Cyber Crimes & Countering Procedures
Transcript of Cyber Crimes & Countering Procedures
-
8/2/2019 Cyber Crimes & Countering Procedures
1/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Cyber crimes & Countering ProceduresPresented by Krishna Chaitanya Suraparaju
-
8/2/2019 Cyber Crimes & Countering Procedures
2/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Why learn about Cyber Crimes?
Because
Everybody is using Computers
New generation is growing up with computers
From teenagers to adults
From White collar criminals to terrorist organizations
Conventional crimes like Forgery, extortion,
kidnapping etc. are being committed with the help
of computers
MOST IMPORTANT-Monetary transactions are
moving on to the INTERNET
2
-
8/2/2019 Cyber Crimes & Countering Procedures
3/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Infrastructure Protection:
A New Threat Paradigm
Cyberspace: theInfrastructure
behind Critical
Infrastructure
The New Threat: Anyone with a Computer
ManufacturingFood & AgricultureChemicals and Hazardous MaterialsDefense IndustryPublic Health
-
8/2/2019 Cyber Crimes & Countering Procedures
4/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
High
Low
1980 1985 1990 1995 2000
password guessing
self-replicating code
password cracking
exploiting known vulnerabilities
disabling audits
back doors
hijackingsessions
sweepers
sniffers
packet spoofing
GUI
automated probes/scans
DoS
www attacks
Tools
Attackers
Intruder
Knowledge
Attack Sophistication
stealth / advanced
scanning techniques
burglaries
network mgmt. diagnostics
Attack Sophistication vs.
Intruder Technical Knowledge
2010 2020
Hacktivism
Imminent Attacks
-
8/2/2019 Cyber Crimes & Countering Procedures
5/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
What is Cyber Crime?
Computer crime or cybercrime or Hitechcrime is a form of crime where the Internet
or computers are used as a medium to
commit crime.
5
Computer
is tool of the crime
Computer is targetof the crime
Computer is incidental to crime
-
8/2/2019 Cyber Crimes & Countering Procedures
6/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Types of Cyber Crimes
Cyber Crime refers to all activities done withcriminal intent in cyberspace. These fall into
three categories:
Crimes againstGovernmentAgainstBusiness and Non-business organizations
AgainstIndividuals
6
-
8/2/2019 Cyber Crimes & Countering Procedures
7/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
International Cyber Crime
International cyber crime is broken downinto 6 legal areas:
1. Computer Fraud (Nigerian scam, lottery scams)
2. Computer Forgery(Email theft, ID theft, Credit card frauds)
3. Damage to Computer data or Computer
Program (Virus, Worms, ransom ware)
4. Computer Sabotage (Firmware attacks)5. UnauthorizedAccess (Hacking)
6. Unauthorized Interception (Sniffing)
-
8/2/2019 Cyber Crimes & Countering Procedures
8/24
-
8/2/2019 Cyber Crimes & Countering Procedures
9/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Cyber Pornography
This would include
pornographic websites;
pornographic magazinesproduced using computer
and the Internet (to down
load and transmit
pornographic pictures,
photos, writings etc.)
9
-
8/2/2019 Cyber Crimes & Countering Procedures
10/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Sale of illegal articles
This would include sale of
narcotics, weapons and
wildlife etc., by postinginformation on websites,
bulletin boards or simply
by using e-mail
communications.
10
-
8/2/2019 Cyber Crimes & Countering Procedures
11/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Online gambling
There are millions of
websites, all hosted on
servers abroad, that offeronline gambling. In fact, it
is believed that many of
these websites are actually
fronts for money
laundering
11
-
8/2/2019 Cyber Crimes & Countering Procedures
12/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Financial Claims & Intellectual
Property Crimes
Financial Claims: This
would include cheating,
credit card frauds, moneylaundering etc.
Intellectual Property
Crimes: These include
software piracy, copyrightinfringement, trademarks
violations etc.
12
-
8/2/2019 Cyber Crimes & Countering Procedures
13/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Cyber Defamation
This occurs when
defamation takes place
with the help of computersand or the Internet e.g.
some one published
defamatory matter about
someone on a websites or
sends e-mail containing
defamatory information to
all of thatpersons friends.
13
-
8/2/2019 Cyber Crimes & Countering Procedures
14/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Cyber Stalking
Cyber stalking involves
following a persons
movements across theInternet by posting
messages on the bulletin
boards frequented by the
victim , entering the chat-
rooms frequented by the
victim .
