Welcome to

The World of Cyber Security

Happy Learning
 Chapter 1
INTRODUCTION
TO
CYBER CRIME
 Module 1/Chapter 1: (Introduction to Cybercrime)

To Identify and Describe

1 Cybercrime definition and origins of the world.
cybercrime.

To Study and Trace cyber

2 Cybercrime and information security, law on cybercrime and
define information security

To Write Classification of
Classifications of cybercrime
cybercrime and able to
3 Cybercrime
Characterize Indian ITA
and the Indian ITA 2000
2000

To Analyze global
perspective on cybercrime
4 A global Perspective on cybercrimes.
and correlated it with
supported law
CYBER SECURITY & LAW
Book Authors & Editorial Team Members

Rashmi Gori Deegesh Gala

Devika Satare
Bhakti Bheda

Surbhi Desai
Dr. Nilakshi Jain Mr. Ramesh Menon

Chaitanya Gada Yash Rane

“ “Security used to be
an inconvenience
sometimes, but now
it’s a necessity all the
time.”
— Martina Navratilova

5
Learning Objectives
Analyse and assess the impact of cybercrime on government,
businesses, individuals and society.
To Identify and Describe cybercrime

To Study and Trace cyber law on cybercrime and define

information security
To Write Classification of cybercrime and able to Characterize
Indian ITA 2000
To Analyze global perspective on cybercrime and corelated it
with supported law

6
Chapter 1
Topic1

7
 Uses of the Internet

•The evolution of
technology and increasing
accessibility of smart tech
means there are multiple
access points within users’
homes for hackers to exploit.

•While law enforcement

attempts to tackle the growing
issue, criminal numbers
continue to grow, taking
advantage of the anonymity of
the internet.
12
13
Cyber
Crime
Where a computer is the
object of the crime or is used
as a tool to commit an
offense.

14
Cybercrime can be partitioned
into two classes:

15
16
17
 What is
Cyberspace?
Cyberspace
A global domain within the
information environment
consisting of the interdependent
network of information systems
infrastructures including the
Internet, telecommunications
networks, computer systems, and
embedded processors and
controllers
19
 What is
Cybersquatting?
Cybersquatti
ng
Cybersquatting is registering,
selling or using a domain name
with the intent of profiting from
the goodwill of someone else's
trademark. It generally refers to
the practice of buying up domain
names that use the names of
existing businesses with the intent
to sell the names for a profit to
those businesses. 21
What is Cyberpunk?
Cyberpunk
Cyberpunk depicts a fast
disintegration of cultural standards
because of an unavoidable move
toward the hard and fast utilization
of computer, to such an extent that
the lines between genuine
individuals and computer become
obscured.

23
 What is
Cyberwarfare?
Cyberwarfare
Cyberwarfare includes the
utilization of technology and
innovation to assault different
countries, governments, and
residents by attacking their
computer frameworks and
systems.

25
Chapter 1
Topic 2

26
 Categories of
2 Cybercrime
28
29
Chapter 1
Topic 3

30
31
32
Chapter 1
Topic 4

33
1 Cybersecurity
35
Cyber
Security
Cybersecurity is the protection of
internet-connected systems such
as hardware, software and data
from cyber-threats. The practice is
used by individuals and
enterprises to protect against
unauthorized access to data
centers and other computerized
systems.
36
37
What are the objectives
of Cyber Security?
Objective of Cyber Security

39
40
Cyber Security V/s Information Security

The terms Cyber Security and Information

Security are often used interchangeably.

As they both are responsible for security and

protecting the computer system from threats and
information breaches and often Cybersecurity and
information security are so closely linked that they
may seem synonymous and unfortunately, they are
used synonymously.

