V semester BBA

CYBER SECURITY
-------------------------------------------------------------------------------------------------------------
MODULE-2
SECTION A
a) Define cyber-crime.
 A cyber-crime is a criminal act in which someone targets a computer or a network of
devices in order to gain illegal rights, steal data from them, frauds etc.
 Cybercrime is commonly called a computer-oriented criminal activity that either uses or
targets a network, computer system, or network device

b) What is Cyber Law?

 Cyber law, also known as internet law or digital law signifies the legal regulations and
frameworks governing digital activities.

c) What is a Malware?
 Malicious software, or "malware," is any program designed to harm computer systems or
their users—like ransomware, Trojan horses, and spyware.
 Malware, short for malicious software, refers to any intrusive software developed by
cybercriminals (often called hackers) to steal data and damage or destroy computers and
computer systems. Examples of common malware include viruses, worms, Trojan viruses,
spyware, adware, and ransomware

d) Define digital security.

 Digital security is the collective term that describes the resources employed to protect your
online identity, data, and other assets. These tools include web services, antivirus software,
smartphone SIM cards, biometrics, and secured personal devices

e) How can you file a police report for a Cyber-crime?

 You can file a complaint online on the National Cyber Crime Reporting portal, call the
national helpline number, or visit the nearest local police station.

f) What are social engineering attacks?

 Social engineering is a manipulation technique that exploits human error to gain private
information, access, or valuables.
 Social engineering encompasses various manipulation techniques to trick users and steal
their personal information, money, login credentials, and more.
g) Define Hacking.
Hacking is the act of gaining unauthorized access to data in a system or computer.

h) What is Cyber Bullying?

 Cyber bullying is the use of technology to harass, threaten, embarrass, or target another
person. Online threats and mean, aggressive, or rude texts, tweets, posts, or messages all
count.

i) Which Organizations are dealing with Cybercrime and Cyber security in India?
 Indian Cyber Crime Coordination Centre (I4C)

j) What are Zero day and Zero click attacks.

 Zero-day exploit is a type of cyber security attack that occurs on the same day the software,
hardware or firmware flaw is detected by the manufacturer.
 Zero-click spyware is a malicious hack that requires no interaction from the user. zero-click
attacks require no action from the victim – meaning that even the most advanced users can
fall prey to serious cyber hacks and spyware tools.

SECTION B & SECTION C

1) Explain the types of Cyber Law
 Cyber law, also known as internet law or digital law signifies the legal regulations and
frameworks governing digital activities.
Types of Cyber Law
1. Privacy Laws:
o Privacy laws govern the collection, use, and protection of individuals’ personal
information online.
o Examples include the General Data Protection Regulation (GDPR) in Europe and the
California Consumer Privacy Act (CCPA) in the United States.
2. Cybercrime Laws:
o Cybercrime laws focus on criminal activities conducted online, including hacking,
identity theft, online fraud, and cyber bullying.
o These laws define offenses, penalties, and procedures for investigation and
prosecution.
3. Data Breach Notification Laws:
o Data breach notification laws mandate that organizations inform affected individuals
and authorities when a data breach occurs.
o These laws aim to ensure transparency and help individuals take necessary actions
to protect themselves.
4. Intellectual Property Laws:
o Intellectual property laws protect digital content, patents, trademarks, and
copyrights in the digital realm.
o They address issues like copyright infringement and online piracy.
5. Cyber security Laws:
o Cyber security laws require organizations to implement measures to protect their
digital infrastructure and sensitive data.
o These laws often set standards and requirements for data security practices.
6. E-Commerce and Online Contracts:
o Laws related to e-commerce and online contracts establish legal frameworks for
online transactions, electronic signatures, and consumer rights.
o They provide a basis for resolving disputes in the digital marketplace.
7. Social Media and Online Content Regulations:
o Regulations governing social media and online content address issues such as hate
speech, defamation, and harmful content.
o They set guidelines for the removal or restriction of such content.
8. Computer Crime Laws:
o Computer crime laws specifically target offenses involving computer systems and
networks.
o They encompass unauthorized access, malware distribution, and cyber-attacks on
critical infrastructure.
9. Crypto currency and Block chain Regulations:
o As digital currencies and block chain technology gain prominence, regulations
address issues like crypto currency trading, initial coin offerings (ICOs), and block
chain-based contracts.
10. International Cyber security Agreements:
o Some laws and agreements focus on international cooperation in combating
cybercrimes and promoting cyber security best practices.
o Examples include the Budapest Convention on Cybercrime and bilateral cyber
security agreements between nations.

