Module 1 Introduction to Cybercrime

INTRODUCTION:

Objectives:

• Explain what is computer technology, and importance and the used in our daily lives
• Discuss how computers works.
• .

Lesson 1 Introduction to Computer Technology

What is COMPUTER?
Definition of Computer

● A computer is an electronic device that processes data according to a set of instructions, performs calculations, and
manages information.
● It consists of hardware components like a central processing unit (CPU), memory, storage devices, input/output interfaces,
and software programs that enable various tasks and operations, ranging from basic computations to complex simulations,
data analysis, and communication.
● an electronic device for storing and processing data, typically in binary form, according to instructions given to it in a variable
program
● Computer is an electronic device that is designed to work with Information. The term computer is derived from the Latin term
‘computare’, this means to calculate or programmable machine. Computer can not do anything without a Program. It
represents the decimal numbers through a string of binary digits. The Word ‘Computer’ usually refers to the Center Processor
Unit plus Internal memory.
● A computer is designed specifically to handle programs and applications, offering solutions using both hardware and
software components that work together. It also has memory which stores data, programs and the output.
The Input-Process-Output Concept

A computer is an electronic device that accepts data, processes data, generates output, and stores data. The concept of
generating output information from the input 4 data is also referred to as input-process-output concept.

The input-process-output concept of the computer is explained as follows—

Input

The computer accepts input data from the user via an input device like keyboard. The input data can be characters, word, text,
sound, images, document, etc.

Process

The computer processes the input data. For this, it performs some actions on the data by using the instructions or program given
by the user of the data. The action could be an arithmetic or logic calculation, editing, modifying a document, etc. During
processing, the data, instructions and the output are stored temporarily in the computer’s main memory.

Output

The output is the result generated after the processing of data. The output may be in the form of text, sound, image, document, etc.
The computer may display the output on a monitor, send output to the printer for printing, play the output, etc.

Storage

The input data, instructions and output are stored permanently in the secondary storage devices like disk or tape. The stored data
can be retrieved later, whenever needed.

Characteristics of Computer
1. Speed: As you know computer can work very fast. It takes only few seconds for calculations that we take hours to complete. You
will be surprised to know that computer can perform millions (1,000,000) of instructions and even more per second. Therefore, we
determine the speed of computer in terms of microsecond (10-6 part of a second) or nanosecond (10 to the power -9 part of a
second). From this you can imagine how fast your computer performs work.

2. Accuracy: The degree of accuracy of computer is very high and every calculation is performed with the same accuracy. The
accuracy level is 7. determined on the basis of design of computer. The errors in computer are due to human and inaccurate data.

3. Diligence: A computer is free from tiredness, lack of concentration, fatigue, etc. It can work for hours without creating any error. If
millions of calculations are to be performed, a computer will perform every calculation with the same accuracy. Due to this capability
it overpowers human being in routine type of work.

4. Versatility: It means the capacity to perform completely different type of work. You may use your computer to prepare payroll slips.
Next moment you may use it for inventory management or to prepare electric bills.

5. Power of Remembering: Computer has the power of storing any amount of information or data. Any information can be stored
and recalled as long as you require it, for any numbers of years. It depends entirely upon you how much data you want to store in a
computer and when to lose or retrieve these data.

6. No IQ: Computer is a dumb machine and it cannot do any work without instruction from the user. It performs the instructions at
tremendous speed and with accuracy. It is you to decide what you want to do and in what sequence. So a computer cannot take its
own decision as you can.

7. No Feeling: It does not have feelings or emotion, taste, knowledge and experience. Thus it does not get tired even after long
hours of work. It does not distinguish between users.

8. Storage: The Computer has an in-built memory where it can store a large amount of data. You can also store data in secondary
storage devices such as floppies, which can be kept outside your computer and can be carried to other computers.

Components of Computer
Software: Software refers to the collection of programs, instructions, and data that tell a computer what to do. It's intangible, consisting
of code written by programmers to perform specific tasks or functions. Software can be categorized into two main types:

• System Software: This is the core software that manages and controls the computer hardware so that application software
can perform its tasks. Examples include operating systems like Windows, macOS, Linux, as well as device drivers and
utilities.
• Application Software: This software is designed for end-users to perform specific tasks. Examples include word
processors, web browsers, games, and accounting software.

Software development involves various methodologies, programming languages, and tools to create, maintain, and update software
products.

Hardware: Hardware refers to the physical components of a computer system.

