Professional Documents
Culture Documents
Intoroduction To Cyber Security Notes
Intoroduction To Cyber Security Notes
Bangalore
Dayananda Sagar College of Engineering
(An Autonomous Institute Affiliated to VTU, Belagavi)
Shavige Malleshwara Hills, Kumaraswamy Layout, Bengaluru-560078
UNIT-01
Introduction to Cybercrime
2022-23
1
Dayananda Sagar College of Engineering,
Bangalore
UNIT-01
Learning Objectives
INTRODUCTION
The internet in India is growing rapidly. It has given rise to new opportunities
in every field we can think of be it entertainment, business, sports or education.
There’re two sides to a coin. Internet also has it’s own disadvantages is Cyber crime-
illegal activity committed on the internet.
⚫ Any illegal act where a special knowledge of computer technology is essential for its
perpetration, investigation or prosecution
Dayananda Sagar College of Engineering,
Bangalore
⚫ Any traditional crime that has acquired a new dimension or order of magnitude
through the aid of a computer, and abuses that have come into being because of
computers
⚫ Any financial dishonesty that takes place in a computer environment.
⚫ Any threats to the computer itself, such as theft of hardware or software, sabotage
and demands for ransom
Classification of cybercrimes
1. Cybercrime against an individual
2. Cybercrime against property
3. Cybercrime against organization
4. Cybercrime against Society
5. Crimes emanating from Usenet newsgroup
1. Cybercrime against an individual
⚫ Electronic mail spoofing and other online frauds
⚫ Phishing, spear phishing
⚫ spamming
⚫ Cyber defamation
⚫ Cyberstalking and harassment
⚫ Computer sabotage
⚫ Pornographic offenses
⚫ Password sniffing
2. Cybercrime against property
⚫ Credit card frauds
⚫ Intellectual property( IP) crimes
⚫ Internet time theft
3. Cybercrime against organization
⚫ Unauthorized accessing of computer
⚫ Password sniffing
⚫ Denial-of-service attacks
⚫ Virus attack/dissemination of viruses
⚫ E-Mail bombing/mail bombs
⚫ Salami attack/ Salami technique
⚫ Logic bomb
⚫ Trojan Horse
⚫ Data diddling
Dayananda Sagar College of Engineering,
Bangalore
⚫ Industrial spying/ industrial espionage
⚫ Computer network intrusions
⚫ Software piracy
4. Cybercrime against Society
⚫ Forgery
⚫ Cyberterrorism
⚫ Web jacking
5. Crimes emanating from Usenet newsgroup
⚫ Usenet groups may carry very offensive, harmful, inaccurate material
⚫ Postings that have been mislabeled or are deceptive in another way
⚫ Hence service at your own risk
E-Mail Spoofing
⚫ E-mail spoofing is the forgery of an e-mail header so that the message appears
to have originated from someone or somewhere other than the actual source.
⚫ To send spoofed e-mail, senders insert commands in headers that will alter
message information.
⚫ It is possible to send a message that appears to be from anyone, anywhere,
saying whatever the sender wants it to say.
⚫ Thus, someone could send spoofed e-mail that appears to be from you with a
message that you didn't write.
⚫ Sending an email to a person by impersonating another person’s email id is known
as email spoofing. In this method, even though the sender’s email id is visible as
[email protected], in reality, it belongs to [email protected]. For example, John has
a argument with his boss Henry and he lost his face in front of his colleagues. To
avenge his loss of reputation he sent emails with bad messages to other employees
and board of directors of the company by impersonating Henry.
