CYBERSECURITY-UNIT1

UNIT- I: INTRODUCTION TO CYBERCRIME

1.1Introduction
 “Cyber security is the protection of internet-connected systems, including hardware, software
and data, from cyber attacks”.
 “Cybersecurity” means protecting information, equipment, devices, computer, computer
resource, communication device and information stored therein from unauthorized access,
use, disclosure, disruption, modification or destruction.
 Almost everyone is aware of the rapid growth of the Internet. Given the unrestricted number
of free websites, the Internet has opened a new way of exploitation known as cybercrime.
 These activities involve the use of computers, the Internet, cyberspace and the worldwide
web (WWW).
 cybercrime is not a new phenomena; the first recorded cybercrime took place in the year
1820.
 It is one of the most talked about topics in the recent years.

1.2 Cybercrime: Definition and Origins of the Word

Cybercrime:
 “a crime conducted in which a computer was directly and significantly instrumental.”
Alternative definitions of Cybercrime are as follows:
1. Any illegal act where a special knowledge of computer technology is essential for its
perpetration (to commit a crime), investigation or prosecution.
2. Any traditional crime that has acquired a new dimension or order of magnitude through the
aid of a computer, and abuses that have come into being because of computers.
3. Any financial dishonesty that takes place in a computer environment.
4. Any threats to the computer itself, such as theft of hardware or software, damage and
demands for money.
5. “cybercrime (computer crime) is any illegal behavior, directed by means of electronic
operations, that targets the security of computer systems and the data processed by them.”
Note that in a wider sense, “computer-related crime” can be any illegal behavior committed
by means of, or in relation to, a computer system or network; however, this is not cybercrime.
The term “cybercrime” relates to a number of other terms that may sometimes be used to
describe crimes committed using computers.
 Computer-related crime  Computer crime  Internet crime  E-crime  High-tech crime,
etc. are the other synonymous terms.
 Cybercrime specifically can be defined in a number of ways; a few definitions are:
1. A crime committed using a computer and the Internet to steal a person’s identity (identity
theft) or sell contraband or stalk victims or disrupt operations with malevolent programs.
2. Crimes completed either on or with a computer.
3. Any illegal activity done through the Internet or on the computer.
4. All criminal activities done using the medium of computers, the Internet, cyberspace and
the WWW.

1
 CYBERSECURITY-UNIT1

 According to one information security, cybercrime is any criminal activity which uses network
access to commit a criminal act.
 Cybercrime may be internal or external, with the former easier to perpetrate.
 The term “cybercrime” has evolved over the past few years since the adoption of Internet
connection on a global scale with hundreds of millions of users.
 Cybercrime refers to the act of performing a criminal act using cyberspace as the communications
vehicle.
The legal systems around the world introduce laws to combat cybercriminals attacks. Two types of
attack are as follows.
1. Techno-crime: An act against a system or systems, with the intent to copy, steal, prevent
access, corrupt or otherwise deface or damage parts of or the complete computer system.
2. Techno-vandalism: These acts of “brainless” defacement of websites and/or other
activities, such as copying files and publicizing their contents publicly, are usually
opportunistic in nature. “Tight internal security” and “strong technical safeguards” should
prevent the vast majority of such incidents.
There is a very thin line between the two terms “computer crime” and “computer fraud”; both are
punishable.
Cybercrimes (harmful acts committed from or against a computer or network) differ from most
crimes in four ways:
(a) how to commit them is easier to learn,
(b) they require few resources relative to the potential damage caused,
(c) they can be committed in a jurisdiction without being physically present in it
(d) they are often not clearly illegal. The term cybercrime has some stigma attached and is notorious
due to the word “terrorism” or “terrorist” attached with it, that is, cyberterrorism.
Important Definitions related to Cyber Security
a. Cyberterrorism
Cyberterrorism is defined as “any person, group or organization who, with terrorist intent, utilizes
accesses or aids in accessing a computer or computer network or electronic system or electronic
device by any available means, and thereby knowingly engages in or attempts to engage in a terrorist
act commits the offence of cyberterrorism.”
 Cybercrime, especially through the Internet, has grown in number as the use of computer has
become central to commerce, entertainment and government.
 The term cyber has some interesting synonyms: fake, replicated, pretend, imitation, virtual,
computer generated.
 Cyber means combining forms relating to Information Technology, the Internet and Virtual
Reality.
b. cybernetics
 This term owes its origin to the word “cybernetics” which deals with information and its use;
 cybernetics is the science that overlaps the fields of neurophysiology, information theory,
computing machinery and automation.
 Worldwide, including India, cyberterrorists usually use computer as a tool, target for their unlawful
act to gain information.