2) Explain the types of Cyber Crimes.

 A cyber-crime is a criminal act in which someone targets a computer or a network of
devices in order to gain illegal rights, steal data from them, frauds etc.
 Cybercrime is commonly called a computer-oriented criminal activity that either uses or
targets a network, computer system, or network device
 Cybercrime is any criminal activity that involves a computer, networked device or a
network.
 TYPES OF CYBER CRIMES

 Phishing: A phishing attack involves attackers sending several spam mails having malicious
attachments or links. Once a receiver clicks on a link, he/she may be redirected to a
malicious site asking the receiver to respond with confidential details, such as login
credentials, billing information, etc. This type of attack may also take place through text
messages, websites, or even social media platforms.
 Hacking: Hacking is a type of cybercrime act where an intruder gets access to a few or
complete functions within a system without your permission. Hackers (people who perform
hacking) are tending to be computer programmers and they have an advanced
understanding of computers. However, they misuse this knowledge for performing illegal
activities, such as accessing corporate and government accounts, and stealing their financial
data or other important information.
 Computer Viruses: Mostly, computer viruses are attached to infected software that spreads
across other installed software. Viruses can come to your system through removable
devices and the internet. Without proper scanning and removing them from your system,
the next time you start your system, the viruses will run all over again.
 Ransomware: Ransomware is one of the most popular types of malware-based attacks. It
enters through a computer network on a local machine and encrypts files using public-key
encryption. That means you cannot access encrypted files and the information stored in
them. The cybercriminal will then ask for ransom (money) to unlock the files and give your
data back.
 DDoS Attacks: The DDoS (Distributed Denial of Service) attack is a blatant attempt by
cybercriminals to take down a system or network temporarily or completely. This
overwhelms a system with multiple connections requests that it cannot handle.
 Additionally, there may be spam traffic coming from various sources. This eventually leads
to server overload. DDoS attacks are used as a distraction technique to allow cybercriminals
to hack into the system meanwhile.
 Botnets: Botnets are networks from comprised computers that are controlled externally by
remote attackers, known as ‘Bot Herders'. The attackers target other computers and send
spams or malware by using these botnets. This type of cybercrime is usually performed
against businesses and governments because botnets mainly target the entire IT
infrastructure.
 Cyber stalking: This type of cybercrime involves a person being followed by the
cybercriminal online. The stalker will follow the target person virtually, including all the
activities. Then, the stalker might harass the victim by using social media platforms, mails,
or websites, etc. Cyber stalkers first try to know their victims as much as possible and then
make them feel afraid or concerned regarding their
 Identity Theft: Identity theft is a specific type of cybercrime in which attackers gain access
to the victim's personal information, including passwords, financial accounts, credit cards,
and other confidential information. In most cases, cybercriminals use these details to steal
money from your accounts, without your knowledge. Additionally, cybercriminals may use
your details to commit a crime or claim government benefits, making others think it was
