Unit 1 and Unit 4

Topic: Information System Attacks, Cyber crimes types and overview of Cyber crimes

1. Data breach

Data breach refers to sensitive data being leaked to an external unsecured environment without the
knowledge of owner. This leaked or stolen data may involve sensitive or confidential information
such as contact no. , email addresses, banking details or Intellectual property—such as trade secrets.
The effects brought on by a data breach can come in the form of damage to the target company’s
reputation due to a perceived ‘betrayal of trust.’ Victims and their customers may also suffer financial
losses and legal complications.

Common causes of data breach:

1. Many a times, Websites sell user’s data to third parties. Ex: healthcare websites may sell contact
details of their users to health insurance companies. Using these details, they advertise their services
to the client.
2. The malicious insider could have access to the company’s sensitive details financial details or a
client list, which they could pass on or sell to a competitor.
3. Attackers target specific individuals or organizations to obtain confidential information. Attackers
use various methods to gain unauthorized access to corporate networks and systems or to steal user
login credentials. (MITM)
4. A common form of security incident is the loss of devices or unauthorized access to credentials,
resulting in cyber criminals obtaining confidential information. For example, a lost laptop, mobile
phone, or external hard drive that is unlocked or unencrypted can easily lead to information being
stolen if it ends up in the wrong hands.

Preventive measures:

1. Use strong passwords: The most common cause of data breaches continues to be weak passwords,
which enable attackers to steal user credentials and give them access to corporate networks. So we
should use strong passwords that are hard to guess.
2. Use multi-factor authentication (MFA): Users and organizations should never rely on passwords
alone. MFA forces users to prove their identity in addition to entering their username and password.
This increases the likelihood that they are who they say they are, which can prevent a hacker from
gaining unauthorized access to accounts and corporate systems even if they manage to guess or steal
the user’s password.
3. Trust only secure URLs: Users should only open Uniform Resource Locators (URLs) or web addresses
that are secure. These will typically be URLs that begin with Hypertext Transfer Protocol Secure
(HTTPS).
2. Phishing

A victim receives a message that appears to have been sent by a known contact or organization. The
attack is then carried through links connecting to malicious websites. In either case, the objective is
to direct the victim to a fake website. Fake websites are set up to trick victims into enter personal and
financial information, such as passwords, account IDs or credit card details. These details are
received by attacker.

● Phishing emails are well written messages that appear to be sent by known contact or
organization.
● The message is written to invoke fear or a sense of urgency.
● The message includes a request to verify personal information, such as login details or
financial details. It asks to click on some link that directs the user to a website that looks real.
● As the user enters details and submits it, these details are received by attacks who can enter
these details on the real website to gain access. He can now open the victim’s account.

However, as experts say, we should never disclose your confidential information like OTP, bank details
to anyone. Also, we should not transfer money to unknown numbers without verifying.

● Never share your personal details online.

● Never share OTP. Bank never asks for this.
 ● Don’t click on suspicious links.
● Be aware of how phishing mails look like.

Smishing is a form of phishing in which an attacker uses a compelling text message (SMS) to trick
targeted recipients into clicking a malicious link having phishing content.

Vishing is a form of phishing in which people are phoned and tricked into revealing their personal
details to fraudsters claiming to be from a legitimate body such as their bank or the police.

3. Malware

Malware, or “malicious software,” is an umbrella term that describes any malicious program or code
that is harmful to systems.
Malware includes viruses, worm, Trojan horse, adware, spyware and ransomware that gets secretly
installed onto your device. Once malware is on your device, criminals can use it to steal your
sensitive information, send you unwanted or inappropriate ads, demand payment to unscramble
data encrypted by ransomware, and make your device vulnerable to even more malware. It has
dramatic abilities and it can communicate to its originator in background without the knowledge of
system administrator. It is the most powerful tool to harm an organization. It can installed by
downloading infected attachment from emails, visiting infected websites, downloading infected
software and sometime by USB or other external devices.

How to know if you have Malware?

