CYBER CRIME

Table of Contents

◦Definitions
◦Introduction
◦Classification
◦Challenges & Preventions
◦Cyber Law
◦IT ACT 2008
CYBER CRIME
◦ Cybercrime is any criminal activity that involves a computer, network or networked device.
◦ Most cybercrime is committed by cybercriminals or hackers who want to make money. However, occasionally
cybercrime aims to damage computers or networks for reasons other than profit. These could be political or
personal.
◦ Cybercrimes- These crimes are illegal activities that occur on networked technology devices. These crimes include
online and network attacks, blackmail, harassment, money laundering, and hacking.
◦ Two main ways to classify cybercrime.
◦ 1. The Computer as a Target: - Use your computer to attack other computers. e.g., Hacking, Virus/Worm attacks,
DOS attack etc.
◦ 2. The computer as a weapon: - Use your computer to commit real-world crimes e.g., Cyber Terrorism, IPR
violations, Credit card frauds, EFT frauds, Pornography etc.
◦ The U.S. Department of Justice (DOJ) divides cybercrime into the following three categories:
◦ Crimes in which the computing device is the target -- for example, to gain network access.
◦ Crimes in which the computer is used as a weapon -- for example, to launch a denial-of-service (DoS) attack.
◦ Crimes in which the computer is used as an accessory to a crime -- for example, using a computer to store illegally
obtained data.
 Definition of various terms used in Information Security
◦ Cryptography (RFC 2828): The mathematical science that deals with transforming data to render its meaning
unintelligible (i.e., to hide its semantic content), prevent its undetected alteration, or prevent its unauthorized
use.
◦ The discipline which embodies principles, means, and methods for the transformation of data in order to hide
its information content, prevent its undetected modification and/or prevent its unauthorized use.
Cryptography determines the methods used in encipherment and decipherment.
◦ Vulnerability (RFC 2828): A flaw or weakness in a system's design, implementation, or operation and
management that could be exploited to violate the system's security policy.
◦ Threat (RFC 2828): A potential for violation of security, which exists when there is a circumstance, capability,
action, or event that could breach security and cause harm. That is, a threat is a possible danger that might
exploit a vulnerability.
◦ A threat is a possible danger that might exploit a vulnerability. A threat can be either "intentional" (i.e.,
intelligent; e.g., an individual cracker or a criminal organization) or "accidental" (e.g., the possibility of a
computer malfunctioning, or the possibility of an "act of God" such as an earthquake, a fire, or a tornado).
Definition of various terms used in Information Security
◦ Attack (RFC 2828): An assault on system security that derives from an intelligent threat; that is, an
intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade
security services and violate the security policy of a system.
◦ Active vs. passive: An "active attack" attempts to alter system resources or affect their operation. A
"passive attack" attempts to learn or make use of information from the system but does not affect system
resources. (E.g., see: wiretapping.)
◦ Insider vs. outsider: An "inside attack" is an attack initiated by an entity inside the security perimeter (an
"insider"), i.e., an entity that is authorized to access system resources but uses them in a way not approved
by those who granted the authorization. An "outside attack" is initiated from outside the perimeter, by an
unauthorized or illegitimate user of the system (an "outsider"). In the Internet, potential outside attackers
range from amateur pranksters to organized criminals, international terrorists, and hostile governments.
◦ Security Attack: Any action that compromises the security of information owned by an organization.
Encryption: The process of translating plain text data (plaintext) into something that appears to be
random and meaningless (ciphertext) is known as enciphering or encryption.
Decryption: The process of converting ciphertext back to plaintext or restoring the plaintext from the
ciphertext is deciphering or decryption
 Cybercriminals
◦ A cybercriminal is a person who conducts some form of illegal activity using computers or other digital technology
such as the Internet. The criminal may use computer expertise, knowledge of human behavior, and a variety of tools
and services to achieve his or her goal. The kinds of crimes a cybercriminal may be involved in can include hacking,
identity theft, online scams and fraud, creating and disseminating malware, or attacks on computer systems and
sites. The core factor of what makes a crime a cybercrime is that it’s directed at a computer or other devices and/or