you.
 PUPs: PUPs is an acronym for 'Potentially Unwanted Programs'. These are not considered
much threatening as compared to other types of cybercrime. These are nothing but a type
of malware program that uninstalls important software from your computer system
automatically. In addition, PUPs can also remove or change your default search engines
within the browsers. They can involve adware and spyware; therefore, it’s a good practice
to make use of an antivirus program to prevent any malicious download.
 Social Engineering: This type of cybercrime involves criminals making direct contact with
the victim through phone, emails, or even in person. Cybercriminals first try to earn trust
and then they steal confidential information like passwords, financial accounts data, etc. In
most cases, cybercriminals act like a customer service agent of any legitimate company and
ask for the important information. Once they get the desired information, they might sell
your information or try to steal money from your accounts.
 Online Scams/Frauds: These are crimes that involve spam advertisements or emails
offering large rewards or high amounts of money. These offers are presented in such a way
that they look very real. Once users click on these malicious advertisements or links, the
malware reaches their system and compromises the information.
 Prohibited/Illegal Content: This is a specific type of cybercrime that includes the sharing of
offensive and inappropriate content over virtual platforms. Cybercriminals distribute
offensive materials to make people feel hatred against other people, religions, or countries,
 etc. Offensive content can include but is not limited to, videos of criminal activities, sexual
activities between adults, videos with intense violence, etc. Additionally, it can also contain
illegal contents like terrorism supported materials or child exploitation materials.
 Spamming: This cybercrime involves criminals using electronic messaging systems to send
messages to users. These messages usually consist of malware, fake links of websites, and
other malicious software. Email spamming is one of the common spamming methods in
which bulk messages are sent to large numbers of users. These messages include deals, and
promos from trusted companies to attract users to click on the attachments or the fake
links.
 Malvertising: Malvertising involves criminals filling websites with several advertisements
containing malicious codes or links. Once users click on these advertisements, they will be
redirected to fake websites that look like trusted ones. Users will submit the personal
details, thinking they are legitimate. This information will further reach to the attackers.
Furthermore, the websites can automatically start downloading files containing viruses and
other malware.
 Cyber Terrorism: Generally grander acts of destruction online by using the Internet or
computer technology to carry out acts of terror, such as causing infrastructure damage and
catastrophic malfunctions, stealing confidential information, or spreading propaganda with
political or cultural implications. Cases of cyber terrorism are becoming increasingly
sophisticated, placing higher demands on cyber security and protection.
 Online Harassment: Involves cyber bullying, cyber stalking, and repeated acts intended to
scare, harm, anger, or shame a particular individual. Today, online harassment is most
prevalent on social media sites, dating apps, and forums/message boards. Examples of
online harassment include sending inappropriate and unsolicited messages, making clear
and intentional threats, or distributing sensitive photos or videos of a victim.