41
 CYBER SECURITY
It is the practice of protecting the data from outside the
resource on the internet.
It is about the ability to protect the use of cyberspace
from cyber attacks.
Cybersecurity to protect anything in the cyber realm.
Cybersecurity deals with danger against cyberspace.
Cybersecurity strikes against Cyber crimes, cyber frauds
and law enforcement.
On the other hand cyber security professionals with
cyber security deals with advanced persistent threat.
It deals with threats that may or may not exist in the
cyber realm such as a protecting your social media
account, personal information, etc.
INFORMATION SECURITY
It is all about protecting information from unauthorized
user, access and data modification or removal in order to
provide confidentiality, integrity, and availability.
It deals with protection of data from any form of threat.
Information security is for information irrespective of
the realm.
Information security deals with the protection of data
from any form of threat.
Information security strives against unauthorised access,
disclosure ,modification and disruption.
Information security professionals is the foundation of
data security and security professionals associated with
it prioritize resources first before dealing with threats.
It deals with information Assets and integrity
confidentiality and availability.
42
 Lab
Experiment
How to Encrypt a USB Disk
with BitLocker, Unlocking
with Password or Recovery
Key

43
Chapter 1
Topic 5

44
 Global
1 Cybersecurit
y Agenda
46
Global Cybersecurity
Agenda (GCA)
The Global Cybersecurity Agenda (GCA) is an
ITU framework for international cooperation
aimed at proposing strategies for solutions to
enhance confidence and security in the
information society.
It is built on existing national and regional
initiatives to avoid duplication of work and
encourage collaboration amongst all relevant
partners.

47
The Global Cybersecurity Agenda has seven
main strategic goals, built on five work
areas as follows:
49
Chapter 1
Topic 6

50
 Cyber
1 criminals
52
Cyber Criminals

Cyber criminals, also known as hackers, often

use computer systems to gain access to
business trade secrets and personal
information for malicious and exploitive
purposes.
Hackers are extremely difficult to identify on
both an individual and group level due to their
various security measures, such as proxies and
anonymity networks, which distort and protect
their identity.

53
Types of Cyber Criminals
Black Hat
Hackers
Black hat hackers are malicious hackers,
sometimes called crackers. Black hats
lack ethics, sometimes violate laws, and
break into computer systems with
malicious intent, and they may violate the
confidentiality, integrity, or availability of
an organization's systems and data.

55
White Hat
Hackers
White hat hackers are the good guys,
who include professional penetration
testers who break into systems with
permission, malware researchers who
study malicious code to provide better
understanding and to disclose
vulnerabilities to vendors, etc.
White hat hackers are also known as
ethical hackers; they follow a code of
ethics and obey laws.

56
Crackers

A cracker is someone who breaks into

someone else's computer system, often
on a network; bypasses passwords or
licenses in computer programs; or in
other ways intentionally breaches
computer security.
A cracker can be doing this for profit,
maliciously, for some altruistic purpose or
cause, or because the challenge is there.

57
 Phreakers
Phreakers are individuals who specialize in
attacks on the telephone system.
In the good 'ol days, phreakers whistled or
utilized an instrument to imitate the tones the
telephone framework then used to route calls and
identify payment, particularly as an approach to
abstain from paying for a costly call.
Present day phreaking includes breaking into and
controlling the telephone organization's computer
system, making it a particular sort of hacking.

58
Whackers

These are the novice or apprentice hackers

who are studying and learning to become
hackers.
Moreover, hackers who attack wireless LANs
and WANs are sometimes known as
whackers.

59
Script Kiddies
White Hat Hacker
Black hat hacker
Grey Hat hacker
Green Hat Hacker
Red Hat Hacker
Hacktivists
Cyber Terrorist
60
Chapter 1
Topic 7

61
 Who are Cyber
Criminals
1
Cybercrime involves such activities as child ponography,credit card fraud, cyber stalking,defaming
another online,gaining unauthorised access to computer systems,ignoring copyright,software licensing
and trade protection, overriding encryption to make illegal copies,software piracy and stealing another
‘s identity to perform criminal acts. Cyber criminals are those who conduct the above acts.

Type I: Cyber Criminals- Hungry for recognition

i) Hobby hackers
ii) IT Professional (Social engineering is one of the biggest threat)
iii) Politically motivated hackers.
Terrorists organizations.
Type II: Cyber Criminals-Not interested in recognition

i) psychological perverts
ii)Financially motivated hackers(Corporate espionage)
iii) Sate-sponsored hacking(National espionage,sabotage)
iv) Organized criminals.

