cyber crime report

Cyber Crime & Security

1

CYBER CRIME & SECURITY

A Seminar Report

Submitted By

Mr. Ronson Calvin Fernandes

Register Number : 110919053

IV Semester M.C.A.

Manipal Institute of Technology, Manipal

DEPARTMENT OF MASTER OF COMPUTER APPLICATIONS

MANIPAL INSTITUTE OF TECHNOLOGY(A Constituent Institute of Manipal University)

MANIPAL - 576 104


2

ABSTRACT

As a coin has two sides , one which we can see directly and to see other we need

to flip the coin , our society also has got two sides. On one side there are people

who use the advancement in technology for good purpose and on the opposite

side there are people who misuse them.

From the early civilization period there is the existence of laws to guard

against crimes and criminals. And these laws were strictly maintained in order to

bring law and order in the society. And in this information age , a new variety of

crimes are evolving and these are known as CYBER CRIMEs.

Any illegal or unlawful activities committed by an individual or group of

people which is against and harmful to the society and its people or harmful to the

nation can be regarded as crime. And the person or group of people , who

committed such activities are regarded as Criminals.

Similarly crimes committed using Computer , Internet or a Network as a

subject or object of crime are generally known as Cyber Crime. And in this

Information age there are plenty of laws to tackle with these kind of cyber crimes.

So , the people of the society has to understand these laws and make use of these

laws to a good effect.

CONTENTS

1. INTRODUCTION 04

2. OVERVIEW OF THE TOPIC 05

2.1 DEFINITION – CYBER CRIME 05

2.2 CYBER WARE 05

3. DETAILED EXPLANATION 06

3.1 TYPES OF CYBER CRIME 06

3.2 CRIMEWARE 07

3.3 BOT NET 07

3.4 TROJAN HORSE 09

3.5 SPYWARES 09

3.6 PHISHING 10

3.7 PHARMING 12

4. KINDS OF CYBER ATTACKS 13

5. BASIC PREVENTION TIPS 14

6. LAWS AGAINST CYBER CRIME 17

7. REFERENCES 18


4

1. INTRODUCTION

Like traditional crime, cybercrime can take many shapes and can occur nearly

anytime or anyplace. Criminals committing cybercrime use a number of methods,

depending on their skill-set and their goal. This should not be surprising:

cybercrime is, after all, simply 'crime' with some sort of 'computer' or 'cyber'

aspect. Cybercrime has surpassed illegal drug tracking as a criminal moneymaker.

Every 3 seconds an identity is stolen. Without security, your unprotected PC can

become infected within four minutes of connecting to the internet. The Council of

Europe's Cybercrime Treaty uses the term 'cybercrime' to refer to offenses ranging

from criminal activity against data to content and copyright infringement [Krone,

2005]. However, others [Zeviar-Geese, 1997-98] suggest that the definition is

broader, including activities such as fraud, unauthorized access, child

pornography, and cyberstalking. The United Nations Manual on the Prevention

and Control of Computer Related Crime includes fraud, forgery, and unauthorized

access [United Nations, 1995] in its cyber-crime definition.

As you can see from these definitions, cybercrime can cover a very wide range of

attacks. Understanding this wide variation in types of cybercrime is important as

different types of cybercrime require different approaches to improving your

computer safety.


5

2. OVERVIEW OF THE TOPIC

2.1 DEFINITION – CYBER CRIME

Crime committed using a computer and the internet to steal a person's

identity or illegal imports or malicious programs.

Cybercrime is nothing but where the computer used as an object or subject

of crime. Most of these crimes are not new. Criminals simply devise di erent ways

to undertake standard criminal activities such as fraud , theft , blackmail and

forgery using the new medium , often involving the Internet .

2.2 CYBER WARE

The software tools used in cybercrime is sometimes referred to as crimeware.

Crimeware is software that is: used in the commission of the criminal act and not

generally regarded as a desirable software or hardware application.

However, it is important to remember that not all software used in the

commission of a computer-based or computer-facilitated crime can be de ned as

crimeware.

Crimeware does, however, include programs which may be classi ed as bots,

keystroke loggers, spyware, backdoors and Trojan horses.