these technologies are used to commit the crime.
◦ Cybercriminals are individuals or teams of people who use technology to commit malicious activities on digital
systems or networks with the intention of stealing sensitive company information or personal data, and generating
profit.
◦ Cybercriminals are known to access the cybercriminal underground markets found in the deep web to trade
malicious goods and services, such as hacking tools and stolen data. Cybercriminal underground markets are
known to specialize in certain products or services.
◦ Laws related to cybercrime continue to evolve across various countries worldwide. Law enforcement agencies are
also continually challenged when it comes to finding, arresting, charging, and proving cybercrimes.
 Types of Cyber Criminals
◦ 1. Hackers: The term hacker may refer to anyone with technical skills, however, it typically refers to an individual who uses
his or her skills to achieve unauthorized access to systems or networks so as to commit crimes. The intent of the burglary
determines the classification of those attackers as white, grey, or black hats. White hat attackers burgled networks or PC
systems to get weaknesses so as to boost the protection of those systems. The owners of the system offer permission to
perform the burglary, and they receive the results of the take a look at. On the opposite hand, black hat attackers make the
most of any vulnerability for embezzled personal, monetary or political gain. Grey hat attackers are somewhere between
white and black hat attackers. Grey hat attackers could notice a vulnerability and report it to the owners of the system if that
action coincides with their agenda.
◦ (a). White Hat Hackers – These hackers utilize their programming aptitudes for a good and lawful reason. These hackers
may perform network penetration tests in an attempt to compromise networks to discover network vulnerabilities. Security
vulnerabilities are then reported to developers to fix them and these hackers can also work together as a blue team. They
always use the limited amount of resources which are ethical and provided by the company, they basically perform
pentesting only to check the security of the company from external sources.
◦ (b). Gray Hat Hackers – These hackers carry out violations and do seemingly deceptive things however not for individual
addition or to cause harm. These hackers may disclose a vulnerability to the affected organization after having compromised
their network and they may exploit it .
◦ (c). Black Hat Hackers – These hackers are unethical criminals who violate network security for personal gain. They misuse
vulnerabilities to bargain PC frameworks. theses hackers always exploit the information or any data they got from the
unethical pen testing of the network.
 Types of Cyber Criminals
2. Organized Hackers: These criminals embody organizations of cyber criminals, hacktivists, terrorists,
and state-sponsored hackers. Cyber criminals are typically teams of skilled criminals targeted on control,
power, and wealth. These criminals are extremely subtle and organized, and should even give crime as a
service. These attackers are usually profoundly prepared and well-funded.
3. Internet stalkers: Internet stalkers are people who maliciously monitor the web activity of their victims
to acquire personal data. This type of cyber crime is conducted through the use of social networking
platforms and malware, that are able to track an individual’s PC activity with little or no detection.
4. Disgruntled Employees: Disgruntled employees become hackers with a particular motive and also
commit cyber crimes. It is hard to believe that dissatisfied employees can become such malicious
hackers. In the previous time, they had the only option of going on strike against employers. But with the
advancement of technology there is increased in work on computers and the automation of processes, it
is simple for disgruntled employees to do more damage to their employers and organization by
committing cyber crimes. The attacks by such employees brings the entire system down.
 Types of cybercrime
◦ Email and internet fraud.
◦ Identity fraud (where personal information is stolen and used).
◦ Theft of financial or card payment data.
◦ Theft and sale of corporate data.
◦ Cyberextortion (demanding money to prevent a threatened attack).
◦ Ransomware attacks (a type of cyberextortion).
◦ Cryptojacking (where hackers mine cryptocurrency using resources they do not own).
◦ Cyberespionage (where hackers access government or company data).
◦ Interfering with systems in a way that compromises a network.
◦ Infringing copyright.
◦ Illegal gambling.
◦ Selling illegal items online.
◦ Soliciting, producing, or possessing child pornography.
CLASSIFICATION
 3.2.1. Organization

