CYBER

SECURITY
MODULE – 2
Cybercrime and Cyber law: Classification of cybercrimes, Common cybercrimes -
cybercrime targeting computers and mobiles, cybercrime against women and children,
financial frauds, social engineering attacks, malware and ransomware attacks, zero day
and zero click attacks, Cyber criminals modus-operandi, Reporting of cybercrimes,
Remedial and mitigation measures, Legal perspective of cybercrime, IT Act 2000 and its
amendments, Cybercrime and offences, Organisations dealing with Cybercrime and
Cyber security in India, Case studies.

Cyber Crime
Any criminal activity carried out over the internet is referred to as cybercrime. Cybercrimes are crimes
that involve criminal activities done through cyberspace by devices connected to the internet. At times,
cybercrimes are also called
„computer crimes.‟ Most cybercriminals commit cybercrimes with mainly three motives- monetary,
personal, or political.
The first incident of cybercrime was documented in 1973. A computer was used by a teller at a New
York bank to pilfer over two million dollars. The first email spam was sent in 1978.
Though cybercrimes do not physically affect anyone, they tend to seriously harm the reputation,
finances, and privacy of the targeted persons. Further, another crucial characteristic of cybercrimes is the
determination of jurisdiction. Since the identity of the cybercriminal can be completely erased and
mostly stays concealed in cyberspace, it is very difficult to identify him/ her.
As far as India is concerned, the term cybercrime is not defined under any legal provision. However,
different types of cybercrimes are illustrated under the Information Technology Act, 2000. Further,
certain provisions of the Indian Penal Code, 1860 (hereinafter referred to as „the IPC‟) are applicable
to various cybercrimes also. These cybercrimes- related legal provisions under the IT Act and IPC
apply to different types of cybercrimes, though their specific names are not mentioned therewith.
Meaning of Cyber Crime:
Cybercrime refers to criminal conduct committed with the aid of a computer or other electronic
equipment connected to the internet. Individuals or small groups of people with little technical
knowledge and highly organized worldwide criminal groups with relatively talented developers and
specialists can engage in cybercrime.
Cybercriminals or hackers who want to generate money, commit a majority of cybercrimes.
Individuals and organizations are both involved in cybercrime. Aside from that, cybercriminals might
utilize computers or networks tosend viruses, malware, pornographic material, and other unlawful data.
To make money, cybercriminals engage in a range of profit-driven criminal acts, including stealing
and reselling identities, gaining access to financial accounts, and fraudulently utilizing credit cards to
obtain funds.
Classification of cyber crimes
Cybercrimes can be classified under three heads, depending on the groups they are targeted.They are:

A. Cybercrimes against individuals,

B. Cybercrimes against organizations, and

C. Cybercrimes against society at large.

A. Cybercrimes against individuals

Generally, ordinary individuals are the most vulnerable targets of cybercriminals. This is due to
various reasons like lack of information, guidance, and cyber-security. The following are some of the
main cybercrimes committed targeting individuals.
1. Cyberbullying
Cyberbullying refers to bullying someone by threatening, harassing or embarrassing the victim
using technology digital device. Generally, cyberbullying includes the following activities on the
internet:
• Humiliating/embarrassing content posted online about the victim of online bullying,

• Hacking social media accounts

• Posting vulgar messages on social media

• Threatening the victim to commit any violent activity

• Child pornography or threatening someone with child pornography.