6

3. DETAILED EXPLANATION

Cyber crime is an evil having its origin in the dependence on computers in

modern life.

A simple yet sturdy definition of cyber crime would be unlawful acts wherein

the computer is either a tool or a target or both". Defining cyber crimes, as acts

that are punishable by the information Tech-nology Act" would be unsuitable as

the Indian Penal Code also covers many cyber crimes, such as e-mail spoofing,

cyber defamation, etc.

Cybercrime in a narrow sense (computer crime): Any illegal behavior directed

by means of electronic operations that targets the security of computer systems

and the data processed by them.

Cybercrime in a broader sense (computer-related crime): Any illegal behavior

committed by means of, or in relation to, a computer system or network, including

such crimes as illegal possession [and] offering or distributing information by

means of a computer system or network.

3.1 TYPES OF CYBER CRIME

Cyber Crime refers to all activities done with criminal intent in cyberspace. These

fall into three slots.

a) Those against persons.

b) Against Business and Non-business organizations.

c) Crime targeting the government.


7

3.2 CRIME WARE

The software tools used in cybercrime is sometimes referred to as crime ware.

Crime ware is software that is: used in the commission of the criminal act and not

generally regarded as a desirable software or hardware application

However, it is important to remember that not all software used in the

commission of a computer-based or computer-facilitated crime can be defined as

crime ware. For example, while IM client may be used in the commission of a

cybercrime, the instant messaging application software itself is not considered

crime ware. FTP clients may be used in the commission of crimes; however, they

are not considered crime ware.

Crime ware does, however, include programs which may be classified as bots,

keystroke loggers, spyware, backdoors and Trojan horses.

3.3 CRIMEWARE - BOTNET

What's a Bot ?

"Bot" is actually short for robot - not the kind found in science fiction movies

or on the production line in a manufacturing business. Bots are one of the most

sophisticated types of crimeware facing the Internet today. Bots are similar to

worms and Trojans, but earn their unique name by performing a wide variety of

automated tasks on behalf of their master (the cybercriminals) who are often

safely located somewhere far across the Internet. Tasks that bots can perform run

the gamut from sending spam to blasting Web sites o the Internet as part of a

coordinated "denial-of-service" attack. Since a bot infected computer does the

bidding of its master, many people refer to these victim machines as "zombies."


8

Bots sneak onto a person's computer in many ways. Bots oftentimes spread

themselves across the Internet by searching for vulnerable, unprotected com-

puters to infect. When they find an exposed computer, they quickly infect the

machine and then report back to their master. Their goal is then to stay hidden

until they are awoken by their master to perform a task. Bots are so quiet that

sometimes the victims first learn of them when their Internet Ser-vice Provider

tells them that their computer has been spamming other Internet users. Sometimes

a bots will even clean up the infected machine to make sure it does not get

bumped o of the victim's computer by another cybercriminal's bot. Other ways in

which a bots infects a machine include being downloaded by a Trojan, installed

by a malicious Web site or being emailed directly to a person from an already

infected machine.

Bots do not work alone, but are part of a network of infected machines called

a "botnet." Botnets are created by attackers repeatedly infecting victim computers

using one or several of the techniques mentioned above. Each one of the zombie

machines is controlled by a master computer called the command and control

server. From the command and control server, the cybercriminals manage their

botnet and instructs the army of zombie computers to work on their behalf. A

botnet is typically composed of large number victim machines that stretch across

the globe, from the Far East to the United States. Some botnets might have a few

hundred or a couple thousand computers, but others have tens and even hundreds

of thousands of zombies at their disposal.


9

3.4 CRIMEWARE : TROJAN HORSE

What is a Trojan Horse?

This term "Trojan Horse" comes from a Greek fable, in which the Greeks

presented a giant wooden horse to the Trojans as a peace offering. However, a

nasty surprise awaited the Trojans as Greek soldiers sprung out of the hollow

horse and captured Troy. Similarly, a Trojan horse program presents itself as a

useful computer program, while it actually causes havoc and damage to your

computer.

Increasingly, Trojans are the 1st stage of an attack and their primary purpose

is to stay hidden while downloading and installing a stronger threat such as a bot.

