Hacker

The one who is curious about the

workings of any computer software
is termed a hacker. Very often, the
hackers are a unit of smart
programmers.

Hackers have advanced knowledge

of operative systems and
programming languages.
Cracker
People who break into different
systems with malicious intentions are
referred to as crackers.

Crackers cause issues to victims by

an unauthorized access, destroying
necessary information, stopping
services provided by the server, and
more.
Phreakers
Phreaker is the one who gains illegal
access to the telephone system as shown
in Figure.

Phreakers are considered the original

computer hackers and they are those
who break into the telephone network
illegally, typically to make free long
distance phone calls or to tap phone
lines.

Phreakers are people who specialize in

attacks on the telephone system.
Hacking Phases/Steps of Hacking
 Phase 1- Reconnaissance

• Reconnaissance : This is the first phase where the Hacker tries to collect
information about the target. It may include Identifying the Target, finding
out the target’s IP Address Range, Network, DNS records, etc.Let’s assume
that an attacker is about to hack a websites’ contacts.

• The tool widely used in this process is NMAP, HPING,Maltego,Google

Dorks
 Phase 2 -Scanning
• Scanning: The attacker begins to actively probe a target
machine or network for vulnerabilities that can be exploited.

Tools used is NMAP, wireshark,Nessus,Nexpose.

 Phase 3- Gaining Access
• Gaining Access: In this phase, hacker designs the blueprint of
the network of the target with the help of data collected
during Phase 1 and Phase 2. The hacker has finished
enumerating and scanning the network and now decide that
they have a some options to gain access to the network.

• Primary tool used for this Metasploit

 Phase 4- Maintaining Access
• Maintaining Access: Once a hacker has gained access, they
want to keep that access for future exploitation and attacks.
Once the hacker owns the system, they can use it as a base to
launch additional attacks.

• Metasploit is the preferred tool in this process also.

 Phase 5 – Covering Tracks
• Clearing Tracks (so no one can reach them): Prior to the
attack, the attacker would change their MAC address and run
the attacking machine through at least one VPN to help cover
their identity. They will not deliver a direct attack or any
scanning technique that would be deemed “noisy”.
• Once access is gained and privileges have been escalated, the
hacker seek to cover their tracks. This includes clearing out
Sent emails, clearing server logs, temp files, etc. The hacker
will also look for indications of the email provider alerting the
user or possible unauthorized logins under their account.
 and it’s heading closer to home...

Indian targets
•Banking and finance
•Energy, oil and gas
$
financial identity economic Physical
•Telecom
•Defence & research
crime theft espionage attacks
•Manufacturing
•Infrastructure
•Affiliates of above
 Realise that today, a hacker can:

•SHUT DOWN A GOVERNMENT FROM HIS BASEMENT

•STEAL MONEY WITHOUT TOUCHING THE CRIME SCENE

•CONTROL AND CRASH YOUR CAR

•ROB A BANK OF BILLIONS IN MINUTES

•SHUT DOWN POWER GRIDS, NUCLEAR PLANTS

•ASSUME THE IDENTITY OF BILLIONS OF VICTIMS

•MURDER A PERSON BY CHANGING MEDICAL RECORDS

ARE YOU READY TO STOP THEM?
 HACKING

Hacking (Guessing
of password ) &
taking control of
Social Site Profiles
and sending
offensive messages
through it
 FAKE PROFILE

Hacking
(Guessing of
password ) &
taking control of
Social Site
Profiles and
sending
offensive
messages
through it
 MORPHING & DEFAMTION

Circulating
Morphed or
private pictures
and information
on social sites
like Facebook &
mobile apps like
Whatsapp
Cyber Stalking via Mobile

Continuously
calling and
messaging
through
phone or its
applications
to harass.
Cyber Stalking via E-mails

Sending
offensive
messages with
vulgar/abusive
attachments
via E-mails
Cheating using Matrimonial sites

Cheating
Prospective Brides
by contacting
them through
Matrimonial sites
INSULT TO THE MODESTY OF WOMAN

Creating Profiles on
porn sites or any
other websites and
uploading contact
details & private
photos.
Child Pornography

Child Pornography
one of the most
heinous offence
 Downloading & Copyright Infringement

Internet is used to listen to music,

watch videos and play games
online. Mobile handsets are also
used commonly to share music,
mms, video clips. We must not
use it for downloading them or
sharing copyrighted material.

If you do so you are liable for

prosecution under the provisions
of Copyright Act.
Social Networking Sites
 Cyber Crime Investigation??
• Another name to Cyber Crime Investigation is
• Cyber Forensics/Computer Forensics /Digital
Forensics.
• If you want to become Digital forensic
Investigator,then
• Pause ,Think and Act.
• Pause, Think and Act (Security Awareness
Video).mp4
 Cases

Instagram/Facebook Fake or
Harassment Case.