Spamming
⚫ People who create electronic spam : spammers
⚫ Spam is abuse of electronic messaging systems to send unsolicited bulk
messages indiscriminately
⚫ Spamming may be
⚫ E-Mail Spam
⚫ Instant messaging spam
⚫ Usenet group spam
⚫ Web search engine spam
⚫ Spam in blogs, wiki spam
Dayananda Sagar College of Engineering,
Bangalore
⚫ Online classified ads spam
⚫ Mobile phone messaging spam
⚫ Internet forum spam
⚫ Junk fax spam
⚫ Social networking spam
⚫ Spamming is difficult to control
⚫ Advertisers have no operating costs beyond the management of their mailing lists
⚫ It is difficult to hold senders accountable for their mass mailings
⚫ Spammers are numerous
Cyber defamation
⚫ The tort of cyber defamation is considered to be the act of defaming, insulting,
offending or otherwise causing harm through false statements pertaining to an
individual in cyberspace.
⚫ Example: someone publishes defamatory matter about someone on a website or sends
an E-mail containing defamatory information to all friends of that person.
It may amount to defamation when-
⚫ If imputation to a deceased person would harm the reputation of that person, and is
intended to be hurtful to the feelings of his family or other near relatives
⚫ An imputation is made concerning a company or an association or collection of
people as such.
⚫ An imputation in the form of an alternative or expressed ironically
⚫ An imputation that directly or indirectly, in the estimation of others, lowers the moral
or intellectual character of that person, or lowers the character of that person in
respect of his caste or of his calling, or lowers the credit of that person.
Types of defamation
⚫ Libel : written defamation
⚫ Slander: oral defamation
⚫ The plaintiff must have to show that the defamatory statements were unlawful and
would indeed injure the person’s or organization’s reputation.
⚫ When failed to prove, the person who made the allegations may still be held
responsible for defamation.
Cyber defamation cases
⚫ In first case of cyber defamation in India (14 dec 2009),
⚫ the employee of a corporate defamed its reputation was sending
derogatory and defamatory emails against the company and its managing
directors
⚫ In this case the Court(Delhi court) had restrained the defendant from
Dayananda Sagar College of Engineering,
Bangalore
sending derogatory, defamatory, obscene, vulgar, humiliating and abusive
emails.
Dayananda Sagar College of Engineering,
Bangalore
⚫ The court passed as important ex-parte injunction.
⚫ In another case, accused posted obscene, defamatory and annoying message about
a divorcee woman and also sent emails to the victim.
⚫ The offender was traced and was held guilty of offences under section 469,
509 IPC and 67 of IT Act, 2000.
⚫ Other defamation cases:
⚫ A malicious customer review by a competitor could destroy a small business.
⚫ A false accusation of adultery on a social networking site could destroy
a marriage.
⚫ An allegation that someone is a “crook” could be read by a potential
employer or business partner
Forgery
⚫ The act of forging something, especially the unlawful act of counterfeiting
a document or object for the purposes of fraud or deception.
⚫ Something that has been forged, especially a document that has been copied
or remade to look like the original.
⚫ Counterfeit currency notes, postage, revenue stamps, mark sheets, etc., can be
forged using sophisticated computers, printers and scanners.
Web jacking
⚫ This term is derived from the term hi jacking.
⚫ In these kinds of offences the hacker gains access and control over the web site
of another.
⚫ He may even change the information on the site.
⚫ The first stage of this crime involves “password sniffing”.
⚫ The actual owner of the website does not have any more control over what appears
on that website
⚫ This may be done for fulfilling political objectives or for money
Industrial spying/ Industrial Espionage
⚫ Industrial espionage is the covert and sometimes illegal practice of
investigating competitors to gain a business advantage.
⚫ The target of investigation might be a trade secret such as a proprietary
product specification or formula, or information about business plans.
⚫ In many cases, industrial spies are simply seeking any data that their
organization can exploit to its advantage.
Hacking
Every act committed toward breaking into a computer and/ or network is hacking.
Purpose
⚫ Greed
⚫ Power
⚫ Publicity
⚫ Revenge
⚫ Adventure
Dayananda Sagar College of Engineering,
Bangalore
⚫ Desire to access forbidden information
⚫ Destructive mindset
History of hacking
⚫ hacking is any technical effort to manipulate the normal behavior of
network connections and connected systems.