3) Discuss the Types of cybercrimes targeting computers and mobiles.

 A cyber-crime is a criminal act in which someone targets a computer or a network of
devices in order to gain illegal rights, steal data from them, frauds etc.
TYPES OF CYBERCRIMES TARGETING COMPUTERS AND MOBILES
1. Web-Based Threats – These types of threats happen when people visit sites that appear to
be fine on the front-end but in reality, automatically download malicious content onto the
mobile devices. Also, many mobile applications continue to sync their data in the
background which poses a threat. These threats usually go unnoticed by the users.
 Phishing through Links: Some legitimate-looking links are sent through messages,
emails, or social media platforms. They extract personal information by tricking with
several schemes. It is not possible to categorize them as real or fake as they copy the
original website.
  Forced Downloads: When you visit a page through anonymous links, it automatically
directs you to the download page. This method is called drive-by downloads.
2. Physical Threats – These threats happen when someone physically tries to access your
device. When you lose your mobile, or it is stolen there is a possibility for physical threats.
Mobile devices carry your transactional data as well as have connected applications to your
bank accounts, which is a threat to your privacy breach.
 No Password Protection: With keeping all measures to secure your data, it is
surprising to know that some people find it difficult to use a password on their
devices, or they rather use a password that is easy to crack by hackers. This leads to
physical threats.
 Encryption: While using carrier networks they generally provide good encryption
while accessing servers. But while accessing some client and enterprise servers they
are explicitly managed. They are not end-to-end encrypted which can lead to
physical threats.
 Weak Passwords: If the passwords of the mobile devices are weak there might be a
change of others accessing the data. This might result in data leakage and privacy
issues. So make sure that the passwords for mobile devices or apps must be strong.
3. Network-Based Threats – Mobile network includes both Cellular and Local network support
such as Bluetooth and Wi-Fi. These are used to host network threats. These threats are
especially dangerous as the cyber-criminals can steal unencrypted data while people use
public Wi-Fi networks.
 Public Wi-Fi: While we are using our devices for every task, at public places we are
provided with public open Wi-Fi which tends to be legitimate while they are
controlled by hackers which results in data leakage.
 Network Exploits: Network exploits are due to the vulnerabilities in the operating
system in your mobile devices. Once this software is connected to the network they
are capable of installing malware onto the device without being known.
4. Application-Based Threats – Websites available for software downloads are home to these
threats. They tend to be genuine software but in fact are specially designed to carry
malicious activities.
 Malware: Malware is designed to send unwanted messages to recipients and further
use your personal and business information by hacking your devices.
 Spyware: They are the software that are used to collect specific information about
an organization or person which later can be used for fraud and identity threats.
 Hacking: It is a type of cybercrime in which a person tries to identify and exploit
weakness in a computer system or a computer network for his own benefits.
  Virus dissemination: Virus dissemination is a process in which a Malicious software
attaches itself to other software (which can be a trojan horse, time bond, virus ,
worm etc) which has the ability to destroy the victim computer/system.
 Cyber Terrorism: Cyber terrorism is a type of attack in which a person uses the
Internet to establish violent acts which may result in loss of a life, harm to a person
or threaten to life. The main object of this is to gain political advantages by the use
of threat.
 Computer Vandalism: Computer Vandalism is a type of process in which a program
has the ability to perform malicious tasks such as getting someone’s passwords or
important data. This can even include the removal of user data or deleting one's
hard drive.