a. Email Bombing
b. Salami Attack
c. Logic Bomb
d. Trojan Horse
e. Web Jacking
f. Data diddling
g. Denial of Service/ Distributed Denial of Service
h. Ransomware
◦ Email bombing is a form of cyber crime consisting of sending huge volumes of email to an address in order
to overflow the mailbox or overwhelm the server where the email address is hosted. This results in the server
crashing there by disrupting the website or web portal and its online functioning.
◦ Salami attack is a cybercrime that attackers typically use to commit financial crimes. A salami attack is a type
of cybercrime that involves the theft of small amounts of money from a large number of accounts, often over a
long period of time. It is named after the method of slicing thin slices of salami, as the thief is able to steal
small amounts of money from many accounts without being noticed.
◦ A logic bomb is a type of malicious code embedded in software that remains dormant until specific
conditions are met. When triggered, a logic bomb virus execut
◦ A Trojan Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program.
The delivery method typically sees an attacker use social engineering to hide malicious code within legitimate
software to try and gain users' system access with their software.es a destructive action, such as deleting files
or disrupting critical systems.
◦ Illegally seeking control of a website by taking over a domain is known as Web Jacking. In web jacking attack
method hackers compromises with the domain name system (DNS) that resolves website URL to IP
address but the actual website is never touched. Web jacking attack method is another type of social
engineering phishing attack where an attacker create a fake web page of victim website and send it to the
victim and when a victim click on that link, a message display on the browser “the site abc.com has move on
another address.
◦ Data diddling, also known as data manipulation, is a form of cybercrime where unauthorized
modifications or alterations are made to data in order to deceive or gain an advantage. It
involves tampering with data in a way that may go undetected, resulting in fraudulent or
misleading information.
◦ A denial-of-service (DoS) attack is a type of cyber attack in which a malicious actor aims to
render a computer or other device unavailable to its intended users by interrupting the
device's normal functioning.
◦ DDoS Attack means "Distributed Denial-of-Service (DDoS) Attack" and it is a cybercrime in
which the attacker floods a server with internet traffic to prevent users from accessing
connected online services and sites.
◦ Ransomware is a type of malware that prevents you from accessing your computer (or the
data that is stored on it). The computer itself may become locked, or the data on it might be
stolen, deleted or encrypted. Ransomware is a type of malware that locks and encrypts a
victim's data, files, devices or systems, rendering them inaccessible and unusable until the
attacker receives a ransom payment. The first iterations of ransomware used only encryption to
prevent victims from accessing their files and systems.
 3.2.2. Individual
a. Cyber bullying
b. Cyber stalking
c. Cyber defamation
d. Phishing
e. Cyber fraud and Cyber theft
f. Spyware
g. Email spoofing
h. Man in the middle attack
◦ Cyberbullying (sometimes referred to as online bullying), by definition, is the practice of using digital
technology, such as a phone, tablet, gaming console, or computer, to bully another person (or people)
via email, direct messaging platforms, social media, audio and video platforms, or text messaging.
Cyberbullying may involve harassment and stalking, which are illegal in certain jurisdictions. Criminals
can also employ cyberbullying for the purpose of extracting information or money from their target.
◦ Cyberstalking is when someone uses electronic communication, social media, and other technology to
commit crimes. It is defined as the use of email, direct messaging, or other electronic means to harass,
scare, or threaten someone with physical harm.
◦ Cyber Defamation is the act of publishing false or defamatory statements about an individual or
organization on the internet. It can include statements made on social media, forums, blogs, or any
other online platform.
What is cyber defamation according to IPC 499?---Whoever, by words either spoken or intended to be
read, or by signs or by visible representations, makes or publishes any imputation concerning any person
intending to harm, or knowing or having reason to believe that such imputation will harm, the reputation
of such person, is said, except in the cases hereinafter ...
o Phishing attacks are the practice of sending fraudulent communications that appear to come from a
reputable source. It is usually done through email. The goal is to steal sensitive data like credit card and
login information, or to install malware on the victim's machine.
◦ Cybertheft occurs when a criminal uses the internet to steal the personal or financial data of a victim
with the intent to use that information for criminal purposes. Cybertheft can happen to anyone or any
business.
◦ Spyware is malicious software that enters a user's computer, gathers data from the device and user, and
sends it to third parties without their consent. A commonly accepted spyware definition is a strand of