Office Woman Harassment Case

Husband and Wife case

 Instagram/Facebook Fake or Harassment
Case.
• Go to the profile of the person whose IP you want to know.Click on the three dots next to
their username.
• Copy their profile URL.
• Go to Grabify IP Logger, IP Logger or similar websites.
• Paste the link into the bar and click on ‘Create URL’. When the results page opens, you will
see a new link generated.
• Chat with the person for some time and send them (the shortened) link. It would be wise to
tell them that you want them to see a great picture or read a wonderful story on this link.
• When they click on it, refresh the page in the logger website you used and you will get the
person’s IP address at the bottom of the page.
• If you use Facebook or Instagram to chat with the person, you might need to switch on the
‘Hide Bots’ option in order to get their genuine IP.
• If all you needed to know was the person’s IP address, you’re good to go. However, if you
want to know more details about the person, you will need to take a few more steps.
• Go to IP Tracker or other similar websites.
• Click on the IP Tracker option.
• Paste the IP that you got from one of the IP logger sites and trace it.
• Voila! What you got is the name, location, area code, ISP and other detailed information
about the person
• Norse map shows the attack origins, attack types, attack target, attacker
IP, attacker geo, and ports. You can filter the map by following
geolocation and protocols.
• Watch daily DDoS attack worldwide with Digital Attack Map. You can
filter the map with multiple options.
• FireEye Cyber Threat Map give you a nice summary of total attacks today
with following data.
• Top 5 reported industries
• Top attacker by country
• It’s not as detailed as above two but still useful if you are just looking for
data in industry and country wise.
• Botnet threat activity map by Trend Micro shows the monitored
malicious network activity to identify command-and-control servers.
• Real-time web monitor by AKAMAI shows network & attack traffic
overview which you can filter by regions.
• 1. Norse 2. Digital Attack Map 3. FireEye 4. SUCURI 5. Wordfence
• 6. Kaspersky 7. Threat Cloud 8. Trend Micro 9. AKAMAI
WhatsApp Addition
⚫ 1. Over-sharing
⚫ 2. Checking Your Facebook
Whenever Possible
⚫ 3. Overly Concerned with
Facebook Image
⚫ 4. Reporting On Facebook
 Facebook Addiction

5. Spending Hours
Browsing Through
Facebook Every day
6. Mad rush to add
more friends
7. Compromising
offline social life
 Emotional Symptoms of Online Addition

The following symptoms are

typical of online addicts:
Feelings of guilt
Anxiety
Depression
Dishonesty
Euphoric feelings when in
front of the computer
Unable to keep schedules
No sense of time
Isolation
Defensiveness
Avoiding doing work
Agitation
 Physical Symptoms of Online Addiction

The following symptoms

are characteristic of
someone who uses the
computer for a very long
period of time:
Backache
Headaches
Weight gain or loss
Disturbances in sleep
Carpal tunnel syndrome
Blurred or strained vision
Drawbacks of Internet or Computer addiction

•Information overload. Too much online surfing leads to decreased

productivity at work and fewer interactions with family members.
Compulsions.
•Excessive time spent in online activities such as gaming, trading
of stocks, gambling and even auctions often leads to overspending
and problems at work.
•Cybersex addiction. Too much surfing of porn sites often affects
real-life relationships.
•Cyber-relationship addiction. Excessive use of social networking
sites to create relationships rather than spending time with family
or friends may destroy real-life relationships.
 Test or Self-Assessment for
Computer/Internet/Mobile Addiction

Are you preoccupied with using the Internet? Do you think about your previous
or future online activity?
• Do you have the need to be online longer to be satisfied?
Have you made repeated but unsuccessful attempts to cut back,
stop or control your Internet use?
• Do you become moody, restless, irritable or depressed when you stop or
decrease your Internet use?
• Is your time spent online longer than what you originally planned?
• Did your online use negatively affect a significant relationship,
education, career or job?
• Do you conceal the extent of your Internet usage from your therapist,
family or others?
• Does the Internet serve as an escape from problems or relief from a bad
mood?
 Chat Rooms & Online Predators

Online predators join into chat

rooms and start chatting

They build trust and try to be a

good friend by asking about your
interests, hobbies, personal
photographs, ask for private
chats, offers gifts.

Sometimes the predators will be

very kind and affectionate toward
a child and gradually introduce
the sexual content in their
conversation and ask a child to
maintain secrecy by not
informing parents.
 Facebook hack – attackers got complete access to 50MILLION
accounts’ profiles, posts, photos and messages in security breach

FACEBOOK has admitted that

50million accounts were accessed by
hackers in a monumental security
breach – leaving them able to see all of
your personal info, photos, and even
private messages.
The blunder was slipped out as a blog post
late on Friday afternoon, three days after
the attack was first discovered - here's how
it could affect you...