⚫ A hacker is any person engaged in hacking.
⚫ The term "hacking" historically referred to constructive, clever technical work
that was not necessarily related to computer systems.
⚫ M.I.T. engineers in the 1950s and 1960s first popularized the term and concept of
hacking.
⚫ the so-called "hacks" perpetrated by these hackers were intended to be harmless
technical experiments and fun learning activities.
⚫ Later, outside of M.I.T., others began applying the term to less honorable pursuits for
example, several hackers in the U.S. experimented with methods to modify
telephones for making free long-distance calls over the phone network illegally.
⚫ As computer networking and the Internet exploded in popularity, data networks
became by far the most common target of hackers and hacking.
Pornographic offenses: Child pornography
⚫ Means any visual depiction, including but not limited to the following:
1. Any photograph that can be considered obscene and/ or unsuitable for the
age of child viewer.
2. Film ,video, picture;
3. Obscene Computer generated image or
picture How do they Operate
1. Pedophiles use false identity to trap the children/teenagers
2. Pedophiles contact children/teens in various chat rooms which are used
by children/teen to interact with other children/teen.
3. Befriend the child/teen.
4. Extract personal information from the child/teen by winning his confidence.
5. Gets the e-mail address of the child/teen and starts making contacts on
the victims e-mail address as well.
6. Starts sending pornographic images/text to the victim including child
pornographic images in order to help child/teen shed his inhibitions so that
a feeling is created in the mind of the victim that what is being fed to him is
normal and that everybody does it.
7. Extract personal information from child/teen
Dayananda Sagar College of Engineering,
Bangalore
8. At the end of it, the pedophile set up a meeting with the child/teen out of the
house and then drag him into the net to further sexually assault him or to
use him as a sex object.
Software Piracy
Cybercrime investigation cell of India defines “software piracy” as theft of software through
illegal copying of genuine programs or the counterfeiting and distribution of products
intended to pass for the original. Some of the examples for software piracy are:
end user copying
hard disk loading with illicit means (by hard disk vendors)
counterfeiting (large-scale duplication and distribution)
illegal downloads from the Internet
The consequences of buying or downloading pirated material are:
getting untested software that is already copied thousands of times
may potentially contain hard drive infecting virus
no technical support in case of software failure
no warranty protection
no legal right to use the product
Buying Pirated software have a lot to
lose:
⚫ Getting untested software that may have been copied thousands of times.
⚫ Potentially contain hard-ware infecting viruses
⚫ No technical support in case of software failure
⚫ No warranty protection
⚫ No legal right to use the product
Computer Sabotage
Introducing virus, worms, Trojan horse, or logic bombs into a computer system through
Internet and making it non-operable is known as computer sabotage. Computer sabotage can
be performed for different reasons like gain economic advantage over a competitor, to
promote illegal activities, or to steal data or programs for extortion purposes.
E-mail bombing/mail bombs
⚫ In Internet usage, an email bomb is a form of net abuse consisting of sending huge
volumes of email to an address in an attempt to overflow the mailbox or
overwhelm the server where the email address is hosted in a denial-of-service
attack.
⚫ Construct a computer to repeatedly send E-mail to a specified person’s E-mail
address.
Dayananda Sagar College of Engineering,
Bangalore
⚫ Can overwhelm the recipient’s personal account and potentially shut down the entire
Dayananda Sagar College of Engineering,
Bangalore
system.
Computer network intrusions
⚫ An intrusion to computer network from anywhere in the world and steal data, plant
viruses, create backdoors, insert Trojan horse or change passwords and user
names.
⚫ An intrusion detection system (IDS) inspects all inbound and outbound
network activity and identifies suspicious patterns that may indicate a network
or system attack from someone attempting to break into or compromise a
system.
⚫ The practice of strong password
Password sniffing
⚫ Password sniffers are programs that monitor and record the name and password
of network users as they login, jeopardizing security at a site.
⚫ Through sniffers installed, anyone can impersonate an authorized user and login
to access restricted documents.