Type-III: Cyber Criminals-The insiders

i) Disgruntled or former employees seeking revenge.

Ii)Competing companies using employees to gain economic advantage through damage and /or theft.
 Classification
of Cybercrime
1
65
66
E-mail Spoofing
Email spoofing is the creation of email
messages with a forged sender address.
The core email protocols do not have any
mechanism for authentication, making it
common for spam and phishing emails to use
such spoofing to mislead or even prank the
recipient about the origin of the message.
Email spoofing has been responsible for public
incidents with serious business and financial
consequences

67
Phishing
Phishing is the fraudulent attempt to obtain
sensitive information, or data, such as
usernames, passwords and credit card
details by disguising oneself as a trustworthy
entity in an electronic communication.
Typically carried out by email spoofing or
instant messaging, phishing often directs
users to enter personal information at a fake
website which matches the look and feel of
the legitimate site.

68
Spamming
Spamming is the use of messaging systems
to send an unsolicited message (spam) to
large numbers of recipients for the purpose
of commercial advertising, for the purpose of
non-commercial proselytizing, or for any
prohibited purpose.
Spam emails are usually sent to try to get
the person to buy something or do
something else that will cause gain for the
sender.

69
Cyber Stalking and
Harassment
Cyberstalking is the use of the Internet or
other electronic means to stalk or harass an
individual, group, or organization.
It may include false accusations, defamation,
slander and libel.
It may also include monitoring, identity theft,
threats, vandalism, gathering information
that may be used to threaten, embarrass or
harass.

70
Defamation
Defamation can be comprehended as the
improper and purposeful spread of
something either in the composed or oral
structure about an individual to hurt his
reputation in the general public.
Libel – A statement that is defamatory and
is published in a written form.
Slander – A defamatory statement spoken
that means a verbal form of defamation

71
Computer sabotage
The use of the Internet to hinder the normal
functioning of a computer system through
the introduction of worms, viruses or logic
bombs is referred to as Computer sabotage.

72
 Pornographic Offenses
a) Publication or transmission of any material depicting children
in explicit sexual act or conduct by using any computer resource
and communication device.

b) Where user uses computer or communication resource for

seeking or collecting or creating digital images or texts or
downloading or promoting etc. any material in any electronic
form depicting children in an obscene or indecent or sexually
explicit manner.

c) Cultivating, enticing or inducing children to online relationships

with one or more children for and on a sexually explicit act or in a
manner that may offend a reasonable adult on the computer
resource.

d) Facilitating abusing children online. 73

Credit Card Fraud

Credit card fraud, act committed by any

person who, with intent to defraud, uses a
credit card that has been revoked, cancelled,
reported lost, or stolen to obtain anything of
value.
Using the credit card number without
possession of the actual card is also a form of
credit card fraud.

74
 Intellectual property (IP)
crimes
Intellectual property/capital are terms used to describe intangible
assets: the results of human endeavor that have value and are
original.
Intellectual property theft includes the theft of the following:
▸Unregistered trade secrets,
▸Copyrighted, Patented or registered works,
▸Trademark violations,
▸Technical notes,
▸Strategic business planning,
▸Gray-market distributions,
▸Counterfeiting,
▸Illegal distributions
75
Internet time theft
Internet time theft comes under hacking because the person who
gets access to someone else ‘s ISP user ID and password,
either by hacking or by gaining access to it by illegal means,
uses it to access the Internet without the other person’s
knowledge.
However,One can identify Internet time theft if the Internet time
has to be recharged often, even when one’s own use of the
Internet is not frequent.

76
 Password Sniffing

Password sniffing is a technique used to gain knowledge of

passwords that involves monitoring traffic on a network to pull
out information.
The typical implementation of a password sniffing attack involves
gaining access to a computer connected to a local area network
and installing a password sniffer on it.
The password sniffer is a small program that listens to all traffic
in the attached network(s), builds data streams out of TCP/IP
packets, and extracts usernames and passwords from those
streams that contain protocols that send cleartext passwords.