4) Discuss the Challenges associated with cybercrimes against women and children and
remedial measures taken.
o A cyber-crime is a criminal act in which someone targets a computer or a network of
devices in order to gain illegal rights, steal data from them, frauds etc.
CYBERCRIMES AGAINST WOMEN & CHILDREN
 CYBER STALKING- It included contacting or attempting to engage with the victim via social
networking sites or phone conversations despite her evident indifference, writing messages
(often threatening) on the victim’s page, and persistently pestering the victims with e –
mails messages/phone calls, among other things.
 SEXTORTION- This is the most frequently committed cybercrime involving women. The
criminals began extorting or sexual favours from their victims by blackmailing them into
disclosing their private photographs or modified images. By intimidating women,
perpetrators sought sexual videoconferencing or letters from them in response to the
pandemic frustration. Additionally, their lack of income emboldened them to extract money
from victims by threatening them with their modified photographs.
 CYBER HACKING- The women became victims of cyber hacking after clicking on malware
URLs that downloaded all their personal information on their phones, activated the
microphone and camera, and captured their intimate photos and videos. Offenders then
utilize these pieces of data and images to commit sextortion and other crimes.
 CYBER-BULLYING- This would include posting false and misleading and abusive statements
about the victims on social networking sites and demanding payment to have them
removed, leaving hurtful comments on the victim’s posts, exchanging morphed/private
pictures of the victims without her consent, and sending rape and death threats to the
victim, among other things. A sort of harassment and bullying is committed through digital
or communicative devices such as a computer, mobile phone, or laptop.
 PHISHING- criminals send bogus email messages with a link to a specific webpage in order
to trick the victim into entering personal information such as bank payment information,
contact information, and passcodes or with the intention of infecting the victim’s device
with harmful viruses as soon as the link is opened. These emails and texts look to be real.
The perpetrators then utilize the victim’s bank account and other private details to conduct
suspicious transactions from the victim’s account to their own.
 PORNOGRAPHY- Throughout the epidemic, perpetrators engaged in online sexual assault of
women, morphing the victim’s image and utilizing it for pornographic purposes.
 CYBERSEX TRAFFICKING- In contrast to sex trafficking, the victims has no direct interaction
with the abuser. Cybersex trafficking occurs when a dealer broadcasts, records, or
photographs the victim doing sexual/intimate actions from a central place and then sells the
material on the internet to sexual abusers and purchasers. The offenders have sexually
abused women by coercing, manipulating, and blackmailing them into becoming involved in
cybersex trafficking.
 Harassment through e-mails: Harassment via email, includes black mailing, threatening and
constant sending of love letters in anonymous names or regular sending of embarrassing
mails.
 Child pornography: Child sexually abusive material (CSAM) refers to material containing
sexual image in any form, of a child who is abused or sexually exploited. Section 67 (B) of IT
Act states that “it is punishable for publishing or transmitting of material depicting children
in sexually explicit act, etc. in electronic form.
 Cyber grooming: Cyber Grooming is when a person builds an online relationship with a
young person and tricks or pressures him/ her into doing sexual act.
 Prostitution: Many escorts will advertise their services in online classifieds, social media
forums, or their own personal websites, making it easy and discreet for people to find them.
But since prostitution is illegal in the vast majority of the United States, both the escort and
the client are committing a crime.
REMEDIAL MEASURES TAKEN
 Cyber Crime Prevention against Women & Children (CCPWC) scheme: Ministry of Home
Affairs has provided financial assistance to all the States & UTs to strengthen the
mechanism to deal with cyber-crimes under Cyber Crime Prevention against Women &
Children (CCPWC) scheme. The scheme is an effort to support the states in setting up cyber
forensic-cum-training laboratories, training, and hiring junior cyber consultants. Under the
initiative, cyber forensic-cum-training laboratories have been established in 28 States.
 Spreading awareness about cyber-crimes: The Central Government has taken action to
increase public awareness of cybercrimes, including the issue of alerts and advisories,
capacity building and training for law enforcement, prosecutors, and judicial officials, as
well as the development of cyber forensic technologies. Programs are run by the Ministry of
 Electronics and Information Technology (MeitY) to raise people’s understanding of
information security. Information security-specific books, movies, and online resources are
created for kids, parents, and general users.
 Indian Cyber Crime Coordination Centre (I4C): To offer a framework and ecosystem for
LEAs to deal with cybercrimes in a thorough and coordinated manner, the government
established the Indian Cyber Crime Coordination Centre (I4C). In order to address the issue
of jurisdictional complexity, based on hotspots/areas for cybercrime, the I4C has
established “Joint Cyber Coordination Teams” in Mewat, Jamtara, Ahmedabad, Hyderabad,
Chandigarh, Vishakhapatnam, and Guwahati. These teams are responsible for providing a
strong coordination framework to the LEAs.
 National Cyber Crime Reporting Portal: To enable the public to report occurrences
pertaining to all sorts of cybercrimes, with a focus on cybercrimes against women and
children, the government has developed the National Cyber Crime Reporting Portal
(www.cybercrime.gov.in). A module of the Citizen Financial Cyber Fraud Reporting and
Management System has also been introduced to allow for the immediate reporting of
financial frauds and to prevent money from being siphoned off by fraudsters.
 Keep an eye out for irrelevant / fraudulent phone/email messages.
 Don't respond to email messages that ask for personal information.
 Be aware of fraudulent Websites used to steal personal information.
 Pay attention to privacy policies on Websites and in software .
 Guard your email address.
 Use Strong Passwords.