Speaking to reporters, Facebook revealed

the significant danger behind this hack:
"Attackers could use the account as if they
were the account holder."
A BUG AFFECTING EVERY CPU IN THE
WORLD
MELTDOWN and SPECTRE
• Major issues that allow hackers to read
secrets on any Intel CPU.

• They can steal passwords, emails,

photos or any documents.

• Affects desktops, laptops, servers,

cloud, and mobile devices.

• Antivirus and other security tools

cannot prevent it.

• Intel’s fix reduces the system

performance by around 30%!
 INVESTED IN CRYPTOCURRENCY?
The world’s largest hack just happened!

• Tokyo based cryptocurrency exchange

called Coin check was hacked.

• 532 million USD was stolen by the

hackers in one swoop.

• Details of the hack are still unclear.

• Japanese regulators are investigating.

• Anyone who invests in cryptocurrency

should beware, these hacks are
becoming more frequent.
JACKPOTTING — THE NEW ATM HACK!!
Hackers can make ATM machines spit out all their notes

• Secret Service and FBI have released

an advisory on the new technique.

• Disguised as technicians, the hackers

install malware on the ATM.

• The malware lets them remotely

control the ATM to spit out all the
notes.

• An accomplice stands ready with a

bag to cart off the cash!
 POINT AND CLICK HACKING
A hacker has released an automatic exploit tool to the public

• The tool is called ‘AutoSploit’ (short for

auto exploit).

• It allows unsophisticated hackers to find

thousands of vulnerable computers on
the Internet.

• The software then automatically hacks

them and gives the hacker control!

• The whole hack is point and click, with

minimal technical expertise needed.
 HAVE YOU VISITED JAMTARA IN
JARKHAND?
It’s the cybercrime hub of India
• 90% of phone call and call center fraud originate
from this town.

• The town is flush with cash, and a construction boom

has begun.

• Huge number of trade secrets hacked and

successfully exfiltrated

• Town members get together in the mornings, split

into groups of two and sit amidst the bamboo to make
calls.

• They pretend to be “ATM headquarters” or “SBI

main branch”

• Procure fake SIMs and coerce people’s bank account

details.
 Râmnicu Vâlcea
Romania's Infamous
Cyber Crime Hub
● 1,00,000 residents

● Cybercrime is the local profession

● Called “The most dangerous place

on the Internet”.

● How lucrative is their business?

The roads have the largest
number of exotic sports cars…
 Cyber Ransomware

• Downloaded from attachment or targetted attack

• All data and information taken for ransom
• Mostly in Bitcoins or other Cryptocurrencies
• NO solution yet because of the use of TOR
 CAR HACKING
A hot new area for hackers

• Hackers Charlie Miller and Chris Valasek demonstrated ‘live’ to a

reporter how they can remotely control a Jeep Cherokee — with him
inside it on the highway!

• Started by turning the A/C on full, blaring the radio and turning the
wipers on and off.

• Then they cut the transmission… He finally begged them to stop.

• Two weeks later, hacker Samy Kamkar showed how he can unlock and
start any high-end car — Cadillac’s, BMW’s, Nissan’s etc.
‘ROLLJAM’ DEVICE - UNLOCKS ALMOST ANY
CAR
 Copy someone’s keys with A PHOTOGRAPH
From the convenience of your smart phone
•New apps like KeyMe have been launched.
•You take a photo of a key and the duplicate
it.
•The key will be shipped to the comfort of
your home.
•There is no validation of who is the key
owner!
 Miniature do-it-yourself CREDIT CARD SPOOFER

Hang on to your credit card!

•Can store multiple credit cards on one device
•Works completely wirelessly, even on non-wireless credit card
machines!
•Can disable the chip and pin functionality of the card
•Costs $10 and can be made at home!
 3D printed COMBINATION LOCK BREAKER

Device is called ComboBreaker

•Design is available for download
•Can be printed on any 3D printer
•Cracks combo locks in under 8 tries
•Total cost is under $100
Cyber Law
SOLUTION?
 Five top tips for staying safe online

» Do not use an account with administrative privileges for normal

day-to-day activities. Accounts with lower privileges warn you if a
program ties to install software or modify settings, allowing you to
decide whether the proposed action is safe.

» Ensure that your operating system and application software is

up-to-date and install anti-malware software.

» Take care when downloading and installing software, if it is free or

is not from a well- recognized brand there is a risk it may include
features that spy on you
 Five top tips for staying safe online

» Treat emails containing attachments or hyperlinks

(particularly shortened links) with caution

» Use your common sense- if an email offer looks too

good to be true, the prices on a website are abnormally
low or you receive an unsolicited telephone call
offering computer support, it’s probably a scam.