Credit card frauds
⚫ Credit card fraud is a wide-ranging term for theft and fraud committed using or
involving a payment card, such as a credit card or debit card, as a fraudulent source
of funds in a transaction.
⚫ The purpose may be to obtain goods without paying, or to obtain unauthorized
funds from an account.
⚫ Credit card fraud is also an adjunct to identity theft
Identity theft
⚫ Identity theft is a fraud involving another person’s identity for an illicit purpose.
⚫ The criminal uses someone else’s identity for his/ her own illegal purposes.
⚫ Phishing and identity theft are related offenses
⚫ Examples:
⚫ Fraudulently obtaining credit
⚫ Stealing money from victim’s bank account
⚫ Using victim’s credit card number
⚫ Establishing accounts with utility companies
⚫ Renting an apartment
⚫ Filing bankruptcy using the victim’s name
Cybercrime:
the legal perspective
⚫ Cybercrime possess a mammoth challenge
⚫ Computer crime: Criminal Justice Resource Manual(1979)
⚫ Any illegal act for which knowledge of computer technology is essential for
Dayananda Sagar College of Engineering,
Bangalore
a successful prosecution.
Dayananda Sagar College of Engineering,
Bangalore
⚫ International legal aspects of computer crimes were studied in 1983
⚫ Encompasses any illegal act for which the knowledge of computer
technology is essential for its prepetration
⚫ The network context of cyber crime makes it one of the most globalized offenses of
the present and most modernized threats of the future.
⚫ Solution:
⚫ Divide information system into segments bordered by state boundaries.
⚫ Not possible and unrealistic because of globalization
⚫ Or incorporate the legal system into an integrated entity obliterating these
state boundaries.
Cybercrimes: An Indian Perspective
⚫ India has the fourth highest number of internet users in the world.
⚫ 45 million internet users in India
⚫ 37% - in cybercafés
⚫ 57% are between 18 and 35 years
⚫ The Information Technology (IT) Act, 2000, specifies the acts which are
punishable. Since the primary objective of this Act is to create an enabling
environment for commercial use of I.T.
⚫ 217 cases were registered under IT Act during the year 2007 as compared to
142 cases during the previous year (2006)
⚫ There by reporting an increase of 52.8% in 2007 over 2006.
⚫ 22.3% cases (49out of 217 cases) were reported from Maharashtra followed
by Karnataka (40), Kerala (38) and Andhra Pradesh and Rajasthan (16 each).
The Indian Government is doing its best to control cybercrimes. For example Delhi
Police have now trained 100 of its officers in handling cybercrime and placed them in its
Economic Offences Wing.
Cybercrime and the Indian ITA 2000
In India, the ITA 2000 was enacted after the United Nation General Assembly Resolution
A/RES/51/162 in January 30,1997 by adopting the Model Law of Electronic Commerce
adopted by the United Nations Commission on International Trade Law.
Hacking and the Indian Law(s).
Cybercrimes are punishable under two categories: the ITA 2000 and IPC. A total of 207
cases of cybercrime were registered under the IT act in 2007 compared to 142 cases
registered in 2006. Under IPC too, 339 cases were recorded in 2007 compared to 311 cases
in 2006.
There are some noteworthy key provisions under the ITA 2000
Dayananda Sagar College of Engineering,
Bangalore
Unit 2
Cyber offences
How criminals plan them
Dayananda Sagar College of Engineering,
Bangalore
Learning Objectives
⚫ Understand different types of cyberattacks.
⚫ Get an overview of the steps involved in planning cybercrime
⚫ Understand tools used for gathering information about the target
⚫ Get an overview on social engineering
⚫ Learn about the role of cybercafe in cybercrime
⚫ Understand what is cyberstalking
⚫ Learn about botnet and attack
vector Introduction
⚫ Cybercriminals use the World Wide Web and Internet to an optimal level for
an illegal activities.