2. Cyberstalking
Browsing anyone’s internet history or online activity, and sending obscene content online with the
help of any social media, software, application, etc. to know about that particular person is called
cyberstalking. Cyberstalkers take advantage of the inconspicuousness provided by the internet. They
are generally not detectable by the victim, as it is very easy for cyberstalkers to open spam accounts
just to stalk any person; once the stalker deletes the account, his/ her identity completely vanishes.
3. Cyber defamation
Cyber defamation means injuring the other person‟s reputation via the internet through social media,
Emails etc. There are two types of Cyber defamation: libel and slander.
• Libel: It refers to any defamatory statement which is in written form. For instance, writing
defamatory comments on posts, forwarding defamatory messages on social media groups, etc. are a part
of cyber defamation in the form of libel.
• Slander: It refers to any defamatory statement published in oral form. For instance, uploading
videos defaming someone on YouTube is a part of cyber defamation in the form of slander.
4. Phishing
Phishing refers to the fraudulent practice of sending emails under the pretext of reputable companies to
induce individuals to reveal personal information, such as passwords, credit card numbers, etc., online.
Phishing refers to the impersonation of a legitimate person and fraudulently stealing someone‟s data.
Through phishing attacks, cybercriminals not only exploit innocent individuals but also spoil the
reputation of well-known companies.
5. Cyber fraud
As the name suggests, cyber fraud refers to any act of fraud committed with the use of a computer.
Any person who dishonestly uses the internet to illegal deceive people and gets personal data,
communication, etc. with a motive to make money is called a cyber fraud. Examples of cyber fraud
include sending emails containing fake invoices, sending fake emails from email addresses similar to
the official ones, etc.
6. Cyber theft
Cyber theft is a type of cybercrime which involves the unauthorized access of personal or other
information of people by using the internet. The main motive of the cyber criminals who commit cyber
theft is to gather confidential data like passwords, images, phone numbers, etc. and use it as leverage
to demand a lumpsum amount of money. The unauthorized transmission of copyrighted materials,
trademarks, etc. over the internet is also a part of cyber theft. Cyber thefts are committed through
various means, like hacking, email/ SMS spoofing, etc. Yahoo!, Inc. v. Akash Arora (1999), which
was one of the initial cases related to cyber theft in India. In this case, the defendant was accused of
using the trademark or domain name ‘yahooindia.com,’.
7. Spyware
Spyware is a type of malware or malicious software, when it is installed, it starts accessing and
computing the other person‟s device without the end user‟s knowledge. The primary goal of this
software is to steal credit card numbers, passwords, One-Time Passwords (OTPs), etc.
B. Cybercrimes against organizations

The cyber crimes mainly targeting individuals may help cybercriminals get only a meagre amount of
ransom, depending on the financial status of the targeted individuals. On the other hand, cyber-
attacking large companies or organisations can help them get their hands on extremely confidential
data of both private and public institutions or entities. Cyber attacks on organizations are generally
launched on a large scale to get a lump sum amount of ransom. Since such attacks drastically damage
the companies‟ daily operations, most companies try to resolve them as fast as possible. The following
are the kinds of cyber crimes launched targeting organizations.
1. Attacks by virus
A computer virus is a kind of malware which connects itself to another computer program and can
replicate and expand when any person attempts to run it on their computer system. For example, the
opening of unknown attachments received from malicious emails may lead to the automatic installation
of the virus on the system in which it is opened. These viruses are extremely dangerous, as they can
steal or destroy computer data, crash computer systems, etc. The attackers program such malicious
viruses to get hold of organisations official or confidential data. The illegally retrieved data is then
used as leverage to extort ransom from the organisations.
2. Salami attack
It is one of the tactics to steal money, which means the hacker steals the money in small amounts. The
damage done is so minor that it is unnoticed. Generally, there are two types of Salami attacks- Salami
slicing and Penny shaving. In Salami slicing, the attacker uses an online database to obtain customer
information, such as bank/credit card details. Over time, the attacker deducts insignificant amounts
from each account. These sums naturally add up to large sums of money taken from the joint accounts
invisibly.
3. Web Jacking
Web Jacking refers to the illegal redirection of a user’s browser from a trusted domain’s page to a fake
domain without the user’s consent. By using the method of Web Jacking, people visiting any well-
known or reliable website can be easily redirected to bogus websites, which in turn lead to the
installation of malware, leak of personal data, etc. Web jackers intend to illegally collect confidential
information of users by enticing them to click on any link which may seem genuine at the first glance.
4. Denial of Service Attack
Denial of Service Attack or DoS, is a cyber attack on computer devices or systems, preventing the
legal users or accessors of the system from accessing them. The attackers generally attack systems in
such a manner by trafficking the targeted system until it ultimately crashes. DoS attacks cost millions
of dollars to the corporate world, as it curbs them from using their own systems and carrying out their
activities. The attack may be also used to incorporate ransomware into corporate systems.
5. Data diddling
Data diddling is a cybercrime which involves the unauthorized alteration of data entries on a computer.
It may be done either before or during the entry of such data. It is generally committed by way of
computer virus attacks. At times, to conceal the alteration, the altered data is changed to its original data
after retrieving the required information. Usually, the strategic or statistical data of large companies.
C. Cyber crimes against society at large