5) Explain in detail the social engineering attacks.

 Social engineering is a manipulation technique that exploits human error to gain private
information, access, or valuables.
 Social engineering attacks typically involve some form of psychological manipulation,
fooling otherwise unsuspecting users or employees into handing over confidential or
sensitive data.
A few common traits in all social engineering attacks are:
Heightened emotions: An attacker threatens the loss of an account to trick users into
providing their credentials, or the attacker might pretend to be an executive demanding
money from a targeted user to instill a sense of urgency in an employee fearful of losing
their job.
Spoofed sender address: Most users are unaware that a sender email address can be
spoofed, but proper email security will stop spoofed senders from accessing a targeted
user’s inbox. Instead, an attacker will register a domain similar to an official one and hope
that a targeted user does not notice the misspelling.
Strange friend requests: It’s not uncommon for an attacker to compromise an email
account and spam malicious messages to the victim’s contact list. Messages are usually
short and don’t have the personalized element from friends, so be hesitant to click links
from friends if the message does not sound like personalized communication.
Unprofessional website links: Phishing links are sometimes used with social engineering to
trick users into divulging sensitive information. Never enter credentials into a website
directly from an email link, even if it looks like an official site (e.g., PayPal).
Too good to be true: Scammers often promise money in exchange for monetary
compensation. For example, a targeted user could get a free iPhone in exchange for
shipping payments. If the offer is too good to be true, then it is probably a scam.
Suspicious attachments: Instead of tricking targeted users into divulging private
information, a sophisticated attack might work towards installing malware on a corporate
machine using email attachments. Never run macros or executable on a machine from a
seemingly harmless email message.
Questionable sender: Many social engineering techniques are designed to mimic a familiar
source, such as a friend, boss, or co-worker. In the event you receive a suspicious email
message, always check in and ask yourself “did my boss/friend/co-worker actually send this
to me?” Before responding to the email in question, contact the actual person via phone
call, text, or social media message to validate whether or not their being impersonated.
Refusal to respond to questions: If a message seems suspicious, reply to the message and
ask the sender to identify themselves. An attacker will avoid identifying themselves and
might just ignore the request.
Unidentifiable sender: If the sender is unable or unwilling to verify their identity with the
organization, do not provide any additional information or access that they're requesting.
While email messages are the most common, this applies to other social engineering tactics
as well, such as text messages, phone calls, etc.
TYPES OF SOCIAL ENGINEERING ATTACKS
PHISHING
PRETEXTING
BAITING
QUID PRO QUO
TAILGATING
CEO FRAUD.
Phishing: Phishing is the most common type of social engineering attack. At a high level,
most phishing scams aim to accomplish three things: Obtain personal information such as
names, addresses, and Social Security Numbers; Use shortened or misleading links that
 redirect users to suspicious websites that host phishing landing pages; and Leverage fear
and a sense of urgency to manipulate the user into responding quickly.
Pretexting: Pretexting is another form of social engineering where attackers focus on
creating a pretext, or a fabricated scenario, that they can use to steal someone’s personal
information. In these attacks, the scammer usually impersonates a trusted entity/individual
and says they need specific details from a user to confirm their identity. If the victim
complies, the attackers commit identity theft or use the data to conduct other malicious
activities. More advanced pretexting involves tricking victims into doing something that
circumvents the organization’s security policies.
Baiting: Baiting lures (no pun intended) victims into knowingly or unwittingly giving up
sensitive information, or downloading malicious code, by tempting them with a valuable
offer, or even a valuable object. . Alternatively, they can try to exploit human curiosity via
the use of physical media.
Quid Pro Quo: Like baiting, quid pro quo attacks promise something in exchange for
information. This benefit usually assumes the form of a service, whereas baiting usually
takes the form of a good.
Tailgating: Our penultimate social engineering attack type is known as “tailgating.” In these
attacks, someone without the proper authentication follows an authenticated employee
into a restricted area. In tailgating—also called ‘piggybacking’—an unauthorized person
closely follows an authorized person into and area containing sensitive information or
valuable assets. Tailgating can be conducted in person—e.g, a threat actor can follow an
employee through an unlocked door. But tailgating can also be a digital tactic, such as when
a person leaves a computer unattended while still logged in to a private account or
network.
CEO Fraud: Last but certainly not least is CEO (or CxO) fraud. In this attack, cybercriminals
first spend time gathering information about an organizational structure and key members
of the executive team. Similar to pretexting, attackers leverage the trustworthiness of the
source of the request - such as a CFO - to convince an employee to perform financial
transactions or provide sensitive and valuable information. CEO fraud is also known as
executive phishing or business email compromise (BEC) and is a type of spear-phishing
attack.
Ways to Prevent Social Engineering Attacks
 Do not open any emails from untrusted sources. Contact a friend or family member in
person or by phone if you receive a suspicious email message from them.
 Do not give offers from strangers the benefit of the doubt. If they seem too good to be
true, they probably are.
 Lock your laptop whenever you are away from your workstation.
 Purchase anti-virus software. No AV solution has a 100% detection rate, but they can help
to defend against campaigns that use social engineering tactics.
 Read your company’s privacy policy to understand under what circumstances you can or
should let a stranger into the building.
 Verify any urgent requests that come from a contact within your organization to confirm
they are valid, particularly before transferring money or divulging information.
 Create a risk-aware culture to ensure employees are on alert. Social engineering attacks
typically rely on naivety and human error to be successful. Ensure security is a part of your
organizational lexicon so employees can prevent attacks, and know where to report
incidents should they occur.