⚫ These criminals take the advantage of the wide spread lack of awareness
about cybercrimes and cyberlaws among people who are constantly using the
IT infrastructure for official and personal purposes.
Few terminologies
⚫ Hacker: A hacker is a person with strong interest in computers who enjoys
learning and experimenting with them.
⚫ Hackers are usually very talented, smart people who understand computers
better than the others.
⚫ Brute force Hacking: it is a technique used to find passwords or encryption keys. It
involves trying every possible combination of letters, numbers, etc., until the code
is broken.
⚫ Cracker: a cracker is a person who breaks into computers. They are computer
criminals. Their act include vandalism, theft and snooping in unauthorized
areas.
⚫ Cracking: it is the act of breaking into computers.
Cracking is a popular, growing subject on the
internet.
Many sites are devoted to supplying crackers with programs that allow them to crack
computers (like guessing passwords)
⚫ Cracker tools: these are programs that break into computers. Like password
crackers, Trojans, viruses, war dialers and worms.
⚫ Phreaking: this is notorious art of breaking into phone or other
communication systems.
⚫ War dialer: it is program that automatically dials phone numbers looking for
computers on the other end. It catalogs numbers so that the hackers can call back
and try break in
Categories of vulnerabilities that hackers typically search for:
Dayananda Sagar College of Engineering,
Bangalore
⚫ Inadequate border protection
Dayananda Sagar College of Engineering,
Bangalore
⚫ Remote access servers(RASs) with weak access controls.
⚫ Application servers with well-known exploits.
⚫ Misconfigured systems and systems with default
configurations. What color is your Hat in the security world?
⚫ Black Hat - Just like in the old westerns, these are the bad guys. A black hat is a
cracker. To add insult to injury, black hats may also share information about the
“break in” with other black hat crackers so they can exploit the same vulnerabilities
before the victim becomes aware and takes appropriate measures.
⚫ White Hat – While black hats use their skill for malicious purposes, white hats are
ethical hackers. They use their knowledge and skill to thwart the black hats and
secure the integrity of computer systems or networks. If a black hat decides to target
you, it’s a great thing to have a white hat around.
⚫ Grey Hat – A gray hat, as you would imagine, is a bit of a white hat/black hat hybrid.
Thankfully, like white hats, their mission is not to do damage to a system or network,
but to expose flaws in system security. The black hat part of the mix is that they may
very well use illegal means to gain access to the targeted system or network, but not
for the purpose of damaging or destroying data: they want to expose the security
weaknesses of a particular system and then notify the “victim” of their success. Often
this is done with the intent of then selling their services to help correct the security
failure so black hats cannot gain entry and/or access for more devious and harmful
purposes.
⚫ A Brown hat is one who thinks before acting or committing a malice or non-
malice deed.
⚫ Often referred as Grey
hats Categories of Cybercrime
⚫ Target of the crime
⚫ Crimes targeted at individuals
⚫ Crimes targeted at property
⚫ Crimes targeted at organizations
⚫ Whether the crime occurs as a single event or as a series of events.
⚫ Single event cybercrime: hacking or fraud
⚫ Series of events: cyberstalking
How Cybercriminals Plan Attacks
Below are the three phases involved in planning a cyber-attack.
Reconnaissance – this is the information gathering stage and is usually considered a
passive attack.
Scanning and scrutinization of the collected data for validation and accurate
identification of existing vulnerabilities.
Dayananda Sagar College of Engineering,
Bangalore
Launching the attack – entails gaining and maintaining access to the system.
1. Reconnaissance
The first step in how cybercriminals plan attacks is always Reconnaissance. The literal
meaning of reconnaissance is an act of exploring with an aim or goal of finding someone or
something about the target. Concerning cyber security, it’s an exploration to gain
information about an enemy or a potential enemy. In cyber security, reconnaissance begins
with “Foot printing”, the initial preparation towards the preattack phase, and entails
collecting data about the target’s computer infrastructure as well as their cyber-environment.