Apart from the cybercrimes committed targeting individuals in society, various other cyber attacks are
launched against the community at large. Such cybercrimes may be aimed either against any
particular section of society or the entire country. The following are a few types of
cybercrimes against the community at large.
1. Cyber pornography

As per Merriam-Webster Dictionary, pornography is the depiction of erotic behaviour (as in pictures
or writing) intended to cause sexual excitement. Accordingly, cyber pornography refers to using the
internet to display, distribute, import, or publish pornography or obscene materials.
The following activities are punishable;
• Uploading pornographic content on any website, social media, etc. where third parties may access it.

• Transmitting obscene photos to anyone through email, messaging, social media, etc.

2. Cyber terrorism
Cyber terrorism means using cyberspace to hurt the general public and damage the integrity and
sovereignty of any country. Cyber terrorism is generally carried out in the following ways:
• Hacking government-owned systems of the target country and getting confidential information.

• Destructing and destroying government databases and backups by incorporating viruses or malware into
the systems.
• Disrupting government networks of the target nation.

• Distracting the government authorities and preventing them from focusing on matters of priority.

3. Cyber Espionage
Cyber espionage refers to the unauthorized accessing of sensitive data or intellectual property for
economic, or political reasons. It is also called „cyber spying‟.
In most cases of cyber espionage, spies in the form of hackers are deliberately recruited to launch cyber
attacks on the government systems of enemy nations to stealthily collect confidential information. The
cross-border exposure of sensitive data related to any country can continue as long as it stays
undetected. The information gathered through cyber espionage is then used by the gathering country to
either combat or launch military or political attacks on the enemy country. Generally, the following
data are gathered through cyber espionage:
• Military data

• Academic research-related data

• Intellectual property

• Politically strategic data, etc.

Common Cyber Crimes
A. Cyber Crime targeting computers and mobiles
In India, cyber crime has become a major concern in recent years, with more and more people using
computers and mobiles for various purposes. Criminal activities that are committed through the use of
computers, networks, or other digital devices. Some of the common types of cyber crime in India
include hacking, phishing, identity theft, online fraud, cyberstalking, and cyberbullying.
Cyber criminals often target computers and mobiles to gain access to sensitive information such as
passwords, bank account details, and personal data. Cyber crime can have serious consequences for
individuals and businesses, including financial losses, reputational damage, and even physical harm.
Example for Security threats:
a. Web-Based Threats – These types of threats happen when people visit sites that appear to be fine
on the front-end but in reality, automatically download malicious content onto the mobile devices.
Also, many mobile applications continue to sync their data in the background which poses a threat.
These threats usually go unnoticed by the users.
b. Phishing Through Links : Some legitimate-looking links are sent through messages, emails, or
social media platforms. They extract personal information by tricking with several schemes. It is not
possible to categorize them as real or fake as they copy the original website.
c. Forced Downloads : When you visit a page through anonymous links, it automatically directs you
to the download page. This method is called drive-by downloads.
d. Physical Threats – These threats happen when someone physically tries to access your device.
When you lose your mobile, or it is stolen there is a possibility for physical threats. Mobile devices
carry your transactional data as well as has connected applications to your bank accounts, which is a
threat to your privacy breach.
e. No Password Protection : With keeping all measures to secure your data, it is surprising to know
that some people find it difficult to use a password on their devices, or they rather use a password that
is easy to crack by hackers. This leads to physical threats.
f. Encryption : While using carrier networks they generally provide good encryption while accessing
servers. But while accessing some client and enterprise servers they are explicitly managed. They are
not end-to-end encrypted which can lead to physical threats.
g. Network-Based Threats – Mobile network includes both Cellular and Local network support
such as Bluetooth and Wi-Fi. These are used to host network threats. These threats are especially
dangerous as the cyber-criminals can steal unencrypted data while people use public WiFi networks.
h. Public WiFi : While we are using our devices for every task, at public places we are provided with
public open WiFi which tends to be legitimate while they are controlled by hackers which results in data
leakage.
i. Network Exploits : Network exploits are due to the vulnerabilities in the operating system in your
mobile devices. Once this software is connected to the network they are capable of installing malware
onto the device without being known.
j. Application-Based Threats – Websites available for software downloads are home to these
threats. They tend to be genuine software but in fact are specially designed to carry malicious
activities.
k. Malware : Malware is designed to send unwanted messages to recipients and further use your
personal and business information by hacking your devices.
l. Spyware : They are the software that are used to collect specific information about an organization
or person which later can be used for fraud and identity threats.
Steps to prevent from Security Threats –
• Prefer using communication apps that encrypt data transfers.