77
DOS Attack
Denial-of-service attack (DoS attack) is a cyber-attack
in which the perpetrator seeks to make a machine or
network resource unavailable to its intended users by
temporarily or indefinitely disrupting services of a host
connected to the Internet.

DoS attacks can cost an organization both time and

money while their resources and services are
inaccessible

78
Virus Attack
A virus is a software program written to change the
behavior of a computer or other device on a network,
without the permission or knowledge of the user.
A virus is a program that spreads from machine to
machine, for the most part making harm to every
framework.
Viruses are a major cause of shutdown of network
components.

79
Salami Attack
A salami attack is when small attacks add up to one
major attack that can go undetected due to the nature
of this type of cyber crime. It also known as salami
slicing.
Although salami slicing is often used to carry out
illegal activities, it is only a strategy for gaining an
advantage over time by accumulating it in small
increments, so it can be used in perfectly legal ways
as well.

80
Data Diddling
Data diddling includes changing information entered to
a computer.
Data diddling is a type of cybercrime in which data is
altered as it is entered into a computer system, most
often by a data entry clerk or a computer virus.
Computerized processing of the altered data results in
a fraudulent benefit.

81
Forgery
Forgery is a white-collar crime that generally refers to
the false making or material alteration of a legal
instrument with the specific intent to defraud anyone
(other than themself).
Tampering with a certain legal instrument may be
forbidden by law in some jurisdictions but such an
offense is not related to forgery unless the tampered
legal instrument was actually used in the course of the
crime to defraud another person or entity.

82
Web Jacking
Illegally seeking control of a website by taking over a
domain is know as Web Jacking.
Web jacking is simply when someone clones your
website, and tricks you to believe the cloned site is
yours.
The malicious link is placed somewhere on your
webpage waiting for a click. Immediately, you click on
it; a malicious web server replaces it.
And that means you have lost complete access to
your website.

83
Cyberterrorism
Cyberterrorism is the premeditated, politically
motivated attack against information, computer
systems, computer programs and data which result in
violence against noncombatant targets by sub
national groups or clandestine agents.

84
85
 Indian IT Act
2000
2
87
Information Technology Act
2000
The Information Technology Act, 2000 (also known as
ITA-2000, or the IT Act) is an Act of the Indian
Parliament (No 21 of 2000) notified on 17 October
2000.
It is the primary law in India dealing with cybercrime
and electronic commerce.
The original Act contained 94 sections, divided into 13
chapters and 4 schedules.
The laws apply to the whole of India. If a crime
involves a computer or network located in India,
persons of other nationalities can also be indicted
under the law,

88
89
90
91
92
Chapter 1
Topic 8

93
94
Cybercrime is a kind of crime that
happens in "cyberspace", that is,
happens in the world of computer and
the Internet.
Although many people have a limited
knowledge of "cybercrime", this kind of
crime has the serious potential for
severe impact on our lives and society,
because our society is becoming an
information society, full of information
exchange happening in "cyberspace".
Thus, it is necessary to introduce
cybercrime detailed.

95
Guidelines for the Cooperation between Law Enforcement and Internet Service
Providers Against Cybercrime

96
 Government and the private sector
jointly have to give cyber security some
priority in their security and risk
management plan.
Cyber awareness must be spread and
there should be multi-stakeholder
approach- technological inputs, legal
inputs, strengthening law enforcements,
systems and then dealing with transborder
crime involves lot of international
cooperation.

Notwithstanding, it is certain, that

development is irreversible procedure and
we can't step once more from it. What stay
in our grasp is to alter the course of
progress, and we stick up to our pledge to
turn it toward practical turn of events

97
 Lab
Experiment
To Remove Malware with Wi
ndows Defender Antivirus

98
 Thank You for Listening
We can now take questions...

You can download from my

website www.nilakshijain.com :
•PPT of the Chapters
•Lab Manual
•Video Lectures

Get in Touch:
Dr. Nilakshi Jain
Associate Professor
IQAC Coordinator
Research Coordinator
SAKEC
www.nilakshijain.com