1. Input Devices: Input devices are hardware components that allow users to interact with a computer system by providing
data and commands. Some common input devices include:
• Keyboard: A keyboard is a peripheral device with keys arranged in a specific layout, allowing users to input text,
numbers, and commands into a computer.
• Mouse: A mouse is a pointing device that typically has two or more buttons and a scroll wheel. It allows users to
control the cursor on the screen and interact with graphical user interfaces.
• Touchscreen: A touchscreen is a display screen that can detect the presence and location of touch on its surface.
It enables users to interact directly with the displayed content, commonly used in smartphones, tablets, and
interactive kiosks.
• Trackpad: A trackpad, also known as a touchpad, is a flat surface that senses finger movements and gestures,
allowing users to control the cursor and perform various actions on laptops and some desktop computers.
• Scanner: A scanner converts physical documents, images, or objects into digital images or data that can be stored
or manipulated on a computer.
• Microphone: A microphone is an input device that captures audio signals and converts them into electrical signals
for recording or processing voice input.
• Webcam: A webcam is a video camera connected to a computer, allowing users to capture video footage or
participate in video conferencing and online communication.
2. Output Devices: Output devices are hardware components that display or present processed data and information to users.
Some common output devices include:
• Monitor: A monitor, also known as a display screen or screen, is an output device that presents visual information,
such as text, graphics, and videos, generated by the computer's graphics card.
• Printer: A printer is an output device that produces hard copies of digital documents and images on paper or other
media.
• Speaker: A speaker is an output device that converts electrical signals into audible sound waves, allowing users
to listen to audio content, such as music, speech, and system alerts.
• Projector: A projector is an output device that displays images or video onto a large screen or surface, commonly
used for presentations, movies, and visual displays in classrooms and auditoriums.
• Plotter: A plotter is a specialized output device used to produce high-quality, large-scale graphical output, such as
architectural blueprints, engineering designs, and maps.
3. Storage Devices: Storage devices are hardware components that store digital data and information for later retrieval and
use. Some common storage devices include:
• Hard Disk Drive (HDD): An HDD is a non-volatile storage device that uses magnetic storage to store and retrieve
digital data on spinning disks or platters.
• Solid-State Drive (SSD): An SSD is a non-volatile storage device that uses flash memory to store and retrieve
digital data, offering faster access times and higher data transfer speeds compared to HDDs.
 • USB Flash Drive: A USB flash drive, also known as a thumb drive or memory stick, is a portable storage device
that uses flash memory to store and transfer digital data between computers and other devices.
• Memory Card: A memory card is a small, removable storage device commonly used in digital cameras,
smartphones, and other portable devices to store photos, videos, music, and other digital files.
• Optical Disc: Optical discs, such as CDs, DVDs, and Blu-ray discs, are storage media that use laser technology
to read and write digital data in the form of pits and lands on the disc's surface.

Peopleware: Peopleware refers to the human aspect of computing, including the users, developers, managers, and support
personnel involved in the creation, deployment, and maintenance of software and hardware systems. Peopleware encompasses:

● Human-Computer Interaction (HCI): The study of how people interact with computers and to what extent computers are
or are not developed for successful interaction with human beings.
● Software Development Teams: Groups of programmers, designers, testers, and project managers who collaborate to
create software products.
● Technical Support Staff: Individuals who provide assistance to users experiencing problems with software or hardware.
● End-users: The individuals or organizations that use software and hardware to accomplish tasks or achieve objectives.

LESSON 3 GENERATIONS OF COMPUTER

a. The First Generation

The first computers used vacuum tubes for circuitry and magnetic drums for memory, and were often enormous, taking up
entire rooms. They were very expensive to operate and in addition to using a great deal of electricity, generated a lot of
heat, which was often the cause of malfunctions. First generation computers relied on machine language, the lowest level
programming language understood by computers, to perform operations, and they could only solve one problem at a time.
Input was based on punched cards and paper tape, and output was displayed on printouts.

Examples: – ENIAC – EDSAC – UNIVAC I, UNIVAC II, UNIVAC 1101

Disadvantages of First Generation of Computers:
• Computers were larger.
• They consumed an outsized quantity of energy.
• They heated terribly shortly because of thousands of vacuum tubes.
• They weren’t terribly reliable.
• Air learning is needed.
• Constant maintenance was needed.
• Not transportable.
• Costly business production.
• Very less work potency.
• Limited programming capabilities.
• Use of punch cards.

Limitations of First Generation of Computers :

The operative speed was terribly low. Power consumption was terribly high. They needed an oversized area for
installation. The Programming capability was quite low. Its process speed was conjointly low

b. The Second Generation

Transistors replaced vacuum tubes and ushered in the second generation of computers.
One transistor replaced the equivalent of 40 vacuum tubes. Allowing computers to become
smaller, faster, cheaper, more energy-efficient and more reliable. Still generated a great deal
of heat that can damage the computer.

Second-generation computers moved from cryptic binary machine language to

symbolic, or assembly, languages, which allowed programmers to specify instructions in
words. Second generation computers still relied on punched cards for input and printouts for
output. These were also the first computers that stored their instructions in their memory,
which moved from a magnetic drum to magnetic core technology.

Examples: UNIVAC III, RCA 501, Philco Transact S-2000, NCR 300 series, IBM
7030 Stretch, IBM 7070, 7080, 7090 series more energy-efficient and more reliable.
Still generated a great deal of heat that can damage the computer.

Characteristics of the second generation of computer are:

1. Smaller in size: The Second generation of computers are much more smaller in size than the first generation computers.
2. Change in circuits: The main change is the use of transistors in place of vacuum tubes( Vacuum tubes are used in first
generation of computers).
3. Power/ Energy Requirement: The second generation of computers requires less amount of energy (i.e. electricity)
compared to the first generation of computers and produces less heat than the first-generation computer
 4. Language used: Assembly language is used instead of Machine Language(used in first-generation computers) for
programming in computers.
5. Speed: Calculation of data could be done in microseconds.
6. Cost: The cost of Second-generation computers is reduced in comparison to first-generation computers.