Footprinting gives an overview of the victim’s weak points and suggestions on how they
can be exploited. The primary objective of this phase is to provide the attacker with an
understanding of the victim’s system infrastructure, the networking ports and services, and
any other aspect of security required for launching attacks.
Thus, an attacker attempts to source data from two different phases: passive
and active attacks.
Passive attacks
This is the second phase of the attack plan. In this phase, an attacker secretly gathers
information about their target; the aim is to acquire the relevant data without the victim
noticing. The process can be as simple as watching an organization to see when their CEO
reports to work or spying on a specific department to see when they down their tools.
Because most hackers prefer executing their duties remotely, most passive attacks are
conducted over the internet by googling. For example,
one may use search engines such as dogpile to search for information about an
individual or organization.
Yahoo or Google search: malicious individuals can use these search engines to gather
information about employees of the firm they are targeting to breach their system.
Surfing online communities like Twitter, Facebook, Instagram can also prove useful
sources to gather information about an individual, their lifestyle, and probably a hint
to their weakness that can then be exploited.
The organization’s website may also provide useful information about specific or key
individuals within the organization, such as the CEO, MD, head of the IT department,
etc. The website can be used to source personal details such as email addresses,
phone numbers, roles, etc. With the details, an attacker can then launch a social
engineering attack to breach their target.
Press releases, blogs, newsgroups, and so on, are in some cases, used as the primary
channels to gather information about an entity or employees.
Going through job requirements for a specific position within a company can also help an
attacker identify the type of technology being used by a company and the level of
competency of their workforce. An attacker can then decide on what method to use when
breaching the targeted system from the data.
Dayananda Sagar College of Engineering,
Bangalore
Active Attacks
An active attack involves closely examining the network to discover individual hosts and
verify the validity of the gathered information, such as the type of operating system in use,
IP address of the given gadget, and available services on the network, collected during the
passive attack. It involves the risk of detection and can also be referred to as “Active
reconnaissance” or “Rattling the doorknobs”.
Active reconnaissance can be used to confirm the security measures put in place by an
attacker, but at the same time, it can alert the victim if not well executed. The process may
raise suspicion or increase the attacker’s chance of being caught before they execute the full
attack.
In a typical social engineering attack, a cybercriminal will communicate with the intended
victim by saying they are from a trusted organization. In some cases, they will even
impersonate a person the victim knows.
If the manipulation works (the victim believes the attacker is who they say they are), the
attacker will encourage the victim to take further action. This could be giving away sensitive
information such as passwords, date of birth, or bank account details. Or they might
encourage the victim to visit a website where malware is installed that can cause disruptions
to the victim's computer. In worse case scenarios, the malicious website strips sensitive
information from the device or takes over the device entirely.
One of the greatest dangers of social engineering is that the attacks don't have to work against
everyone: A single successfully fooled victim can provide enough information to trigger an
attack that can affect an entire organization.
Dayananda Sagar College of Engineering,
Bangalore
Over time, social engineering attacks have grown increasingly sophisticated. Not only do fake
websites or emails look realistic enough to fool victims into revealing data that can be used
for identity theft, social engineering has also become one of the most common ways for
attackers to breach an organization's initial defenses in order to cause further disruption and
harm.
Impersonation
⚫ In this type of social-engineering attack, the hacker pretends to be an employee
or valid user on the system. A hacker can gain physical access by pretending to
be a janitor, employee, or contractor.
⚫ To attackers, sets of valid credentials are a coveted asset. An attacker who has
obtained valid user credentials through social engineering techniques has the
ability to roam the network with impunity searching for valuable data. In log data,
the
attacker’s activities are easily hidden due to the inability to see the subtle
differences in behaviors and access characteristics. Yet, this phase of the classic
attack chain often represents the lengthiest portion of the attack.
Posing as an important user
⚫ —In this type of attack, the hacker pretends to be a VIP or high-level manager
who has the authority to use computer systems or files.