• Update your device software regularly to ensure protection against spyware threats.

• Create unique passwords for different accounts created while using mobile devices.

• Delete the non-active apps to limit the threat to data access and privacy.

• Categories your applications under Blacklist and Whitelist.

• Check for apps accessing location and storage.

• Do not allow forced downloads from browser.

• Check on security that stops sharing of network unnecessary.

• Do not add your data to public servers.

To prevent cyber crime, it is important to take measures such as using strong passwords, keeping
software up-to-date, avoiding suspicious emails and websites, and being cautious about sharing
personal information online. The Indian government has also taken steps to combat cyber crime by
setting up specialized agencies such as the Cyber Crime Investigation Cell (CCIC) and the National
Cyber Security Coordination Centre (NCSC). However, there is still a need for greater awareness and
education about cyber security among the general public, especially in rural areas where internet usage
is increasing rapidly.

B. Cyber Crime against women and children

Cyber crime against women refers to any criminal activity that targets women using digital technology
or the internet.
• One common form of cyber crime against women is online harassment or cyberbullying. This can
include sending threatening or abusive messages, spreading rumors or false information, or posting
explicit content without consent. • Revenge porn is another prevalent form of cyber crime targeting
women. It involves the non-consensual sharing of intimate images or videos online, often with the
intention to shame, blackmail, or harass the victim.
• Online stalking is also a significant concern for women. This involves someone obsessively
monitoring a person's online activities, gathering personal information, and potentially using it to harm
or intimidate them.
• Phishing scams targeting women are on the rise. These scams involve tricking individuals into
revealing sensitive information such as passwords, credit card details, or social security numbers
through deceptive emails, websites, or messages.
• Identity theft is another cyber crime that can disproportionately affect women. Criminals may steal
personal information to commit fraud in the victim's name, leading to financial loss and damage to their
reputation.
• Online grooming is a serious concern for young girls and teenagers. Predators may use social media
platforms and other online spaces to build trust with their victims and exploit them for sexual purposes.
• Women are also vulnerable to online fraud schemes such as romance scams. Criminals create fake
profiles on dating websites or social media platforms to establish romantic relationships with
unsuspecting victims and then manipulate them into sending money.
It is important for women to be aware of these risks and take precautions when using digital
technology. This includes regularly updating passwords, being cautious about sharing personal
information online, and reporting any instances of cyber crime to the appropriate authorities.
Cyber crime against children refers to any criminal activity that targets or exploits children using
digital technology.
• One common form of cyber crime against children is online child exploitation, which includes child
pornography, grooming, and sexual exploitation.
• Grooming is the process by which an adult builds an emotional connection with a child to gain
their trust for the purpose of sexual abuse or exploitation.
• Child pornography involves the production, distribution, or possession of sexually explicit
images or videos of children.
• Sextortion is another form of cyber crime where perpetrators coerce children into providing sexually
explicit images or videos and then use those materials to blackmail and exploit them further.
• Online bullying and harassment are also prevalent forms of cyber crime against children. This includes
cyberbullying through social media platforms, online forums, or messaging apps.
• Identity theft is another concern as criminals may steal a child's personal information to commit fraud
or other illegal activities.
It's important for parents and guardians to educate themselves and their children about online safety
measures such as privacy settings, safe internet browsing habits, and responsible social media usage.
Reporting any suspicious activities or incidents to law enforcement authorities is crucial in combating
cyber crime against children. Governments and organizations around the world are working together
to develop laws and regulations that protect children from cybercrime.
Cyber Crime Prevention against Women and Children (CCPWC) Scheme is to have an effective
mechanism to handle cybercrimes against women and children in the country. The main Components of
the CCPWC Scheme,
• Online Cybercrime reporting Unit