Advantages of second-generation computers:

1. They are smaller in size as compare to the first generation.
2. It is more reliable
3. Uses less power and generates less heat.
4. The speed of the second generation is faster as compared to the first generation.
5. Second generation computers have improved accuracy and offer better portability.

Disadvantages of second-generation computers:

1. As we know, that they generate less heat but still require a cooling system.
2. They require frequent maintenance.
3. The commercial production of second generation computers is difficult.
4. They are used only for some specific purpose.
5. They use punch cards for input.

c. The Third Generation

The development of the integrated circuit was the hallmark of the third generation of
computers. Transistor s were miniaturized and placed on silicon chips, called
semiconductors, which drastically increased the speed and efficiency of computers. It could
carry out instructions in billionths of a second. Much smaller and cheaper compare to the
second generation computers.

Characteristics of Third Generation Computers:

• As compared to previous generations, the third generation computers were more reliable, fast, efficient, less expensive, and
smaller in size.
• In third generation computers, high-level programming languages were used such as BASIC, PASCAL, ALGOL-68, COBOL,
FORTRAN – II, PASCAL PL/1.
• The punch cards were replaced with mouse and keyboards.
• The integrated circuit technology replaces the use of individual transistors.
• The computers have high storage capacity.

Advantages of Third Generation Computers:

1. Computer required less space due to the use of integrated circuits (IC). A single integrated circuit (IC) contains transistors,
resistors, condensers, condensers, etc. on a piece of the silicon semiconductor substrate.
2. It produces less heat and required less energy during operations. Due to this third generation computers have less hardware
failure as compare to previous generations.
3. In third generation computers, the punch cards were removed and the input was taken with the help of a mouse and
keyboards.
4. They have high storage capacity and give more accurate results, which helps to store and compute and calculate more
precise operations.
5. The computers were portable and offer better speed.

Disadvantages of Third Generation Computers:

1. These computers still required air conditioning.
2. To manufacture IC, highly sophisticated technology was required.
3. Maintaining IC chips were difficult.

d. The Fourth Generation

The microprocessor brought the fourth generation of

computers, as thousands of integrated circuits were built onto a
single silicon chip. As these small computers became more
powerful, they could be linked together to form networks, which
eventually led to the development of the Internet.

Fourth generation computers also saw the development of

GUIs, the mouse and handheld devices.

Features of Fourth Generation Computers

• Very Large Scale Integrated (VLSI) circuits are used in a microprocessor-based system.
• In this generation, microcomputers became the most affordable.
• Handheld computers have grown in popularity and cost.
• In this age, networking between systems was invented and became commonplace.
• The quantity of memory and other storage devices available has expanded dramatically.
• The outputs are now more consistent and precise.
• The processing power, or speed, has skyrocketed.
• With the expansion of storage systems’ capacity, huge programs began to be used.
• Great advancements in hardware aided in the improvement of the screen, paper, and other output.
• Multiple high-level languages, such as BASIC, PASCAL, COBOL, FORTRAN, and C, were developed in the fourth
generation.

Advantages Fourth Generation of Computer

• They were designed to be used for a wide range of purposes (general-purpose computers).
• Smaller and more dependable than previous generations of computers.
• There was very little heat generated.
• In many circumstances, the fourth-generation computer does not require a cooling system.
• Portable and less expensive than previous versions.
• Computers from the fourth generation were significantly quicker than those from previous generations.
• The Graphics User Interface (GUI) technology was used to provide users with better comfort. During this time, PCs became
more inexpensive and widespread.
• Repair time and maintenance costs are reduced.
• They were also created with the intention of being used in commercial production.
• In this form of computer, any type of high-level language can be employed.

Disadvantages of the Fourth Generation of Computer

• The fabrication of the ICs necessitated the use of cutting-edge technologies
(Integrated Circuits).
• Only ICs can be made with a high-quality and reliable system or technology.
• Microprocessors must be manufactured using cutting-edge technology,
which necessitates the use of a cooler (fan).

e. The Fifth Generation

Based on Artificial Intelligence (AI). Still in development. The use of

parallel processi ng and superconductors is helping to make artificial
intelligence a reality. The goal is to develop devices that respond to
natural language input and are capable of learning and selforganization. There are some applications, such as
voice recognition, that are being used today.
 Features of Fifth-generation Computers
• The ULSI (ultra large scale integration) technology is used in this generation of computers.
• Natural language processing is now in its fifth phase of development.
• Parallel processing has advanced on these computers.
• The fifth-generation computer includes more user-friendly interfaces and multimedia functions.
• Computers that are more portable and powerful.
• Computers are dependable and less expensive.
• It’s easier to manufacture in a commercial setting.
• Desktop computers are straightforward to operate.

Advantages of Fifth Generation of Computer

• These computers are far quicker than previous generations.
• These computers are simpler to repair.
• These computers are substantially smaller in size than other generation computers.
• They are lightweight and easy to move.
• True artificial intelligence is being developed.
• Parallel Processing has progressed.
• Superconductor technology has progressed.

Disadvantages of Fifth Generation of Computer

• They’re usually sophisticated but could be difficult to use.
• They can give businesses additional power to monitor your activities and potentially infect your machine.