Unlike viruses and worms, Trojan horses cannot spread by themselves. They are

often delivered to a victim through an email message where it masquerades as an

image or joke, or by a malicious website, which installs the Trojan horse on a

computer through vulnerabilities in web browser software such as Microsoft

Internet Explorer.

After it is installed, the Trojan horse lurks silently on the infected machine,

invisibly carrying out its misdeeds, such as downloading spyware, while the

victim continues on with their normal activities.

3.5 CRIMEWARE : SPYWARE

What is Spyware?

Spyware is a general term used for programs that covertly monitor your activity

on your computer, gathering personal information, such as usernames, passwords,

account numbers, les, and even driver's license or social security numbers. Some

spyware focuses on monitoring a person's Internet behavior; this type of spyware

often tracks the places you visit and things you do on the web, the emails you

write and receive, as well as your Instant Messaging (IM) conversations. After

gathering this information, the spyware then transmits that information to another

computer, usually for advertising purposes.


10

Spyware is similar to a Trojan horse in that users unknowingly install the

product when they install something else. However, while this software is almost

always unwelcome, it can be used in some instances for monitoring in

conjunction with an investigation and in accordance with organizational policy.

Spyware is installed in many ways:

Most often spyware is installed unknowingly with some other software that you

intentionally install. For example, if you install a "free" music or le sharing

service or download a screensaver, it may also install spyware. Some Web pages

will attempt to install spyware when you visit their page.

A person who wants to monitor your online activities may also manually

install spyware. Depending on how this is done, this might be acceptable

surveillance of an individual or an unwelcome, even illegal, invasion of privacy.

Trojans and spyware are crimeware , two of the essential tools a cybercriminal

might use to obtain unauthorized access and steal information from a victim as

part of an attack. The creation and distribution of these programs is on the rise-

they are now 37% of all of the thousands of malware Symantec processes on a

weekly basis.

Trojans and spyware are developed by professionals. Trojans and spyware are

often created by professional crimeware authors who sell their software on the

black market for use in online fraud and other illegal activities.

3.6 ONLINE FRAUD : PHISHING

What is Phishing?

Phishing is essentially an online con game, and phisher’s are nothing more

than tech-savvy con artists and identity thieves. They use spam, fake Web sites,

crimeware and other techniques to trick people into divulging sensitive

information, such as bank and credit card account details. Once they've captured

enough victims' information, they either use the stolen goods themselves to

defraud the victims (e.g., by opening up new accounts using the victim's name or

draining the victim's bank a/c).


11

In most cases, phishers send out a wave of spam email, sometimes up to

millions of messages. Each email contains a message that appears to come from a

well-known and trusted company. Usually the message includes the company's

logo and name, and it often tries to evoke an emotional response to a false crisis.

Couched in urgent, business-like language, the email often makes a request of the

user's personal information. Sometimes the email directs the recipient to a spoofed

Web site. The Web site, like the email, appears authentic and in some instances its

URL has been masked so the Web address looks real.

The bogus Web site urges the visitor to provide con dential information -

social security numbers, account numbers, passwords, etc. Since the email and

corresponding Web site seem legitimate, the phisher hopes at least a fraction of

recipients are fooled into submitting their data. While it is impossible to know the

actual victim response rates to all phishing attacks, it is commonly believed that

about 1 to 10 percent of recipients are duped with a "successful" phisher

campaign having a response rate around 5 percent. To put this in perspective,

spam campaigns typically have a less than 1 percent response rate.

Over 2005, phishers became much more sophisticated. They began using

crimeware in conjunction with their phony, hostile Web sites by leveraging

common Web browser vulnerabilities to infect victim machines. This trend means

that by simply following the link in a phishing email to a bogus Website, a user's

identity could be stolen as the phisher would no longer need to get you to enter

your personal information - the Trojan or spyware placed onto your machine

would capture this information the next time you visit the legitimate Web site of

your bank or other online service. Throughout the past year, this genre of

crimeware has become more targeted (capturing just the information the phisher

wants) and more silent, using rootkit and other aggressive stealth techniques to

remain hidden on an infected system.


12

3.7 ONLINE FRAUD : PHARMING

What is Pharming?