Look for unusual behaviour from your phone, tablet, or computer. Your device might have been
infected with malware if it

● suddenly slows down, crashes, or displays repeated error messages

● won’t shut down or restart
● won’t let you remove software
● serves up lots of pop-ups, inappropriate ads, or ads that interfere with page content
● shows ads in places you typically wouldn’t see them, like government websites
● shows new and unexpected toolbars or icons in your browser or on your desktop
● uses a new default search engine, or displays new tabs or websites you didn’t open
● keeps changing your computer’s internet home page
● runs out of battery life more quickly than it should
4. Virus

A computer virus is a type of malicious code or program written to alter the way a computer
operates. Virus perform anomalous behaviour. Some viruses will actually erase everything on your
computer, and others will randomly pick a document in your computer and email it to everyone in
your address book. Viruses self-replicate and attach themselves to files such as documents,
presentations, and system files and can be spread by email, CDs, and floppy disks, pendrives, visiting
infected websites, downloading infecting softwares etc.

Symptoms?

• Frequent crashes

• Missing or modified files

• Disabled antivirus
Countermeasures:

1. Keep trusted antivirus software on your computer. Do not forget to update it promptly. Do not
miss the update notifications to keep your device safe.

2. Do not insert an external device like pen-drive, CD, etc without scanning it with antivirus software.

3. To help protect your inbox, Gmail blocks attachments when malware is detected. You should still only
download attachments from people you trust.

5. Worm

Worms are similar to a virus but it‘s main objective of worms is to eat the system resources. The
primary goal of a worm is to replicate itself as much as possible, ultimately overwhelming the
network and slowing down the infected computers on it.

Your computer starts to slow down abnormally. Some worms take up all of a computer’s resources
by design. This decreases the device’s speed and performance because there isn’t enough processing
power to properly run normal functions. If you notice that your computer isn’t moving as quickly or
your programs are frequently crashing, it could indicate that you have a worm.

Your computer runs out of storage faster than expected. Worms repeatedly replicate themselves.
That means that the copies they make need to be stored on your device. This eats up your hard drive
space, so if it seems that your storage is lower than it should be, look into it.

Symptoms:

• Full disk space

• Slow performance due to used up resources

• Missing files

• Hidden files or folders

• Unrecognized files or programs

• Programs running or websites opening automatically

• Unusual program behaviour such as notification pop-ups, error messages, etc.

6. Trojan Horse

The name Trojan derived from the ‘Trojan Horse’ tale in Greek mythology, which explains how the
Greeks were able to enter the fortified city of Troy by hiding their soldiers in a big wooden horse
given to the Trojans as a gift. The Trojans were very fond of horses and trusted the gift blindly. In the
night, the soldiers emerged and attacked the city from the inside.

Trojans are usually disguised as benign or useful software that are downloaded from the Internet,
but they actually carry malicious code designed to do harm. In general, a Trojan comes attached to
what looks like a legitimate program. In reality, it is a fake version of the software, loaded up with
malware. Cybercriminals will usually place them on unofficial and pirate app markets for
unsuspecting users to download. Trojans are not self-replicating and are only spread by users who
mistakenly download them, usually from an email attachment or by visiting an infected site.

• Their purpose is to conceal themselves inside the software that seem legitimate and when that
software is executed they will do their task of either stealing information or any other purpose for
which they are designed.

• They often provide backdoor gateway for other malware to enter your system and steal your
valuable data without your knowledge and permission.

7. Spyware

Spyware (Spying software) is a type of malicious software (“malware”) that records sensitive
information and passes it to attackers without user knowledge. Spyware can collect a wide range of
information about the infected device and its user. This may include keystrokes, login credentials,
browsing history, email messages, chat conversations, and more. Some advanced spyware can give
the attacker remote control over the infected device. This allows them to perform actions like taking
screenshots, recording audio or video, and even controlling the webcam or microphone. Spyware can
steal sensitive information, such as credit card numbers, social security numbers, and personal
identification information. This stolen data is often used for identity theft or financial fraud.

8. Adware

Adware, often called advertising supported malware, it’s software that bombards your browser with
unwanted ads. They throw advertisements up on your screen, most often within a web browser.
Adware generates revenue for its developer by automatically displaying online advertisements to
users.

• Adware works by installing itself quietly onto your devices, hoping you’ll – accidentally or
otherwise – click on an add that it displays to you. This is because, ultimately, adware exists to make
money.

• They basically monitor your interests and display relevant ads. They track your search and browsing
history to display ads that are more relevant to you.

9. Ransomware

• Ransomware is a type of malware designed to extort money from its victims, who are blocked or
prevented from accessing data on their systems.
• A user or organization’s critical data is encrypted so that they cannot access files, databases, or
applications.

• They Threat to publish or blocks access to data or a computer system, usually by encrypting it, until
the victim pays a ransom fee to the attacker.