6) Discuss the IT Act-2000.

IT act, 2000
The Information Technology Act, 2000 also Known as an IT Act is an act proposed by the Indian
Parliament reported on 17th October 2000. This Information Technology Act is based on the
United Nations Model law on Electronic Commerce 1996 (UNCITRAL Model) which was
suggested by the General Assembly of United Nations by a resolution dated on 30th January,
1997. It is the most important law in India dealing with Cybercrime and E-Commerce. The main
objective of this act is to carry lawful and trustworthy electronic, digital and online transactions
and alleviate or reduce cybercrimes.
Objectives of the IT act, 2000
 The Information Technology Act, 2000 provides legal recognition to the transaction done via
electronic exchange of data and other electronic means of communication or electronic
commerce transactions.
 This also involves the use of alternatives to a paper-based method of communication and
information storage to facilitate the electronic filing of documents with the Government
agencies.
 Further, this act amended the Indian Penal Code 1860, the Indian Evidence Act 1872, the
Bankers’ Books Evidence Act 1891, and the Reserve Bank of India Act 1934.
 Grant legal recognition to all transactions done via electronic exchange of data or other
electronic means of communication or e-commerce, in place of the earlier paper-based
method of communication.
 Give legal recognition to digital signatures for the authentication of any information or
matters requiring legal authentication
 Facilitate the electronic filing of documents with Government agencies and also
departments
 Facilitate the electronic storage of data
 Give legal sanction and also facilitate the electronic transfer of funds between banks and
financial institutions
 Grant legal recognition to bankers under the Evidence Act, 1891 and the Reserve Bank of
India Act, 1934, for keeping the books of accounts in electronic form.
The offences and the punishments in IT Act 2000:
1. Tampering with the computer source documents.
2. Directions of Controller to a subscriber to extend facilities to decrypt information.
3. Publishing of information which is obscene in electronic form.
4. Penalty for breach of confidentiality and privacy.
5. Hacking for malicious purposes.
6. Penalty for publishing Digital Signature Certificate false in certain particulars.
7. Penalty for misrepresentation.
8. Confiscation.
9. Power to investigate offences.
10. Protected System.
11. Penalties for confiscation not to interfere with other punishments.
12. Act to apply for offence or contravention committed outside India.
13. Publication for fraud purposes.
14. Power of Controller to give directions.
The offences and the punishments in IT Act 2000:
1. Tampering with the computer source documents.
2. Directions of Controller to a subscriber to extend facilities to decrypt information.
3. Publishing of information which is obscene in electronic form.
4. Penalty for breach of confidentiality and privacy.
5. Hacking for malicious purposes.
6. Penalty for publishing Digital Signature Certificate false in certain particulars.
7. Penalty for misrepresentation.
8. Confiscation.
9. Power to investigate offences.
10. Protected System.
11. Penalties for confiscation not to interfere with other punishments.
12. Act to apply for offence or contravention committed outside India.
13. Publication for fraud purposes.
14. Power of Controller to give directions.
 Offences
Section Offence Penalty

Tampering with computer source Imprisonment up to three years, or/and

65
documents with fine up to ₹2,00,000

Imprisonment up to three years, or/and

66 Hacking with computer system
with fine up to ₹5,00,000

Receiving stolen computer or Imprisonment up to three years, or/and

66B
communication device with fine up to ₹1,00,000

Imprisonment up to three years, or/and

66C Using password of another person
with fine up to ₹1,00,000

Imprisonment up to three years, or/and

66D Cheating using computer resource
with fine up to ₹1,00,000

Imprisonment up to three years, or/and

66E Publishing private images of others
with fine up to ₹2,00,000

66F Acts of cyberterrorism Imprisonment up to life.