Pharming (pronounced "farming") is another form of online fraud, very

similar to its cousin phishing. Pharmers rely upon the same bogus Web sites and

theft of confidential information to perpetrate online scams, but are more difficult

to detect in many ways because they are not reliant upon the victim accepting a

"bait" message. Instead of relying completely on users clicking on an enticing link

in fake email messages, pharming instead re-directs victims to the bogus Web site

even if they type the right Web address of their bank or other online service into

their Web browser.

Pharmers re-direct their victims using one of several ploys. The first method -

the one that earned pharming its name - is actually an old at-tack called DNS

cache poisoning. DNS cache poisoning is an attack on the Internet naming system

that allows users to enter in meaningful names for Web sites (www.mybank.com)

rather than a di cult to remember series of numbers (192.168.1.1). The naming

system relies upon DNS servers to handle the conversion of the letter-based Web

site names, which are easily recalled by people, into the machine-understandable

digits that whisk users to the Web site of their choice. When a pharmer mounts a

successful DNS cache poisoning attack, they are effectively changing the rules of

how traffic flows for an entire section of the Internet! The potential widespread

impact of pharmers routing a vast number of unsuspecting victims to a series of

bogus, hostile Web sites is how these fraudsters earned their namesake. Phishers

drop a couple lines in the water and wait to see who will take the bait. Pharmers

are more like cybercriminals harvesting the Internet at a scale larger than anything

seen before.


13

Pharming example

One of the 1st known pharming attacks was conducted in early 2005. Instead

of taking advantage of a software aw, the attacker appears to have duped the

personnel at an Internet Service Provider into entering the transfer of location

from one place to another. Once the original address was moved to the new

address, the attacker had effectively "hijacked" the Web site and made the

genuine site impossible to reach, embarrassing the victim company and impacting

its business. A pharming attack that took place weeks after this incident had more

ominous consequences. Using a software aw as their foothold, pharmers swapped

out hundreds of legitimate domain names for those of hostile, bogus Web sites.

There were three waves of attacks, two of which attempted to load spyware and

adware onto victim machines and the third that appeared to be an attempt to drive

users to a Web site selling pills that are often sold through spam email.

4. KINDS OF CYBER ATTACKS

E-Mail bombing : Sending huge amounts of E-mails.

Salami attacks : These attacks are used for the commission of financial crimes.

Denial of Service: This involves flooding computer resources with more re-quests

than it can handle.

Sale of illegal articles : This would include sale of narcotics, weapons and wildlife

etc.

Cyber Pornography : This would include pornographic websites.

E-Mail spoofing : A spoofed email is one that appears to originate from one

source but actually has been sent from another source.


14

5. BASIC PREVENTION TIPS

Cybercrime prevention can be straight-forward - when armed with a little

technical advice and common sense, many attacks can be avoided. In general,

online criminals are trying to make their money as quickly and easily as possible.

The more difficult you make their job, the more likely they are to leave you alone

and move on to an easier target. The tips below provide basic information on how

you can prevent online fraud.

5.1 Keep your computer current with the latest patches

and updates.

One of the best ways to keep attackers away from your computer is to apply

patches and other software axes when they become available. By regularly

updating your computer, you block attackers from being able to take advantage

of software laws (vulnerabilities) that they could otherwise use to break into your

system.

While keeping your computer up-to-date will not protect you from all at-tacks,

it makes it much more difficult for hackers to gain access to your system, blocks

many basic and automated attacks completely, and might be enough to discourage

a less-determined attacker to look for a more vulnerable computer elsewhere.

More recent versions of Microsoft Windows and other popular software can

be configured to download and apply updates automatically so that you do not

have to remember to check for the latest software. Taking advantage of "auto-

update" features in your software is a great start toward keeping yourself safe

online.


15

5.2 Make sure your computer is configured securely

Keep in mind that a newly purchased computer may not have the right level of

security for you. When you are installing your computer at home, pay attention

not just to making your new system function, but also focus on making it work

securely.

Configuring popular Internet applications such as your Web browser and

email software is one of the most important areas to focus on. For example,

settings in your Web browser such as Internet Explorer or Firefox will deter-mine

what happens when you visit Web sites on the Internet-the strongest security

settings will give you the most control over what happens online but may also

frustrate some people with a large number of questions ("This may not be safe,

are you sure you want do this?") or the inability to do what they want to do.