• In many cases, the ransom demand comes with a deadline. If the victim doesn’t pay in time, the
data is gone forever or the ransom increases.

10. Password attack

Attacker tries to log in to a password-protected security system by systematically checking and

attempting all possible passwords until the correct one is found.

• Brute Force Attack: Attempts to determine a secret by trying every possible combination.

• Dictionary attack: Probe only passwords/keys from a dictionary. Generally dictionary attack
succeeds as people have a tendency to pick words from dictionary. Restricting number of attempts
and using Captcha helps prevent dictionary or Brute force attack.

11. Spamming

The term refers to unsolicited, bulk – and often unwanted – email. Spam is the electronic equivalent
of junk mail that are sent in bulk. Spam mails are not always malicious as the purpose may be
commercial advertising. Advertising companies simply send the same message over and over to the
same user. Here are ways to reduce spam: Enable filters on your email programs and report spam.

12. Man-in-the middle attack: MitM attacks are attacks where the attacker is actually intercepts the
connection between the victim and a host.

While it’s easy for them to go unnoticed, there are certain things you should pay attention to when
you’re browsing the web — mainly the URL in your address bar. The sign of a secure website is
denoted by “HTTPS” in a site’s URL. If a URL is missing the “S” and reads as “HTTP,” it’s an immediate
red flag that your connection is not secure.

Additionally, we should avoid connecting to public Wi-Fi networks specially for performing online
transactions and other confidential tasks. Cybercriminals often spy on public Wi-Fi networks and use
them to perform a man-in-the-middle attack.
13. DOS/DDOS attack: A DoS attack tries to make a web resource unavailable to its users by flooding
the target URL with more requests than the server can handle. That means that during the attack
period, regular traffic on the website will be either slowed down or completely interrupted.

A Distributed Denial of Service (DDoS) attack is a DoS attack that targets more than one source at the
same time. A DDoS attack is typically generated using thousands (potentially hundreds of thousands)
of unsuspecting zombie machines. The machines used in such attacks are collectively known as
“botnets”. They use a DoS attack to take down the bank's website and then send out phishing e-mails
to direct customers to a fake emergency site instead.

14. Cyber-Bullying: Cyberbullying is when someone bullies or harasses others on the internet
particularly on social media sites. Harmful bullying behaviour can include posting rumours, threats,
remarks, threating someone to post victim’s personal information, or posting pejorative labels, hate
speech etc. Victims of cyber bullying may experience lower self-esteem and various negative
emotional responses, including being scared, frustrated, angry, or depressed.

15. Cyber Stacking: Cyber stalking refers to the use of the internet and other technologies to harass
or stalk another person online, and is a crime. This online harassment, which is an extension
of cyberbullying can take the form of e-mails, text messages, social media posts, and more and is
often deliberate and persistent. It includes:
 ● Posing rude, offensive, or suggestive comments online
● Following the target online by joining the same groups and forums
● Using technology to threaten or blackmail the target
● Tagging the target in posts excessively, even if they have nothing to do with them
● Creating fake accounts to follow the target on social media
● Messaging the target repeatedly
● Hack into or hijack the target's online accounts
● Releasing confidential information online
● Posting or distributing real or fake photos of the target
● Creating fake posts designed to shame the victim

❖ Common preventive measures:

1. Beware of emails that look suspicious. If the sender’s email address looks unfamiliar, avoid. Do not
click on just any link of attachment to open or download. Only do so when you trust the source.

2. Keep backup of important files and folders on google drive.

3. Check the spelling of URLs, websites, and emails.

4. Never divulge personal data online or on the phone.

5. Always use sites that have an ‘https’ prefix before the URL, it is more secure as it enables
encrypted connection.

6. Use Firewalls as they provide protection against outside cyber attackers by shielding your
computer or network from malicious or unnecessary network traffic.

7. Frequent password changing is a good practice and avoid using same password for multiple
accounts.

8. Use updated version of Antimalware or Antivirus as they detect and remove viruses and other
kinds of malicious software from your computer or laptop. Perform system scan on regular basis.

9. Use Email filters to stop spam mails. By doing so, next time those mails will be automatically move
to “spam folder”.

10. Don’t visit unsafe websites. Some internet security software will alert you that you’re about to
visit an unsafe site.

11. Don’t click on pop-up windows that promise free programs that perform useful tasks.

12. We should not carry out any online transaction or confidential task using public wifi.