Publishing information which Imprisonment up to five years, or/and with

67
is obscene in electronic form. fine up to ₹10,00,000

Imprisonment up to seven years, or/and

67A Publishing images containing sexual acts
with fine up to ₹10,00,000

Imprisonment up to three years, or/and

67C Failure to maintain records
with fine.

Imprisonment up to 2 years, or/and with

68 Failure/refusal to comply with orders
fine up to ₹1,00,000

Imprisonment up to seven years and

69 Failure/refusal to decrypt data
possible fine.
 Securing access or attempting to secure Imprisonment up to ten years, or/and with
70
access to a protected system fine.

Imprisonment up to 2 years, or/and with

71 Misrepresentation
fine up to ₹1,00,000

Imprisonment up to 2 years, or/and with

72 Breach of confidentiality and privacy
fine up to ₹1,00,000

Disclosure of information in breach of Imprisonment up to 3 years, or/and with

72A
lawful contract fine up to ₹5,00,000

Publishing electronic signature certificate Imprisonment up to 2 years, or/and with

73
false in certain particulars fine up to ₹1,00,000

Imprisonment up to 2 years, or/and with

74 Publication for fraudulent purpose
fine up to ₹1,00,000

7) What is Ransom ware? Explain its types.

o Ransomware is a type of malware attack in which the attacker locks and encrypts the
victim’s data, important files and then demands a payment to unlock and decrypt the data
and Cybercriminals demand ransom money from their victims in exchange for releasing the
data.
TYPES RANSOMWARE
LOCKER RANSOMWARE
CRYPTO-RANSOMWARE
SCAREWARE
LEAKWARE
RANSOMWARE AS A SERVICE (RAAS)
BAD RABBIT
 Locker Ransomware: These types of ransomware lock the users out of their systems. Most
of the time, users are allowed to view only the lock screen or interact with a screen
containing the ransom demand. The mouse and keyboard would be partially enabled to
make the payment to the attacker. Lockers usually don't destroy the data as it only prevents
users from accessing it. A timer with a deadline would be displayed to persuade the victim
to pay up.
 Crypto-Ransomware: As the most common type of ransomware, they encrypt the data,
information, or files on the victims' device. The victim would usually be able to see the data
and even use the system. However, they would not be able to access the data due to
encryption. Crypto ransomware also prompts the victims to make the payment. If the user
misses the deadline, all encrypted data would be permanently deleted.
 Scareware: Scareware generally tries to freak the users out by displaying an alarming
message and consequently tricks them into downloading malware. The attackers often use
prompts that look official and legitimate and urge the user to act fast without giving them
much time to think or analyze. The prompts can be a popup, a threatening message, or a
false button, displaying alarming messages such as: "Your PC is slow. Speed up Now", or
"Attackers can see your IP, Protect it now." Users who take the bait enable the ransomware
to enter their systems and lock them out or encrypt their data.
 Leakware: Through leakware, the attacker, instead of destroying the data, threatens to
release it on public domains. Also known as Doxware, leakware attacks are targeted at
organizations like banks and nationalized entities that handle confidential or sensitive data.
 Ransomware as a Service (RaaS): RaaS is where the threat actors embrace a SaaS-like
business model to carry out ransomware attacks. RaaS operates like an affiliate network
and allows cybercriminals with low technical knowledge to subscribe to RaaS and launch
ransomware attacks. Members of the affiliate earn a percentage of the ransom payment.
The RaaS model is one of the prime reasons for the dramatic increase in ransomware
attacks in the recent past because it removes the barrier of prerequisite coding knowledge
to launch an attack.
 Bad Rabbit: Bad Rabbit encrypts the user's file tables and demands Bitcoins to decrypt
them. It primarily affected government authorities like the Ministry of Infrastructure of
Ukraine. Some of the strings used in the code contained character names from the popular
series Game of Thrones.