14
-
8/2/2019 Cyber Crimes & Countering Procedures
15/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Unauthorized access to computer
system or network
This activity is commonly
referred to as hacking.
The Indian Law hashowever given a different
connotation to the term
hacking.
15
-
8/2/2019 Cyber Crimes & Countering Procedures
16/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Other attacks:
Theft of in formation contained in electronicfrom: This includes information stored in computerhard disks, removable storage media etc.
E-Mail bombing: Email bombing refers to sendinga large amount of e-mails to the victim resulting inthe victims e-mail account or mail servers.
Data diddling: This kind of an attack involvesaltering the raw data just before it is processed by acomputer and then changing it back after theprocessing is completed.
16
-
8/2/2019 Cyber Crimes & Countering Procedures
17/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Other attacks:
Salami attacks: Those attacks are used for thecommission of financial crimes. The key here is tomake the alteration so insignificant that in a singlecase it would go completely unnoticed e.g. A bank
employee inserts a program into banks servers,that deducts a small amount from the account ofevery customer.
Denial of Service: This involves flooding computerresources with more requests than it can handle.
This causes the resources to crash thereby denyingauthorized users the service offered by theresources.
17
-
8/2/2019 Cyber Crimes & Countering Procedures
18/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Other attacks:
Virus/worm: Viruses are programs that attachthem selves to a computer or a file and thencirculate them selves to other files and to othercomputers on a network. They usually affect the
data on a computer, either by altering or deleting it.Worms, unlike viruses don not need the host toattach them selves to.
Logic bombs: These are dependent programs.This implies that these programs are created to do
some thing only when a certain event occurs, e.g.some viruses may be termed logic bombs becausethey lie dormant all through the year and becomeactive only on a particular date.
18
-
8/2/2019 Cyber Crimes & Countering Procedures
19/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Other attacks:
Trojan Horse: A Trojan as this program isaptly called, is an unauthorized program whichfunctions from inside what seem s to be anauthorized program , thereby concealing what
it is actually doing.Internet Time Theft: This connotes the usage
by unauthorized persons of the Internet hourspaid for by another person.
Physically damaging a computer system:This crime is committed by physicallydamaging a computer or its peripherals.
19
-
8/2/2019 Cyber Crimes & Countering Procedures
20/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Cyber Law
India has enacted the first I.T. Act, 2000.Offence categorization table is as follows:
20
Offence Section under IT Act
Tampering with Computer source documents Sec.65
Hacking with Computer systems, Data alteration Sec.66
Publishing obscene information Sec.67
Un-authorised access to protected system Sec.70
Breach of Confidentiality and Privacy Sec.72
Publishing false digital signature certificates Sec.73
-
8/2/2019 Cyber Crimes & Countering Procedures
21/24
Proprietary and Confidential. 2012 CYCOPS. All Rights Reserved.
Cyber Law
Computer Related Crimes Covered underIPC and Special Laws
21
Offence Section
Sending threatening messages by email Sec. 503 IPC
Sending defamatory messages by email Sec. 499 IPC
Forgery of electronic records Sec. 463 IPC
Bogus websites, cyber frauds Sec. 420 IPC
Email spoofing Sec. 463 IPC
Web-Jacking Sec. 383 IPCE-Mail Abuse Sec. 500 IPC
Online sale of Drugs NDPS Act
Online sale of Arms Arms Act
-
8/2/2019 Cyber Crimes & Countering Procedures
22/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Potential Cyber Attacks
Unauthorized Intrusions
Website Defacements
Domain Name Server
Attacks Distributed Denial of
Service (DDoS) Attacks
Computer Worms
Routing Operations
Critical Infrastructures
Compound Attacks
l f k
-
8/2/2019 Cyber Crimes & Countering Procedures
23/24
Proprietary and Confidential. 2010 CYCOPS. All Rights Reserved.
Potential Sources of Attacks
1. Thrill Seekers
2. Disgruntled Employees
3. Organized Crime
4. Terrorist Sympathizers
and Anti-U.S. Hackers
5. Terrorist Groups
6. Nation-States
-
8/2/2019 Cyber Crimes & Countering Procedures
24/24
Proprietary and Confidential. 2012 CYCOPS All Ri ht R d
Questions?
24GoSecure Inc.