Lesson 4 Importance of Computer Technology in our daily lives

● A computer is a vital tool for accessing and processing information and data, as it is the first window to access
the Internet.
● It is an important tool for science students, who generally rely on it in preparing their educational reports and
projects.
● It facilitates ways of communicating with others by editing and writing messages and preparing reports and
documents.
● It is an effective element in achieving success in the educational process.
● It is a major tool in distance education, this type of education cannot be completed without the presence of a
laptop or computer.
● It helps to be familiar with the news and stay up to date, as it is a means of communicating with the outside world.
● It helps in doing some electronic transactions, such as making payments, purchasing, and others.
● It helps perform the tasks assigned to the user.
● It provides tools and means to facilitate work, such as tables, worksheets, presentations, and many more.
● It preserves and stores information away from the damaging factors of traditional methods of storage.
● It facilitates making and storing calculations.
MODULE 2 INTRODUCTION TO CYBERCRIME

OVERVIEW

• Differentiate the different type of cybercrime.

• Discuss how computer are used to execute cybercrime.
• Understand the basic security aspects related to Computer and Mobiles.
• Able to use basic tools and technologies to protect their devices.
LESSON 1: Cybercrime

What is Cyber?

It is the Characteristics of the culture of computers, information, technology and virtual reality.

Cybercrime is defined as a crime in which a computer is the object of the crime (hacking, phishing, spamming and child
pornography) is used as a tool to commit an offense.

Cybercriminals may use computer technology to access personal information, business trade secrets or use the internet
for exploitative or malicious purposes.

Republic Act No. 10175 Cybercrime Prevention Act of 2012 is a law in the Philippines approved on September 12,2012
which aims to address legal issues concerning online interactions and internet.

Republic Act No. 10173 Data Privacy Act of 2012 is an act protecting individual personal information.

What is cybercrime?

Criminal action that uses or targets a computer, a computer netwok, or a networked device is known as cybercrime. The
majority of cybercrime is conducted by hackers or cybercriminals who are after financial gain. However, there are times
when cybercrime tries to harm systems or networks for factors other than financial gain. These might be either personal
or political.

Cybercrime can be committed by both individuals and groups of people. Some online criminals are well-organized, employ
cutting-edge methods, and have extensive technical skills. Some hackers are newbies.

Categories of Cybercrime

Property: This is similar to a real-life instance of a criminal illegally possessing an individual’s bank or credit card details.
The hacker steals a person’s bank details to gain access to funds, make purchases online or run phishing scams to get
people to give away their information. They could also use a malicious software to gain access to a web page with
confidential information.

Individual: This category of cybercrime involves one individual distributing malicious or illegal information online. This can
include cyberstalking, distributing pornography and trafficking.

Government: This is the least common cybercrime, but is the most serious offense. A crime against the government is
also known as cyber terrorism. Government cybercrime includes hacking government websites, military websites or
distributing propaganda. These criminals are usually terrorists or enemy governments of other nations.

Who are The Cybercriminals?

A cybercriminal is a person who uses his skills in technology to do malicious acts and illegal activities known as
cybercrimes. They can be individuals or teams.

Cybercriminals are widely available in what is called the “Dark Web” where they mostly provide their illegal services or
products.
Not every hacker is a cybercriminal because hacking itself is not considered a crime as it can be used to reveal
vulnerabilities to report and batch them which is called a “white hat hacker”.

However, hacking is considered a cybercrime when it has a malicious purpose of conducting any harmful activities and
we call this one “” or a cyber-criminal.

It is not necessary for cybercriminals to have any hacking skills as not all cyber crimes include hacking.

Cybercriminals can be individuals who are trading in illegal online content or scammers or even drug dealers.

So here are some examples of cybercriminals:

• Black hat hackers

• Cyberstalkers
• Cyber terrorists Scammers
• Cybercriminals who conduct targeted attacks are better to be named Threat Actors.

LESSON 2 Most Common Types of Cybercrime

Cybercrime encompasses a wide range of illegal activities that involve computers, computer networks, and the internet.
These activities can vary in terms of complexity and impact, and they are constantly evolving as technology advances.
Here are some common types of cybercrime:

1. Hacking: Unauthorized access to computer systems, networks, or devices with the intent to steal data, disrupt
operations, or carry out malicious activities. This may include gaining access to personal, corporate, or government
systems.

2. Malware: Malware, short for "malicious software," encompasses a wide range of harmful software programs designed
to damage, disrupt, or gain unauthorized access to computer systems or networks.

Once installed on a victim's computer, malware can steal sensitive information, encrypt files for ransom, or cause damage
to the system.

Examples: Viruses, worms, Trojans, ransomware, spyware, adware.

Impact: Malware can result in data loss, system crashes, identity theft, financial loss, and unauthorized access to
sensitive information.

3. Phishing: Deceptive attempts to trick individuals into revealing sensitive information, such as login credentials, credit
card numbers, or personal identification. Phishing often occurs through fraudulent emails, websites, or messages.
Definition: Phishing is a form of social engineering where attackers attempt to deceive individuals into revealing sensitive
information, such as login credentials or financial details, often by impersonating trusted entities. Phishing involves sending
deceptive emails, messages, or websites that appear legitimate to trick users into revealing sensitive information, such as
usernames, passwords, or financial details.