Dayananda Sagar College of Engineering,
Bangalore
⚫ Most of the time, low-level employees don’t ask any questions of someone who
Dayananda Sagar College of Engineering,
Bangalore
appears in this position.
Being a third party
⚫ In this attack, the hacker pretends to have permission from an authorized person to
use the computer system. It works when the authorized person is unavailable for
some time.
Desktop support
⚫ Calling tech support for assistance is a classic social-engineering technique.
⚫ Help desk and technical support personnel are trained to help users, which makes
them good prey for social engineering attacks.
Shoulder surfing
⚫ Shoulder surfing—Shoulder surfing is the technique of gathering passwords by
watching over a person’s shoulder while they log in to the system.
⚫ A hacker can watch a valid user log in and then use that password to gain access to
the system
Dumpster diving
⚫ —Dumpster diving involves looking in the trash for information written on pieces of
paper or computer printouts.
⚫ The hacker can often find passwords, filenames, or other pieces of confidential
information like SSN, PAN, Credit card ID numbers etc
⚫ Also called dumpstering, binning, trashing, garbaging or garbage gleaning.
⚫ scavenging
Fake E-mails
⚫ Phishing involves false emails, chats, or websites designed to impersonate
real systems with the goal of capturing sensitive data.
⚫ A message might come from a bank or other well-known institution with the need
to “verify” your login information.
⚫ It will usually be a mocked-up login page with all the right logos to look
legitimate. E-Mail attachments:
E-Mail attachments are used to send malicious code to a victim’s system, which will
automatically get executed. Viruses, Trojans, and worms can be included cleverly into the
attachments to entice a victim to open the attachment
Pop-up windows:
Pop-up windows are also used, in a similar manner to E-Mail attachments. Pop-up windows
with special offers or free stuff can encourage a user to unintentionally install malicious
software.
Cyberstalking
⚫ Cyberstalking is the use of the Internet or other electronic means to stalk or harass an
individual, a group, or an organization.
Dayananda Sagar College of Engineering,
Bangalore
⚫ It may include false accusations, defamation, slander and libel.
⚫ It may also include monitoring, identity theft, threats, vandalism, solicitation for sex,
or gathering information that may be used to threaten or harass.
⚫ Cyberstalking is sometimes referred to as Internet stalking, e-stalking or online
stalking.
⚫ Cyberstalking is a crime in which the attacker harasses a victim using electronic
communication, such as e-mail or instant messaging (IM), or messages posted to a
Web site or a discussion group.
⚫ A cyberstalker relies upon the anonymity afforded by the Internet to allow them to
stalk their victim without being detected.
⚫ Cyberstalking messages differ from ordinary spam in that a cyberstalker targets a
specific victim with often threatening messages, while the spammer targets a
multitude of recipients with simply annoying messages.
Types of Stalkers
⚫ online Stalkers
⚫ offline stalkers.
Both are criminal offenses. Both are motivated by a desire to control, intimidate or
influence a victim. A stalker may be an online stranger or a person whom the target
knows. He may be anonymous and solicit involvement of other people online who do not
even know the target.
How stalking works?
1. Personal information gathering about the victim.
2. Establish a contact with the victim through telephone/ cell phone. – start threatening
or harassing
3. Establish a contact with the victim through E-mail.
4. Keep sending repeated E-mails asking for various kinds of favors or threaten the
victim.
5. Post victim’s personal information on any website related to illicit services.
6. Whosoever comes across the information, start calling the victim on the given
contact details, asking for sexual services.
7. Some stalkers may subscribe/ register E-Mail account of the victim to innumerable
pornographic and sex sites, because of which victim start receiving such kind of
unsolicited E-Mails
Cybercafe and Cybercrimes
⚫ An Internet café or cybercafé is a place which provides Internet access to the public,
usually for a fee.
