusement.
Techniques Used:

• Automated Scripts: Attackers often use automated scripts or software

tools designed to generate and send a high volume of emails rapidly.
• Botnets: Compromised computers (botnets) can be used to distribute mail
bombs, making it difficult to trace the source of the attack.
Protection Against Mail Bombs :

• Robust Email Filters: Implementing strong spam filters can help block a
significant portion of mail bombs.
• Email Limits: Setting limits on the number of emails that can be received
per hour or day can mitigate the impact.
• Dedicated Spam Servers: Using separate servers for spam can isolate the
attack and protect primary email systems.
• Network Security: Implementing firewalls and intrusion prevention
systems can help prevent mail bomb attacks.
 • User Education: Educating users about the risks of opening suspicious
emails can help prevent accidental participation in mail bomb attacks.

2.11 EXPLOITATION
• Exploitation in cybercrime refers to the malicious use of vulnerabilities in
systems, networks, or individuals to achieve illicit gains.
• Cybercriminals exploit weaknesses to steal data, disrupt services, or commit
financial fraud.
Types of Exploitation in Cybercrime:
1. Vulnerability Exploitation:
o Software vulnerabilities: Cybercriminals target bugs or flaws in
software applications to gain unauthorized access, such as through
outdated or poorly coded programs.
o System vulnerabilities: Weaknesses in operating systems or
network infrastructures are exploited to bypass security measures
or gain control over systems.
o Hardware vulnerabilities: Flaws in physical devices (e.g., USB
ports or IoT devices) are exploited to compromise systems or steal
data.
2. Human Exploitation:
o Social engineering: Attackers manipulate individuals into
revealing sensitive information or taking actions that compromise
security, such as installing malware.
o Phishing: Deceptive attempts to trick users into clicking malicious
links or providing personal information, often appearing as
legitimate emails or websites.
o Spear phishing: A targeted form of phishing where attackers focus
on specific individuals or organizations, making the attack more
personalized and convincing.
o Identity theft: Criminals steal personal information to impersonate
victims and carry out fraudulent activities, such as making
unauthorized purchases.
3. Data Exploitation:
o Data breaches: Unauthorized access to sensitive data by hackers
or insiders, often leading to the exposure of personal, financial, or
proprietary information.
o Data leakage: Accidental or intentional release of confidential
information, either by insiders or through poorly secured systems.
o Data misuse: The use of stolen or leaked data for fraudulent
activities, such as identity theft, financial fraud, or blackmail.
2.12 STALKING AND OBSCENITY IN INTERNET
Cyberstalking is a form of online harassment where an individual uses electronic
communication to repeatedly threaten, intimidate, or monitor another person. The
actions involved can significantly harm the victim's mental health and safety.
Common forms of internet stalking include:
• Sending Unwanted Messages: This involves bombarding the victim with
emails, texts, or social media messages that are unwanted or harassing in
nature.
• Monitoring Online Activity: The stalker may track the victim's online
behavior, such as social media posts, location updates, or browsing
history, without the victim’s consent.
• Impersonating the Victim: Cyberstalkers sometimes create fake profiles
on social media or websites pretending to be the victim. This can be used
to deceive others or damage the victim’s reputation.
• Threatening or Harassing Behavior: This includes using electronic
communication to intimidate or threaten the victim, often causing fear for
their safety.
Obscenity on the Internet:
Obscenity on the internet refers to content that is offensive, inappropriate, or
sexually explicit in nature, often violating community standards. It may include:
• Pornographic Material: Content that is sexually explicit and often shared
or spread illegally.
• Explicit or Offensive Language: Text or images that contain vulgar
language, racial slurs, or obscene gestures.
• Inappropriate Content for Minors: Websites, videos, or online materials
that expose minors to inappropriate sexual or explicit content.
Types of Cyberstalking:
Cyberstalking can manifest in many forms. Here are some common types:
• Catfishing: This involves creating fake online profiles or stealing existing
ones to deceive and manipulate the victim. The stalker often uses this
tactic to gain the victim's trust and control over them.
• Monitoring Check-ins on Social Media: Stalkers may monitor the
victim's social media activity, including check-ins and posts, to track their
behavior and routine.
• Spying via Google Maps and Street View: Stalkers use tools like Google
Maps and Street View to identify a victim’s location, often using publicly
shared photos or posts to piece together where the victim may be.
• Hijacking Webcam: Cyberstalkers can infect a victim's computer with
malware that gives them access to the victim’s webcam, allowing them to
spy on the victim without their knowledge.
 • Installing Stalkerware: Stalkerware is malicious software installed on a
victim's device to monitor their activities, including text messages,
browsing history, and even recording audio, all without the victim’s
knowledge.
Common Examples of Cyberstalking:
• Sending offensive or suggestive messages online.
• Joining groups or forums that the victim participates in to keep tabs on
them.
• Sending threatening, controlling, or lewd emails or messages.
• Creating fake social media profiles to observe or interact with the victim.
• Gaining unauthorized access to the victim’s online accounts.
• Posting or sharing photos (real or altered) of the victim without consent.
• Trying to obtain explicit images of the victim.
• Tracking the victim’s online movements through tracking devices.
• Regularly sending explicit photos or messages.