malware designed to access and damage a device without the user's consent.
◦ Email spoofing is a threat that involves sending email messages with a fake sender address. Email
protocols cannot, on their own, authenticate the source of an email. Therefore, it is relatively easy for a
spammer or other malicious actors to change the metadata of an email.
◦ Man-in-the-middle or MitM, an attacker breaks in between two parties, such as an individual computer
user and his financial institution. Depending on the details of the actual attack, this type of attack can be
more accurately classified as a man-in-the-browser attack, a monster-in-the-middle attack, or a machine-
in-the-middle attack. Sometimes called a eavesdropping attack. An attacker can filter and steal data as
soon as the traffic is interrupted.
 3.2.3. Society
a. Cyber pornography
b. Cyber terrorism c. cyber spying
d. Social Engineering Attack
e. Online gambling
◦ Pornography literally means, Writings, pictures or films designed to be sexually exciting. Developing, distributing
and propagating the same over the Internet is termed as cyber Pornography. This would include pornographic Web
sites, pornographic magazines produced using computers to publish and print the material and the Internet to
download and transmit pornographic pictures, photos, writings, etc. In recent times, there have been innumerable
instances of promotion of pornography through the use of computers. Information technology has made it much
easier to create and distribute pornographic materials through the Internet; such materials can be transmitted all over
the world in a matter of seconds.
◦ Two primary reasons why cyber pornography has, in recent years, gathered much attention of both the offender and
user, are: (a) Easy accessibility; (b) Anonymity.
◦ Cyber terrorism -Unlawful attacks and threats of attack against computers, networks, and the information stored
therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.”
◦ Cyber espionage, or cyber spying, is a type of cyberattack in which an unauthorized user attempts to access sensitive
or classified data or intellectual property (IP) for economic gain, competitive advantage or political reasons.
◦ Social engineering threat, an attacker uses human emotion (usually fear and urgency) to trick the target into
performing an action, such as sending the attacker money, divulging sensitive customer information, or disclosing
authentication credentials.
◦ If the players are attracted to the game just due to prize money, it is considered illegal. In virtual platforms, any game
of skill played for the purpose of gaining money would not be legal, even though it would be legal in physical world.
Gaming sites cannot join the winning hands as it would promote online gambling.
 3.2.4. Property
a. Credit Card Fraud
b. Software Piracy
c. Copyright infringement
d. Trademarks violations
◦ Credit card fraud in cybercrime refers to the use of technology and the internet to commit fraudulent
activities using stolen credit card information. This can include online purchases, data breaches, phishing
scams, and more.
◦ Software piracy is the unauthorized use of legally protected software, which includes stealing, copying,
distributing, modifying or selling the software. Copyright laws were originally put into place so that
people who develop software (programmers, writers, graphic artists, etc.)
◦ In some jurisdictions, cybercrime-related copyright infringement may be considered a criminal offense,
with penalties ranging from fines to imprisonment. Criminal sanctions can act as a strong deterrent to
potential infringers and demonstrate a commitment to protecting intellectual property rights.
◦ What is trademark violation?-The action of purchasing a domain name in bad faith and attempting to
profit from the others identity is known as cybersquatting, and is often the main source for infringement.
◦ Trademark infringement is the unauthorized use of a trademark or service mark on or in connection with
goods and/or services in a manner that is likely to cause confusion, deception, or mistake about the
source of the goods and/or services.
 Challenges of Cyber Crime
◦ People are unaware of their cyber rights-The Cybercrime usually happen with illiterate people around the world who
are unaware about their cyber rights implemented by the government of that particular country.
◦ Anonymity-Those who Commit cyber crime are anonymous for us so we cannot do anything to that person.
◦ Less numbers of case registered-Every country in the world faces the challenge of cyber crime and the rate of cyber
crime is increasing day by day because the people who even don’t register a case of cyber crime and this is major
challenge for us as well as for authorities as well.
◦ Mostly committed by well educated people-Committing a cyber crime is not a cup of tea for every individual. The
person who commits cyber crime is a very technical person so he knows how to commit the crime and not get caught by
the authorities.
◦ No harsh punishment- Cyber crime there is no harsh punishment in every cases. But there is harsh punishment in some
cases like when somebody commits cyber terrorism in that case there is harsh punishment for that individual. But in other
cases there is no harsh punishment so this factor also gives encouragement to that person who commits cyber crime.
