Cyber Crime
-
Upload
animesh-shaw -
Category
Education
-
view
176 -
download
1
Transcript of Cyber Crime
An overview of differentCyber Attacks
Cyber Crime
Learning Goal’s
• Demystifying Cyber Crime.
• Common Scenarios in Cyber Crime.
• Cyber Crime in India.
• Cyber Attacks.
• Cyber Laws in India.
• Securing Yourself – Do’s and Don’ts
• DCS – Doubt Clearing Session.
• Salutations.
DEMYSTIFYING CYBER CRIME
Cyber Crime
• “Crimes are not to be measured by the issue of events, but by the bad intensions of men.”
• “The greatest crimes donot arise from a want offeeling for others but froman over sensibility forourselves and anover indulgence in our owndesires.”
What is Cyber Crime ?
• Cyber Crime is a term used to broadly describe criminal activity inwhich computers or computer networks are a tool, a target, or aplace of criminal activity and include everything from electroniccracking to denial of service attacks. It is also used to includetraditional crimes in which computers or networks are used to
enable the illicit activity.
• Computer crime mainly consists of unauthorized access to computersystems data alteration, data destruction, theft of intellectualproperty.
• Cyber crime in the context of national security may involve hacking,traditional espionage, or information warfare and related activities.
Unauthorized access: This occurs when a user/hacker
deliberately gets access into someone else’s network either
to monitor or data destruction purposes
Denial of service attack: It involves sending of
disproportionate demands or data to the victims server
beyond the limit that the server is capable to handle and
hence causes the server to crash
Virus, Worms and Trojan attacks: Viruses are basically
programs that are attached to a file which then gets
circulated to other files and gradually to other computers in
the network.
Worms unlike Viruses do not need a host for attachments
they make copies of themselves and do this repeatedly
hence eating up all the memory of the computer.
Trojans are unauthorized programs which functions from
inside what seems to be an authorized program, thereby
concealing what it is actually doing.
Common scenarios in Cyber Crime
Cyber Crimes in India
The major Cyber Crimes reported, in India,
are Denial of Services, Defacement of Websites, Spam, Computer
Virus and Worms, Pornography, Cyber Squatting, Cyber
Stalking and Phishing.
India stands 11th in the ranking for Cyber Crime in the World,constituting 3% of the Global Cyber Crime.
Cyber Crime in India : Statistics
Why India ?
A rapidly growing online user base
121 Million Internet Users
65 Million Active Internet Users, up by 28% from 51 million in 2010
50 Million users shop online on Ecommerce and Online Shopping Sites
46+ Million Social Network Users
346 million mobile users had subscribed to Data Packages.
Source: IAMAI; Juxt; wearesocial 2011
The majority of cybercrimes are centered on forgery, fraud and Phishing,
India is the third-most targeted country for Phishing attacks after the US and the UK,
Social networks as well as ecommerce sites are major targets, 6.9 million bot-infected systems in 2010, 14,348 website defacements in 2010, 6,850 .in and 4,150 .com domains were defaced during 2011, 15,000 sites hacked in 2011, India is the number 1 country in the world for generating spam.
Cyber Crime In India
Wednesday, 25 February 2015
Cyber Crime in India
A total number of 90, 119, 252 and 219 Government websites tracked by the Indian Computer Emergency Response Team (CERT-In) were hacked / defaced by various hacker groups in the year 2008, 2009, 2010 and Jan–Oct 2011 respectively
CYBER ATTACKS
Think before you Click
Nigerian 419 Fraud Scheme
• It is a type of Confidence trick or using SE (Social Engineering)
• The term “419 “ comes from the Section of the Nigerian Penal Code.
• Persuade someone to give out a sum of money using scam or false promises.
• Methods :-
– False Company Job Scam.
– Online Buy/Sell Goods
– Online Dating Services.
Packet Sniffing
• Packet Sniffing is a method of tapping each packet as it flows across the networks.
• User sniffs data belonging to other users in the network.
• Packet Sniffers can be used as a hacking tool.
• Network Sniffers can capture passwords and other sensitive information through the network.
• Tools of Packet Sniffing : Wireshark, tcpdump, Ettercap etc.
Phishing & Spoofing Attacks
• ‘Spoof’ word came into existence from a game invented by Arthur Roberts in 19th century.
• Spoofing means personating as some other authorized vendor to trick
users into believing a system
as legitimate.
• Types –
– Email Spoofing
– IP-Spoofing
– DNS-Spoofing
..contd.
• Spoofing attacks used to trick people into revealing confidential data is Phishing.
• “Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.” --- Wikipedia
..contd.
• IP spoofing can be accomplished using proxy servers and simple PHP scripts that are readily and freely available.
• Email spoofing is where spammers try to trick spam filters by making spam look like it comes from a legitimate address. They do this by manipulating the email header to display your email in the “from” address, hence why you get bounces back and others believe the junk mail is coming from you.
DNS Spoofing
• DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) resolver's cache, causing the name server to return an incorrect IP address, diverting traffic to the attacker's computer (or any other computer).
Piggy Backing
• Access Wireless connection authorized to another individual without rightful permission.
• It is used as a means to hide illegal activities like identity theft, pornography etc.
• Piggybacking != Wardriving
• Wardrivers collect info about unsecured wi-fi access while driving in a vehicle. It involves logging and mapping of access points.
Software Piracy
• Software Piracy is the illegal distribution, unauthorized reproduction of software for business or personal use.
• Its Illegal and Punishable by law.
• Huge impact on global economy.
• In 2007, IT Industry suffered a loss of $39.6 Billion
Anti- copyright infringement organizations
1. Business Software Alliance (BSA)
2. Canadian Alliance Against Software Theft (CAAST)
3. Federation Against Software Theft (FAST) and more …
Pod Slurping
• An act of using a portable data storage device to facilitate data theft.
• Increasing Security risk.
• Stores malicious code or program that steal credentials or other personalized data.
Source Code Poisoning
• Embed Malicious Code in chunks in a Software’s code.
• Software’s can be trojanized.
• Can be done by developers or testers or contributors.
• Prevention is achievable with proper design of Compilers.
CYBER LAWS IN INDIA
Cyber Laws in India
• The Information Technology Act, 2000
• The Information Technology Amendment Act, 2008
Section 66E - Punishment for violation of privacy.
“Whoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with both”
SECURING YOURSELF DO’S & DON’TS
DO’s
• Install and use a firewall, pop-up blockers and spyware detectors.
• Use an up-to-date Anti Virus.
• Create backups of important files and folders
• Use Strong Passwords.
• Encrypt the Network traffic. (Use a Paid VPN)
• Change Passwords after some interval.
• Do not store passwords or bank logins in your OS.
• Clear Spams regularly.
Etc. etc.
Don’ts
• Give unnecessary details about your being and current living status.
• Hand over your credit card to any person.
• Auto Connect to Open Wi-fi
• Save Passwords in web browsers.
• Open Emails if not sure about it.
• Open email Attachments with unsatisfactory details.
QUESTIONS ? DOUBTS ?
THANK YOU