Obscenity on the Internet:

Obscenity on the internet refers to the display or distribution of content
deemed offensive due to its sexual nature. It often violates societal standards
of decency.
• Cyber Obscenity or Cyber Pornography: This includes distributing
explicit material, often without the consent of the individuals involved.
• Sharing Explicit Images or Videos: This involves sharing sexually
explicit content without consent, often referred to as "revenge porn" or
"non-consensual pornography."
• Child Pornography: Creating, distributing, or possessing explicit images
or videos of children, which is illegal worldwide.
• Cyberbullying: Using offensive or obscene language and images to
intimidate or harass others online.

2.13 DIGITAL LAWS AND LEGISLATION

• Digital laws and legislation related to cybercrime are essential for addressing
the increasingly complex challenges posed by criminal activities in the digital
realm.
• Digital laws, also known as cyber laws or internet law, are a set of legal
regulations and frameworks governing digital activities.
• They encompass a wide range of issues, from online communication and
e commerce to digital privacy and cybercrime prevention.
Importance of Digital Laws

• The rapid evolution of technology and its integration into our daily lives has
necessitated the development of specific legal frameworks to address the
unique challenges posed by the digital world.
• Digital laws serve several critical purposes:
- Protecting individuals: Safeguarding personal information,
privacy, and online safety.
 - Facilitating e-commerce: Creating a legal environment that
supports online transactions and consumer protection.
- Combating cybercrime: Establishing legal frameworks for
investigating, prosecuting, and preventing cybercrimes.
- Intellectual property protection: Safeguarding digital content
and inventions.
Example of Digital Laws

• The Information Technology Act (ITA) of India is a prominent example of a

digital law. It covers a wide range of cybercrimes, including hacking, identity
theft, and data theft.
• Other countries have similar comprehensive cybercrime laws.
Challenges in Enforcing Digital Laws Across International Borders:
1. Jurisdiction Issues:
o Confusion about which country’s laws apply when crimes happen
across borders (e.g., online crimes involving multiple countries).
2. Lack of Global Standards:
o Countries have different laws and regulations regarding digital
crimes, leading to inconsistencies in enforcement.
3. Data Privacy Laws:
o Conflicting data protection laws (e.g., GDPR in Europe vs. looser
privacy laws elsewhere) make it difficult to access data across
borders.
4. Cybercrime Speed:
o Cybercriminals can hide their location using VPNs or proxies,
making it hard to track and catch them.
5. Sovereignty Issues:
o Countries may be reluctant to cooperate with other nations on
cybercrime investigations, due to concerns over national security or
laws.
6. Extradition Challenges:
o Difficulties in extraditing criminals from one country to another
when different countries have different penalties for similar crimes.
7. Technical Barriers:
o Lack of adequate technical capabilities in some countries to
detect, prevent, or investigate digital crimes effectively.
8. International Cooperation:
o Slow or limited collaboration between countries, organizations,
and law enforcement agencies can hinder effective enforcement.
9. Encryption and Anonymity:
o Criminals using encryption or anonymous methods to hide their
identity or location complicates investigations.
10. Cultural and Legal Differences:
o Cultural differences may influence how cybercrimes are viewed,
and some countries may not treat certain digital crimes as seriously
as others.
Legislation:

• Cybercrime legislation is a set of laws and regulations that protect

individuals and organizations online, and promote the responsible use of
technology. Cybercrime laws can address a wide range of issues.
- Cybercrime Laws: These laws explicitly define and criminalize cyber
offenses such as hacking, unauthorized access, data theft,
cyberstalking, and online fraud.
- Data Protection Laws: These laws regulate the collection, storage,
processing, and transfer of personal data, ensuring privacy and data
security.
- E-commerce Laws: These laws govern online transactions, consumer
protection, and electronic contracts.
- Intellectual Property Laws: These laws protect digital content,
software, and inventions from unauthorized use or distribution.
Computers can contain evidence in many types of human resources.