 How to protect yourself against cybercrime
◦ Keep software and operating system updated
◦ Use anti-virus software and keep it updated
◦ Use strong passwords
◦ Never open attachments in spam emails
◦ Do not click on links in spam emails or untrusted websites
◦ Do not give out personal information unless secure
◦ Contact companies directly about suspicious requests
◦ Be mindful of which website URLs you visit
◦ Keep an eye on your bank statements
 Prevention of Cyber Crime
◦ Use strong password – Maintain different password and username combinations for each account and resist the
temptation to write them down. Weak passwords can be easily cracked using certain attacking methods like Brute force
attack, Rainbow table attack etc, So make them complex. That means combination of letters, numbers and special
characters.
◦ Use trusted antivirus in devices –Always use trustworthy and highly advanced antivirus software in mobile and
personal computers. This leads to the prevention of different virus attack on devices.
◦ Keep social media private –Always keep your social media accounts data privacy only to your friends. Also make sure
only to make friends who are known to you.
◦ Keep your device software updated –Whenever you get the updates of the system software update it at the same
time because sometimes the previous version can be easily attacked.
◦ Use secure network –Public Wi-Fi are vulnerable. Avoid conducting financial or corporate transactions on these
networks.
◦ Never open attachments in spam emails –A computer get infected by malware attacks and other forms of
cybercrime is via email attachments in spam emails. Never open an attachment from a sender you do not know.
◦ Software should be updated – Operating system should be updated regularly when it comes to internet security. This
can become a potential threat when cybercriminals exploit flaws in the system.
CYBER LAW
◦ Cyber Laws: Cyber crimes are anew class of crimes which are increasing day by day due
to extensive use of internet these days. To combat the crimes related to internet The
Information Technology Act, 2000 was enacted with prime objective to create an
enabling environment for commercial use of I.T. The IT Act specifies the acts which have
been made punishable. The Indian Penal Code, 1860 has also been amended to take
into its purview cyber crimes.
◦ Cyber law (also referred to as cyberlaw) or IT Law is a term used to describe the legal
issues related to use of communications technology, particularly "cyberspace", i.e., the
Internet. It is related to legal informatics and monitors the digital flow of information,
software, information security, and e-commerce. ... Intellectual Property is a key element
of IT law.
◦ Cyber law includes aspects of intellectual property, contracts, jurisdiction, data
protection law, privacy and freedom of expression. It directs the digital circulation of
software, information, online security, and e-commerce. In the field of cyber law, legal
approval of electronic documents is provided. It also creates e-commerce transaction
and filling structures.er crimes.
The Importance of Cyber Law
◦ It dictates all actions and reactions in Cyberspace.
◦ All online transactions are ensured to be safe and protected
◦ All online activities are under watch by the Cyber law officials.
◦ Security for all data and property of individuals, organizations, and Government
◦ Helps curb illegal cyber activities with due diligence
◦ All actions and reactions implemented on any cyberspace has some legal angle associated with it
◦ Keeps track of all electronic records
◦ Helps to establish electronic governance
◦ The Information Technology Amendment Act of 2008 (IT Act 2008) is a substantial
addition to the Information Technology Act of India (ITA2000). The IT Amendment Act
was passed by the Parliament of India in October 2008 and came into effect a year
later. This law is governed by the Indian Computer Emergency Response Team (CERT-
In).
◦ The original Act was developed to promote the IT industry, regulate e-commerce,
facilitate e-governance and prevent cybercrime. The Amendment was created to
address issues not covered by the original bill and to reflect the security concerns
associated with the evolution of IT since the original bill was passed. The Act also
sought to foster security practices within India that would serve the country in a global
context.
◦ The various offenses related to internet which have been made punishable under the IT Act and the IPC are enumerated below:
1.Cyber crimes under the IT Act:

1. Tampering with Computer source documents - Sec.65

2. Hacking with Computer systems, Data alteration - Sec.66
3. Publishing obscene information - Sec.67
4. Un-authorised access to protected system Sec.70
5. Breach of Confidentiality and Privacy - Sec.72
6. Publishing false digital signature certificates - Sec.73

2.Cyber Crimes under IPC and Special Laws:

1. Sending threatening messages by email - Sec 503 IPC

2. Sending defamatory messages by email - Sec 499 IPC
3. Forgery of electronic records - Sec 463 IPC
4. Bogus websites, cyber frauds - Sec 420 IPC
5. Email spoofing - Sec 463 IPC
6. Web-Jacking - Sec. 383 IPC
7. E-Mail Abuse - Sec.500 IPC

3.Cyber Crimes under the Special Acts:

1. Online sale of Drugs under Narcotic Drugs and Psychotropic Substances Act
2. Online sale of Arms Act
 IT ACT
◦2000
◦(AMENDED) ACT, 2008