Choosing the right level of security and privacy depends on the individual

using the computer. Oftentimes security and privacy settings can be properly

configured without any sort of special expertise by simply using the "Help"

feature of your software or reading the vendor's Web site. If you are

uncomfortable configuring it yourself consult someone you know and trust for

assistance or contact the vendor directly.

5.3 Choose strong passwords and keep them safe.

Passwords are a fact of life on the Internet today we use them for

everything from ordering products and online banking to logging into our favorite

airline Web site to see how many miles we have accumulated. The following tips

can help make your online experiences secure:

Selecting a password that cannot be easily guessed is the rst step toward

keeping passwords secure and away from the wrong hands. Strong passwords

have eight characters or more and use a combination of letters, numbers and

symbols (e.g., $ % ! ?).


16

Keep your passwords in a safe place and try not to use the same password for

every service you use online.

Change passwords on a regular basis, at least every 90 days. This can limit

the damage caused by someone who has already gained access to your account. If

you notice something suspicious with one of your online accounts, one of the first

steps you can take is to change your password.

5.4 Protect your computer with security software

Several types of security software are necessary for basic online security. Se-

curity software essentials include firewall and antivirus programs. A firewall is

usually your computer's first line of defense-it controls who and what can

communicate with your computer online. You could think of a firewall as a sort

of "policeman" that watches all the data attempting to ow in and out of your

computer on the Internet, allowing communications that it knows are safe and

blocking "bad" extra c such as attacks from ever reaching your computer.

The next line of defense many times is your antivirus software, which moni-

tors all online activities such as email messages and Web browsing and protects

an individual from viruses, worms, Trojan horse and other types of malicious pro-

grams. More recent versions of antivirus programs, such as Norton antivirus , also

protect from spyware and potentially unwanted programs such as adware. Having

security software that gives you control over software you may not want and

protects you from online threats is essential to staying safe on the Internet. Your

antivirus and antispyware software should be configured to update itself, and it

should do so every time you connect to the Internet.


17

6. LAWS AGAINST CYBER CRIMES

Cyberlaw is a much newer phenomenon having emerged much after the onset of

Internet. Internet grew in a completely unplanned and unregulated manner. Even

the inventors of Internet could not have really anticipated the scope and far

reaching consequences of cyberspace. The growth rate of cyberspace has been

enormous. Internet is growing rapidly and with the population of Internet

doubling roughly every 100 days, Cyberspace is becoming the new preferred

environment of the world. With the spontaneous and almost phenomenal growth

of cyberspace, new and ticklish issues relating to various legal aspects of

cyberspace began cropping up.

In response to the absolutely complex and newly emerging legal issues

relating to cyberspace, CYBERLAW or the law of Internet came into being. The

growth of Cyberspace has resulted in the development of a new and highly

specialised branch of law called CYBERLAWS- LAWS OF THE INTERNET

AND THE WORLD WIDE WEB.

Cyberlaw is a generic term which refers to all the legal and regulatory aspects

of Internet and the World Wide Web. Anything concerned with or related to or

emanating from any legal aspects or issues concerning any activity of netizens in

and concerning Cyberspace comes within the ambit of Cyberlaw. Internet is

growing rapidly and with the population of Internet doubling roughly every 100

days, Cyberspace is becoming the new preferred environment of the world. With

the spontaneous and almost phenomenal growth of cyberspace, new and ticklish

issues relating to various legal aspects of cyberspace began cropping up. Anything

concerned with or related to or emanating from any legal aspects or issues

concerning any activity of netizens in and concerning Cyberspace comes within

the ambit of Cyberlaw.


18

7. REFERENCES

[1] Norton , Symantec Group.

http://in.norton.com/cybercrime

[2] Cyber Crime & E-Governance..

http://www.uniflorida.com/cybercrime

[3] SEMCOM Cyberlaw Clinic.

www.cyberlawclinic.org

[4] Cyber Crime Statistics in India

http://www.indiafacts.in

[5] Carnegie Cyber Academy - National Cyber Security Awareness.

http://www.carnegiecyberacademy.com


19


20


21


22