• Forensic Unit

• Capacity Building Unit

• Research & development Unit

• Awareness Creation Unit

C. Cyber Financial Frauds

Cyber financial frauds involve unauthorized access, theft, or manipulation of financial data or
transactions using digital platforms.
Types of financial fraud:
Common types include phishing scams, identity theft, credit card fraud, online banking fraud, and
investment scams.
1. Phishing: This is a technique where fraudsters impersonate legitimate entities to trick individuals
into revealing sensitive information like passwords or credit card details.

2. Identity theft: It occurs when someone steals personal information to impersonate another
individual and carry out fraudulent activities.
3. Online banking fraud: Criminals may exploit vulnerabilities in online banking systems to
gain unauthorized access, transfer funds, or conduct fraudulent transactions.
4. Investment scams: These frauds involve false promises of high returns or fictitious investment
opportunities to deceive individuals into providing money.
Prevention: To protect against cyber financial frauds, individuals should be cautious while sharing
personal information online, use strong and unique passwords, regularly monitor financial accounts,
and be vigilant of suspicious emails or websites.
D. Social Engineering Attacks
Social engineering attacks manipulate human psychology to deceive individuals into divulging
sensitive information or performing actions that benefit the attacker.
Social engineering attacks often involve impersonation, pretexting, baiting, phishing, or tailgating to
gain trust and exploit vulnerabilities.
1. Impersonation: Attackers may pretend to be someone trustworthy, like a colleague, IT support,
or a customer service representative, to trick individuals into revealing information or granting access.
2. Pretexting: This technique involves creating a fabricated scenario or pretext to manipulate victims
into providing sensitive information or performing certain actions.
3. Baiting: Attackers offer something enticing, like a free USB drive or a gift card, to trick
individuals into taking actions that compromise their security.
4. Phishing: Phishing is a social engineering technique where attackers use deceptive emails or
websites to trick individuals into revealing personal information.
5. Prevention: Individuals can protect themselves from social engineering attacks by being cautious
of requests for sensitive information, verifying the identity of individuals before sharing information,
avoiding clicking on suspicious links or downloading unknown files, and staying informed about
common scam tactics.
E. Malware Attacks and Ransomware Attacks

i. Malware Attacks:
Malware refers to malicious software designed to infiltrate and damage computer systems, steal data,
or gain unauthorized access.
Types of malware: Common types include viruses, worms, Trojans, spyware, and adware.
1. Viruses: Viruses attach themselves to legitimate programs or files and spread by replicating
themselves. They can cause damage to files, slow down systems, or even render them unusable.
2. Worms: Worms are self-replicating malware that spread over networks, exploiting
vulnerabilities in computer systems and causing disruption.
3. Trojans: Trojans appear as legitimate software but contain hidden malicious code. They can
give attackers unauthorized access to a system or steal sensitive data.
4. Spyware: Spyware secretly collects information about a user's activities, such as browsing habits or
keystrokes, and sends it to a third party without the user's consent.
5. Adware: Adware displays unwanted advertisements, often in the form of pop-ups, and can collect
user information for targeted advertising purposes.
ii.Ransomware Attacks:
Ransomware is a type of malware that encrypts a victim's files or locks them out of their systems,
demanding a ransom in exchange for restoring access.
• Encryption: Ransomware uses strong encryption algorithms to render files inaccessible, making them
useless until a decryption key is provided.
• Payment: Attackers typically demand payment in cryptocurrencies like Bitcoin to make it
difficult to trace the transactions.
• Consequences: Ransomware attacks can lead to significant financial losses, data breaches,
operational disruptions, and reputational damage for individuals and organizations.
• Prevention: Regularly updating software, using strong and unique passwords, employing robust
security solutions, and regularly backing up data are key preventive measures against ransomware
attacks.