2.14 LAW ENFORCEMENT ROLES AND RESPONSES

• Law enforcement agencies are essential in tackling the increasing threat of
cybercrime. As cybercriminals continue to evolve their tactics, law
enforcement must adapt to ensure the safety and security of individuals and
organizations.
• Below are key roles and responses from law enforcement in addressing
cybercrime issues:
1. Investigation: Law enforcement agencies investigate various cybercrimes,
such as hacking, online fraud, data breaches, and cyberbullying.
Investigations include collecting digital evidence, tracking cybercriminals,
and building cases to prosecute them.
2. Forensics: Digital forensics specialists analyze electronic devices like
computers, smartphones, and servers to uncover evidence related to
cybercrimes. These experts play a vital role in ensuring that digital
evidence is preserved and can be used in court.
3. Cybercrime Units: Many law enforcement agencies have dedicated
cybercrime units or divisions staffed with experts specializing in digital
investigations. These units are crucial for tackling complex cyber-related
crimes.
4. International Cooperation: Cybercrime often spans across borders, so
law enforcement agencies collaborate internationally to track down and
apprehend cybercriminals operating in multiple countries. International
cooperation is vital for effective global cybercrime control.
5. Public Awareness and Education: Law enforcement agencies run public
awareness campaigns to educate individuals and organizations about
online security best practices. These initiatives help reduce the risk of
becoming victims of cybercrimes.
6. Cybersecurity Partnerships: Partnering with private sector entities like
cybersecurity firms and internet service providers helps law enforcement
agencies gather intelligence and resources to prevent and mitigate cyber
threats.
 7. Legislative Advocacy: Law enforcement works with lawmakers to propose
and support legislation related to cybersecurity and cybercrime. They
advocate for stronger laws and regulations to address emerging cyber
threats effectively.
8. Incident Response: When cyber incidents like data breaches occur, law
enforcement agencies respond by containing the damage, identifying
perpetrators, and supporting victims in recovery. This ensures that the
incident is properly managed and investigated.
9. Training and Capacity Building: Continuous training ensures that law
enforcement personnel remain updated on the latest cyber threats and
investigative techniques. Specialized training programs prepare staff to
effectively combat cybercrime.
Preventive Measures:

• Law enforcement agencies engage in proactive efforts to prevent

cybercrime by monitoring threats, sharing intelligence, and
educating potential targets to strengthen their defenses.
Prosecution:

• Once cybercriminals are caught, law enforcement agencies

collaborate with prosecutors to build strong cases. They present
digital evidence and expert testimony in court to ensure that
offenders are held accountable.
Victim Support:

• Providing support to victims of cybercrime is crucial. Law

enforcement agencies offer guidance on reporting incidents,
recovering stolen assets, and assisting with emotional or
psychological distress caused by cybercrimes.
Policy Development:

• Law enforcement agencies contribute to creating national and

international cybersecurity policies and frameworks. These
policies aim to establish guidelines and strategies for combating
cybercrime on a larger scale.
 Short Answers Questions
Unit-II
1. What is meant by unauthorized access to computers?
2. How do computer intrusions affect system security?
3. Give two examples of white collar cyber crimes.
4. What is malicious code?
5. State the difference between hacking and cracking.
6. Mention two ways to prevent virus attacks.
7. Mention a law or policy that addresses cyber pornography.
8. What is software piracy?
9. What is intellectual property theft in cyber crime?
10. What is a mail bomb in cyber crime?
11. Mention one way to prevent exploitation and obscenity on the internet.
12. Why are digital laws important in combating cyber crime?
13. What is a major challenge law enforcement faces in handling cyber
crimes?

Essay questions
Unit-II
1. Explain the concept of unauthorized access to computers and its
implications for data security.
2. Discuss the tools and techniques used in detecting and mitigating
computer intrusions.
3. Analyze the impact of white-collar cyber crimes on the economy and trust
in digital systems.
4. Explain how viruses and malicious codes are created, spread, and their
effects on computer systems.
5. Differentiate between hacking and cracking, with examples of their
methods and motives.
6. What are virus attacks? Discuss their methods of propagation and their
impact on systems and networks.
7. Discuss the ethical, social, and legal challenges in controlling cyber
pornography.
8. Discuss the measures taken by organizations and governments to prevent
software piracy.
 9. Discuss the role of international laws and agreements in protecting
intellectual property rights.
10. Explain the concept of mail bombs and their impact on email
communication systems.
11. Discuss the measures taken to address exploitation, stalking, and
obscenity on the internet.
12. Analyze the challenges faced in enforcing digital laws across international
borders.
13. Explain the role of law enforcement agencies in investigating and
preventing cyber crimes.