Examples: Phishing emails, fake websites, and text messages.

Impact: Phishing can lead to identity theft, financial fraud, and unauthorized access to online accounts.
4. Identity Theft: The unauthorized use of someone else's personal information, such as Social Security numbers,
financial account details, or credit card information, for fraudulent purposes, such as making unauthorized purchases or
opening fraudulent accounts.

5. Online Fraud: Engaging in fraudulent activities on the internet, including online shopping scams, auction fraud,
advance-fee fraud (e.g., Nigerian scams), and investment fraud.

6. Cyber Extortion: Demanding money or valuable assets from individuals or organizations in exchange for not disclosing
sensitive information or not launching cyberattacks against them. Ransomware attacks are a common form of cyber
extortion.

7. Data Breaches: Unauthorized access to and disclosure of sensitive data, including personal, financial, or corporate
information. Data breaches can result from hacking, insider threats, or security vulnerabilities.

Definition: Data breaches involve unauthorized access to sensitive data, often due to security vulnerabilities or insider
threats.

Examples: Hacked databases, accidental data leaks, and compromised user accounts.

Impact: Data breaches can result in the exposure of personal or corporate data, leading to identity theft, financial losses,
and legal consequences.

8. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks: Overloading a network, website, or
service with excessive traffic to render it inaccessible. DDoS attacks involve multiple compromised computers (botnets)
working together to flood the target.

DoS and DDoS attacks overwhelm a target system or network with excessive traffic, rendering it unavailable to users.

Examples: Flooding a website with traffic or using a botnet to launch a DDoS attack.

Impact: These attacks can disrupt online services, cause financial losses, and damage an organization's reputation.

9. Child Exploitation: The creation, distribution, or possession of child pornography or engaging in online grooming and
exploitation of minors.

10. Cyberbullying: Harassment, threats, or intimidation directed at individuals or groups through electronic
communication channels, such as social media, email, or messaging apps.

11. Corporate Espionage: Illegally obtaining sensitive business information, trade secrets, or intellectual property with
the intent to gain a competitive advantage or harm a competitor.

12. Cyberstalking: Repeated, intrusive, and often threatening online behavior directed at a specific individual or group,
causing emotional distress or fear.

13. Online Scams: Various online scams and frauds, such as lottery scams, romance scams, tech support scams, and
phishing schemes that aim to deceive individuals for financial gain.

14. Credit Card Fraud: Illegally using stolen or counterfeit credit card information to make unauthorized purchases or
withdrawals.

15. Cryptojacking: Illegally using other people's computing resources to mine cryptocurrencies without their consent,
often by infecting their computers with malware.
16. Copyright Infringement: Illegally distributing copyrighted materials, such as movies, music, software, or books,
without the permission of the copyright holder.

17. Hacking involves gaining unauthorized access to computer systems, networks, or devices to exploit vulnerabilities or
steal information.

Examples: Unauthorized system breaches, stealing login credentials, or defacing websites.

Impact: Hacking can result in data breaches, financial losses, and reputational damage

18. . Ransomware: is a type of malware that encrypts a victim's data, demanding a ransom for the decryption key.

Examples: WannaCry, Ryuk, and Maze ransomware.

Impact: Ransomware attacks can lead to data loss, financial extortion, and business disruptions.

19. . Social Engineering: techniques manipulate individuals into exposing confidential information or performing actions
that compromise security. Social engineering tactics exploit human psychology to manipulate individuals into performing
actions or exposing confidential information.

Examples: Pretexting, baiting, and tailgating.

Impact: Social engineering can lead to data breaches, unauthorized access, and financial losses.

20. . Online Scams: are fraudulent schemes designed to deceive individuals or organizations for financial gain.

Examples: Lottery scams, romance scams, and tech support scams.

Impact: Online scams can lead to financial loss and the theft of personal or sensitive information.

21.Internet of Things (IoT) Vulnerabilities:

Definition: IoT devices, such as smart home appliances and connected gadgets, can be vulnerable to attacks that
compromise user privacy and security.

Examples: Unauthorized access to IoT cameras, smart locks, or thermostats.

Impact: IoT vulnerabilities can result in privacy breaches and unauthorized control of connected devices.

These are just a few examples of the many types of cybercrimes that exist. Cybercriminals are continually devising new
techniques and schemes, making it essential for individuals and organizations to stay vigilant and adopt robust
cybersecurity measures to protect themselves from these threats. Additionally, laws and law enforcement efforts are
continually evolving to combat cybercrime effectively.
 Lesson 3: Tips to Protect Computerized Data
1. You are a target to hackers

Don't ever say, "It won't happen to me." We are all at risk and the stakes are high - both for your personal and financial
well-being and for the university's standing and reputation.

• Cybersecurity is everyone's responsibility.

• By following the tips below and remaining vigilant, you are doing your part to protect yourself and others.

2. Keep software up-to-date

Installing software updates for your operating system and programs is critical. Always install the latest security updates
for your devices:

• Turn on Automatic Updates for your operating system.