F. Zero-Day and Zero-Click Attacks:

i. Zero-Day Attacks:
Zero-day attacks are cyber attacks that exploit software vulnerabilities that are unknown to the
software vendor or have not been patched yet.
• Vulnerabilities: Zero-day vulnerabilities can exist in operating systems, software applications,
web browsers, or other software components.
• Exploitation: Attackers discover and exploit these vulnerabilities before the software developers
become aware of them or release a patch to fix them.
• Damage Potential: Zero-day attacks can have severe consequences as there is no known defense
or protection against them at the time of their discovery.
• Stealthy Nature: Zero-day attacks are often highly targeted and designed to stay undetected by
security measures and traditional security solutions.
Prevention and Mitigation: Organizations and software vendors need to have strong vulnerability
management practices, including regular security updates, threat intelligence, and proactive
monitoring to detect and respond to zero-day attacks.
ii.Zero-Click Attacks:
Zero-click attacks refer to cyber attacks that exploit vulnerabilities in software or devices without any
interaction or action required from the user.
• Delivery Methods: Zero-click attacks can be delivered through various means, such as malicious
emails, instant messaging apps, or even through network traffic.
• Exploitation: Cybercriminals take advantage of security flaws in software or devices to execute
malicious code and compromise systems without the victim's knowledge.
• Targeted Exploitation: Zero-click attacks often target specific software versions or device
configurations, making them more challenging to defend against.
• Sophistication: Zero-click attacks are highly sophisticated, relying on techniques like remote
code execution, memory corruption, or privilege escalation to gain control over the targeted system.
Prevention and Mitigation: To protect against zero-click attacks, it is crucial to keep software and
devices up to date with the latest security patches, use robust security solutions, and employ network
segmentation to limit the potential impact of an attack.
Modus operandi of cyber criminals
1. Identity Theft: Cyber criminals often engage in identity theft to impersonate individuals for
fraudulent activities. They may gather personal information through phishing emails, data breaches,
or social engineering techniques.
2. Phishing: Phishing is a common tactic used by cyber criminals to trick individuals into revealing
sensitive information such as passwords, credit card numbers, or login credentials. They often
impersonate trusted entities via email, text messages, or fake websites.
3. Malware Distribution: Cyber criminals may distribute malware through various means,
including malicious email attachments, infected websites, or software downloads. Once installed, the
malware can gain unauthorized access, steal data, or cause other malicious activities.
4. Ransomware Attacks: Ransomware attacks involve encrypting victims' files or systems and
demanding a ransom for their release. Cyber criminals leverage social engineering, email
attachments, or exploit software vulnerabilities to deliver and execute ransomware.
5. Data Breaches: Cyber criminals target organizations to gain unauthorized access to sensitive
data, including personal information, financial records, or intellectual property. They may exploit
vulnerabilities in networks, weak passwords, or use social engineering techniques to infiltrate
systems.
6. Online Scams: Cyber criminals often engage in online scams to deceive individuals into
providing money or sensitive information. Common examples include romance scams, lottery
scams, investment scams, or fake tech support scams.
7. Credential Stuffing: In credential stuffing attacks, cyber criminals use stolen usernames and
passwords from data breaches to gain unauthorized access to other online accounts of victims
who reuse their credentials.
8. Business Email Compromise (BEC): BEC attacks involve cyber criminals impersonating a
high-ranking executive or a trusted party within an organization to trick employees into
transferring funds or disclosing sensitive information.
9. Cryptojacking: Cyber criminals may exploit victims' computing resources to mine
cryptocurrencies without their knowledge or consent. They achieve this by infecting systems with
malware that runs in the background.

10. Dark Web Activities: Cyber criminals utilize the anonymity of the dark web to engage in various
illicit activities, including the sale of stolen data, hacking tools, drugs, weapons, and more.