⚫ According to Nielsen Survey on the profile of cybercafes users in India:
1. 37% of the total population use cybercafes
Dayananda Sagar College of Engineering,
Bangalore
2. 90% of this were males in age group 15-35 years
3. 52% graduates and post graduates
4. > 50% were students
Hence, it is extremely important to understand the IT security and governance practiced in
the cybercafes.
Role of Cybercafe
⚫ used for either real or false terrorist communication.
⚫ for stealing bank passwords, fraudulent withdrawal of money
⚫ Keyloggers or spywares
⚫ Shoulder surfing
⚫ For sending obscene mails to harass people.
⚫ They are not network service providers according to ITA2000
⚫ They are responsible for “due
diligence” Illegal activities observed in
Cybercafes
⚫ Pirated software: OS, browser, Office
⚫ Antivirus software not updated
⚫ Cybercafes have installed “deep freeze” software
⚫ This software clears details of all activities carried out, when one clicks
“restart” button.
⚫ Annual Maintenance Contract (AMC): not in place
⚫ Is a risk because a cybercriminal can install malicious code for criminal
activities without any interruption
⚫ Pornographic websites and similar websites are not blocked
⚫ Owners have less awareness about IT Security and IT Governance.
⚫ IT Governance guide lines are not provided by cyber cell wing
⚫ No periodic visits to cybercafes by Cyber cell wing (state police) or Cybercafe
association
Safety and security measures while using the computer in Cyber Café
1. Always Logout:
do not save login information through automatic login information
2. Stay with the computer
3. Clear History and temporary files
4. Be alert:
don’t be a victim of Shoulder surfing
5. Avoid Online Financial Transaction
Dayananda Sagar College of Engineering,
Bangalore
6. Change passwords
7. Virtual Keyboards
8. Security warnings
⚫ An attack vector is a path or means by which a hacker (or cracker) can gain access to
a computer or network server in order to deliver a payload or malicious outcome.
⚫ Attack vectors enable hackers to exploit system vulnerabilities, including the human
element.
⚫ Attack vectors include viruses, e-mail attachments, Web pages, pop-up windows,
instant messages, chat rooms, and deception. All of these methods involve
programming (or, in a few cases, hardware), except deception, in which a human
operator is fooled into removing or weakening system defenses.
⚫ To some extent, firewalls and anti-virus software can block attack vectors.
⚫ But no protection method is totally attack-proof.
⚫ A defense method that is effective today may not remain so for long, because hackers
are constantly updating attack vectors, and seeking new ones, in their quest to gain
unauthorized access to computers and servers.
⚫ If vulnerabilities are the entry points, then attack vectors are the ways attackers can
launch their assaults or try to infiltrate the building.
⚫ In the broadest sense, the purpose of the attack vectors is to implant a piece of code
that makes use of a vulnerability. This code is called the payload, and attack vectors
vary in how a payload is implanted.
⚫ The most common malicious payloads are viruses (which can function as their own
attack vectors), Trojan horses, worms, and spyware.
⚫ If an attack vector is thought of as a guided missile, its payload can be compared to
Dayananda Sagar College of Engineering,
Bangalore
the warhead in the tip of the missile.
Different ways to launch Attack
Vectors:
⚫ Attack b y E-Mail
⚫ Attachments
⚫ Attack b y deception: social engineering/ haoxes
⚫ Hackers
⚫ Heedless guests (attack by webpage)
⚫ Attack of the worms
⚫ Malicious macros
⚫ Foistware/ sneakware
⚫ viruses
A zero-day attack
⚫ A zero-day (or zero-hour or day zero) attack or threat is an attack that exploits a
previously unknown vulnerability in a computer application or operating system, one
that developers have not had time to address and patch.
⚫ Software vulnerabilities may be discovered by hackers, by security companies or
researchers, by the software vendors themselves, or by users.
⚫ If discovered by hackers, an exploit will be kept secret for as long as possible and
will circulate only through the ranks of hackers, until software or security companies
become aware of it or of the attacks targeting it.
⚫ ZERT
Dayananda Sagar College of Engineering,
Bangalore