• Use web browsers such as Chrome or Firefox that receive frequent, automatic security updates.
• Make sure to keep browser plug-ins (Flash, Java, etc.) up-to-date

3. Avoid Phishing scams - beware of suspicious emails and phone calls

Phishing scams are a constant threat - using various social engineering(link is external) ploys, cyber-criminals will
attempt to trick you into divulging personal information such as your login ID and password, banking or credit card
information.
 • Phishing scams can be carried out by phone, text, or through social networking sites - but most commonly by
email.
• Be suspicious of any official-looking email message or phone call that asks for personal or financial information.

Check out our Phishing Resources section for details about identifying phishing scams and protecting yourself.

4. Practice good password management

We all have too many passwords to manage - and it's easy to take short-cuts, like reusing the same password. A
password manager can help you to maintain strong unique passwords for all of your accounts. These programs can
generate strong passwords for you, enter credentials automatically, and remind you to update your passwords
periodically. UC Berkeley offers free LastPass Premium(link is external) to all users with a CalNet ID.

Our Protecting Your Credentials how-to article contains detailed recommendations for keeping your password safe.

5. Be careful what you click

Avoid visiting unknown websites or downloading software from untrusted sources. These sites often host malware that
will automatically install (often silently) and compromise your computer.

If attachments or links in the email are unexpected or suspicious for any reason, don't click on it.

ISO recommends using Click-to-Play(link is external) or NoScript(link is external), browser add-on features that prevent
the automatic download of plug-in content (e.g., Java, Flash) and scripts that can harbor malicious code.

6. Never leave devices unattended

The physical security of your devices is just as important as their technical security.

• If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it.
• If you keep protected data on a flash drive or external hard drive, make sure their encrypted and locked up as
well.
• For desktop computers, lock your screen or shut-down the system when not in use.

7. Safeguard Protected Data

Be aware of Protected Data that you come into contact with and its associated restrictions. Review the UCB Data
Classification Standard to understand data protection level requirements. In general:

• Keep high-level Protected Data (e.g., SSN's, credit card information, student records, health information, etc.)
off of your workstation, laptop, or mobile devices.
• Securely remove sensitive data files from your system when they are no longer needed.
• Always use encryption when storing or transmitting sensitive data.

Unsure of how to store or handle sensitive data? Email us at security@berkeley.edu(link sends e-mail).

8. Use mobile devices safely

Considering how much we rely on our mobile devices and how susceptible they are to attack, you'll want to make sure
you are protected:
 • Lock your device with a PIN or password - and never leave it unprotected in public.
• Only install apps from trusted sources (Apple AppStore, Google Play).
• Keep the device's operating system up-to-date.
• Don't click on links or attachments from unsolicited emails or texts.
• Avoid transmitting or storing personal information on the device.
• Most handheld devices are capable of employing data encryption - consult your device's documentation for
available options.
• Use Apple's Find my iPhone(link is external) or the Android Device Manager(link is external) tools to help
prevent loss or theft.

9. Install antivirus/anti-malware protection

Only install these programs from a known and trusted source. Keep virus definitions, engines and software up-to-date to
ensure your programs remains effective.

10. Back up regularly - if you are a victim of a security incident, the only guaranteed way to repair your computer is to
erase and re-install the system.

11. Public Wi-Fi. Even though it may be hard while traveling, you shouldn't connect to unsecured Wi-Fi networks. Aside
from Wi-Fi network security lacking in most cases, some of them may not even be real. If you go to a public spot and
see "Free Public Wi-Fi" show up on your phone, the unsecured wireless network may actually be from a nearby laptop
or smartphone that is attempting to connect to other devices to steal personal information. Ideally, you should only
connect to known, trusted SSIDs and authenticated access points. Use 4G or LTE on your device when you can if you're
out and about, or even a Wi-Fi hotspot aggregator.

12. Stay alert to hoaxes and impersonators. There's no shortage of scams and impersonators, especially on the
internet. For example, virus hoaxes can give you a false warning about a computer virus. In this example, a warning
may arrive in an email with a message about a virus, prompting you to click a link that takes you to a website that will
end up harming your computer. Other scams may try to steal enough of your personal information so they can steal your
identity, which can affect numerous things such as your credit report.
LESSON 4 Network security tools and techniques designed to help you do just that:

1. Access control
If threat actors can’t access your network, the amount of damage they’ll be able to do will be extremely
limited. But in addition to preventing unauthorized access, be aware that even authorized users can also
be potential threats. Access control allows you to increase your network security by limiting user access
and resources to only the parts of the network that directly apply to individual users’ responsibilities.
2. Anti-malware software
Malware, in the form of viruses, trojans, worms, keyloggers, spyware, and so on, is designed to spread
through computer systems and infect networks. Anti-malware tools are a kind of network security
software designed to identify dangerous programs and prevent them from spreading. Anti-malware and
antivirus software may also be able to help resolve malware infections, minimizing the damage to the
network.
3. Anomaly detection
It can be difficult to identify anomalies in your network without a baseline understanding of how that
network should be operating. Network anomaly detection engines (ADE) allow you to analyze your
network so that when breaches occur, you’ll be alerted to them quickly enough to be able to respond.
4. Application security
For many attackers, applications are a defensive vulnerability that can be exploited. Application security
helps establish security parameters for any applications that may be relevant to your network security.
5. Data loss prevention (DLP)
Often, the weakest link in network security is the human element. DLP technologies and policies help
protect staff and other users from misusing and possibly compromising sensitive data or allowing said
data out of the network.
6. Email security
As with DLP, email security is focused on shoring up human-related security weaknesses. Via phishing
strategies (which are often very complex and convincing), attackers persuade email recipients to share
sensitive information via desktop or mobile device, or inadvertently download malware into the targeted
network. Email security helps identify dangerous emails and can also be used to block attacks and
prevent the sharing of vital data.
7. Endpoint security
The business world is becoming increasingly bring your own device (BYOD), to the point where the
distinction between personal and business computer devices is almost nonexistent. Unfortunately,
 sometimes personal devices become targets when users rely on them to access business networks.
Endpoint security adds a layer of defense between remote devices and business networks.
8. Firewalls
Firewalls function much like gates that can be used to secure the borders between your network and the
internet. Firewalls are used to manage network traffic, allowing authorized traffic through while blocking
access to non-authorized traffic.
9. Intrusion prevention systems
Intrusion prevention systems (also called intrusion detection) constantly scan and analyze network
traffic/packets, so that different types of attacks can be identified and responded to quickly. These
systems often keep a database of known attack methods, so as to be able to recognize threats
immediately.
10. Network segmentation
There are many kinds of network traffic, each associated with different security risks. Network
segmentation allows you to grant the right access to the right traffic while restricting traffic from
suspicious sources.
11. Security information and event management (SIEM)
Sometimes simply pulling together the right information from so many different tools and resources can
be prohibitively difficult — particularly when time is an issue. SIEM tools and software give responders
the data they need to act quickly.
12. Virtual private network (VPN)
VPN security tools are used to authenticate communication between secure networks and an endpoint
device. Remote-access VPNs generally use IPsec or Secure Sockets Layer (SSL) for authentication,
creating an encrypted line to block other parties from eavesdropping.
13. Web security
Including security tools, hardware, policies and more, web security is a blanket term to describe the
network security measures businesses take to ensure safe web use when connected to an internal
network. This helps prevent web-based threats from using browsers as access points to get into the
network.
14. Wireless security
Generally speaking, wireless networks are less secure than traditional networks. Thus, strict wireless
security measures are necessary to ensure that threat actors aren’t gaining access.

LESSON 5 Cyber Crime Investigation Techniques

 Activities that a computer crime investigator performs include recovering file systems of hacked computers, acquiring data
that can be used as evidence to prosecute crimes, writing reports for use in legal proceedings, and testifying in court
hearings. Cyber crime investigationExternal link:open_in_new techniques include:

• Performing background checks: Establishing the when, where, and who of a crime sets the stage for an
investigation. This technique uses public and private records and databases to find out the backgrounds of
individuals potentially involved in a crime.
• Gathering information: This technique is one of the most critical in cyber crime investigations. Here, investigators
ask questions such as: What evidence can be found? What level of access to sources do we have to gather the
evidence? The answers to these and other questions provide the foundation for a successful investigation.
• Running digital forensics: Cyber crime investigators use their digital and technology skills to conduct forensics,
which involves the use of technology and scientific methods to collect, preserve, and analyze evidence throughout
an investigation. Forensic data can be used to support evidence or confirm a suspect’s involvement in a crime.
• Tracking the authors of a cyber crime: With information about a crime in hand, cyber crime investigators work with
internet service providers and telecommunications and network companies to see which websites and protocols
were used in the crime. This technique is also useful for monitoring future activities through digital surveillance.
Investigators must seek permission to conduct these types of activities through court orders.

Defining Cyber Crime Investigations

But what does a cyber crime investigation entail? In simple terms, it involves the process of:
• Identifying, analyzing, and tracking digital evidence to uncover the perpetrators and their motives.
• Learning about the case and assessing the situation.
• Conducting the initial investigation.
• Identifying potential evidence.
• Securing devices.
• Obtaining court orders.
• Analyzing results with the prosecutor.

The Investigation Process

Let’s examine the investigation process in detail. The preliminary procedures involve:

• Evaluating the situation

• Carrying out an initial inquiry
• Identifying potential evidence
• Securing devices
• Obtaining requisite court orders
• Thoroughly analyzing the gathered information
• It’s akin to piecing together a complex puzzle, requiring meticulous attention to detail and analytical prowess.

Investigative Tools and Techniques

• Digital Forensics

Digital forensics is like the DNA analysis of the cyber world, playing a pivotal role in investigating cyber crimes, preventing
data breaches, and aiding law enforcement in locating perpetrators. It involves the identification, preservation, analysis, and
documentation of digital evidence for use in court. Electronic data such as computer documents, emails, text and instant
messages, transactions, images, and internet histories from the devices involved in the crime are collected as part of digital
evidence. Preserving this evidence involves safeguarding the device’s current state, properly shutting down the device, and
duplicating all pertinent data storage devices to uphold evidence integrity. The evidence is then analyzed using digital
forensics methodologies, drive imaging, and comprehensive network analysis tools.

• Tracking Malicious Software

Tracking malicious software, or malware, is a key technique in cyber crime investigations. It helps identify the source
and distribution of malware, aiding in the identification and prosecution of cyber criminals. Techniques employed for
monitoring malicious software include:

• Digital forensics software such as EnCase, FTK, and Autopsy

• Network analysis tools for monitoring network traffic
• Malware detection methods to identify, block, and mitigate the detrimental impacts of malware.

The path of malware in a cyber attack is traced utilizing dynamic malware analysis in a sandbox environment and by
conducting computer forensics investigations. This allows investigators to connect the dots, linking digital activities to physical
evidence of criminal activity.

• Analyzing Financial Transactions

Financial transaction analysis in cyber crime investigations is another vital tool. It encompasses the identification of
fraudulent cyber activities, estimation of financial losses, and the use of various tools and methods to analyze suspicious
financial transactions. Various methodologies are employed for this analysis, such as forensic analysis, transaction monitoring
techniques, network analysis, machine learning, and data mining.

Financial transactions analyzed in cyber crime investigations encompass trafficking of stolen financial data, money
laundering, and other related cybercrimes. Financial transaction analysis is utilized for tracking cyber criminals through
various techniques including tracking Bitcoin transactions, employing supervised techniques with fraud prediction models,
reviewing and analyzing financial transactions to identify potential fraud, leveraging blockchain analytics tools for
investigation, and conducting cryptocurrency forensics on the blockchain.

REFERENCE:

https://www.scientificworldinfo.com/2021/06/importance-of-computer-in-human-life.html

https://www.techtarget.com/whatis/10-Tips-to-Keep-Personal-Data-Safe-and-Secure

https://blog.gigamon.com/2019/06/13/what-is-network-security-14-tools-and-techniques-to-know
 MODULE 3 Internet as tool in Committing Cybercrime
The Internet has transformed the way people live, how organizations operate, and the pace at which
countries develop and thrive. Virtually connecting people anywhere in the world has made remote
work, distance learning, e-commerce, telemedicine, and online banking, among others, possible.
This has created a huge opportunity for nations to take a new development path. Countries that took
advantage of technology, especially the Internet, have leapfrogged development. Global
superpowers are now defined by how much they are able to harness the power of technology.
Meanwhile, nations that are not equipped to use technology are lagging behind. The pervasiveness
of the Internet has created the digital economy, where every link in the value chain is mostly driven
by digital platforms. The shift from digitization—the process of converting analog to digital formats
(IBM, n.d.-b)—to digitalization—the use of digital tools to change business processes that can result
in new business models and social change—has led to a transformation unlike anything the world
has seen before. This digital transformation was further accelerated by the COVID-19 pandemic,
which forced the whole world to impose lockdown restrictions and conduct everyday activities
remotely.

In this world of “everything from home,” digitalization has increased the risks for different forms of
cyberattacks. Vulnerabilities in the systems of online platforms provide opportunities to target
individual users, organizations, and institutions. Data leakages1 /ransomware (Chuan, 2020) and e-
commerce2 fraud (Cayon, 2020) are just some of the digital crimes that have increased during the
pandemic. These online risks may not be sufficient to deter the demand for the digital shift. However,
the pressure to transition without a sufficient understanding of the dangers involved decreases the
opportunities to mitigate those risks, endangering those who are supposed to be empowered and
benefitted by the next phase in the digital age.

OBJECTIVES

Explain how internet works and used in committing cybercrime

Lesson 1 History of Internet

1. Sputnik Launch: In 1957, the Soviet Union launched Sputnik-1, the first artificial satellite,
into orbit during the Cold War, demonstrating their technological superiority and catching the
U.S. government by surprise.
2. Response by the U.S. Government: The perceived technology gap prompted the U.S.
government to take action, leading to the establishment of the Defense Advanced Research
Projects Agency (DARPA) in 1958.
3. ARPANET Development: DARPA initiated the development of the Advanced Research
Projects Agency Network (ARPANET) as a response to the need for improved communication
among Pentagon-funded research institutions. ARPANET aimed to create a decentralized
network without a single point of failure, reflecting the military's desire for a robust command-
and-control network.
4. Decentralized Design: The design of ARPANET emphasized decentralization and
distributed architecture, ensuring resilience against enemy attacks. This design philosophy
laid the foundation for the internet as we know it today, which operates on similar principles
of decentralization and resilience.
 What is internet?

How Internet Works?

How the internet works?

1. Devices: Devices such as computers, smartphones, tablets, servers, routers, and switches connect to the internet via various
means, including wired (e.g., Ethernet cables) and wireless (e.g., Wi-Fi, cellular) connections.
2. IP Addressing: Each device on the internet is assigned a unique identifier called an IP (Internet Protocol) address. IP addresses
facilitate the routing of data packets across the network, allowing devices to communicate with each other.
3. Data Transmission: When a user sends data (e.g., a request to access a website) from their device, it is broken down into
smaller packets of information. These packets travel across the internet, passing through various routers and switches, which
forward them to their destination based on IP addresses.
4. Protocols: The internet operates using a set of standardized protocols, such as TCP/IP (Transmission Control Protocol/Internet
Protocol), HTTP (Hypertext Transfer Protocol), HTTPS (HTTP Secure), FTP (File Transfer Protocol), SMTP (Simple Mail Transfer
Protocol), and others. These protocols govern how data is transmitted, received, and interpreted by devices.
5. Servers and Clients: Internet services, websites, and applications are hosted on servers, which store and serve content to users'
devices (clients) upon request. Clients access these services using web browsers, email clients, FTP clients, or other software
applications.