2
 CYBERSECURITY-UNIT1

Internet is one of the means by which the offenders can gain priced sensitive information of
companies, firms, individuals, banks and can lead to intellectual property (IP) crimes, selling illegal
articles, pornography/child pornography, etc.
 This is done using methods such as Phishing, Spoofing, Pharming, Internet Phishing, wire transfer,
etc. and use it to their own advantage without the consent of the individual.
c. “Phishing” refers to an attack using mail programs to deceive or coax (lure) Internet users into
disclosing confidential information that can be then exploited for illegal purposes.
d. Cyberspace
 “cyberspace” is where users mentally travel through matrices of data. Conceptually, “cyberspace”
is the “nebulous place” where humans interact over computer networks.
 The term “cyberspace” is now used to describe the Internet and other computer networks.
 In terms of computer science, “cyberspace” is a worldwide network of computer networks that
uses the Transmission Control Protocol/Internet Protocol (TCP/IP) for communication to facilitate
transmission and exchange of data.
 Cyberspace is most definitely a place where you chat, explore, research and play.
e. Cybersquatting
 The term is derived from “squatting” which is the act of occupying an abandoned space/ building
that the user does not own, rent or otherwise have permission to use.
 Cybersquatting, however, is a bit different in that the domain names that are being squatted are
(sometimes but not always) being paid for by the cybersquatters through the registration process.
 Cybersquatters usually ask for prices far greater than those at which they purchased it. Some
cybersquatters put up derogatory or defamatory remarks about the person or company thedomain is
meant to represent in an effort to encourage the subject to buy the domain from them.
 This term is explained here because, in a way, it relates to cybercrime given the intent of
cybersquatting.
 cybersquatting means registering, selling or using a domain name with the intent of profiting from
the goodwill of someone else’s trademark. In this nature, it can be considered to be a type of
cybercrime.
 Cybersquatting is the practice of buying “domain names” that have existing businesses names.
f. Cyberpunk
 According to science fiction literature, the words “cyber” and “punk5 ” emphasize the two basic
aspects of cyberpunk: “technology” and “individualism.”
 The term “cyberpunk” could mean something like “anarchy6 via machines” or “machine/computer
rebel movement.”
g. Cyberwarfare
 Cyberwarfare means information attacks against an unsuspecting opponent’s computer networks,
destroying and paralyzing nations.
 This perception seems to be correct as the terms cyberwarfare and cyberterrorism have got
historical connection in the context of attacks against infrastructure.
 The term “information infrastructure” refers to information resources, including communication
systems that support an industry, institution or population.

3
 CYBERSECURITY-UNIT1

 These type of Cyberattacks are often presented as threat to military forces and the Internet has
major implications for espionage and warfare.

1.3. Cybercrime and Information Security

 Lack of information security gives rise to cybercrimes.
 Let us refer to the amended Indian Information Technology Act (ITA) 2000 in the context of
cybercrime.
 From an Indian perspective, the new version of the Act (referred to as ITA 2008) provides a new
focus on “Information Security in India.”
 “Cybersecurity” means protecting information, equipment, devices, computer, computer resource,
communication device and information stored therein from unauthorized access, use, disclosure,
disruption, modification or destruction.
 The term incorporates both the physical security of devices as well as the information stored
therein.
 It covers protection from unauthorized access, use, disclosure, disruption, modification and
destruction.
 Where financial losses to the organization due to insider crimes are concerned (e.g., leaking
customer data), often some difficulty is faced in estimating the losses because the financial impacts
may not be detected by the victimized organization and no direct costs may be associated with the
data theft.
 The 2008 CSI Survey on computer crime and security supports this.
 Cybercrimes occupy an important space in information security domain because of their impact.
 The other challenge comes from the difficulty in attaching a quantifiable monetary value to the
corporate data and yet corporate data get stolen/lost (through loss/theft of laptops).
 Because of these reasons, reporting of financial losses often remains approximate.
 In an attempt to avoid negative publicity, most organizations abstain from revealing facts and
figures about “security incidents” including cybercrime.
 In general, organizations perception about “insider attacks” seems to be different than that made
out by security solution vendor.
 However, this perception of an organization does not seem to be true as revealed by the 2008 CSI
Survey. Awareness about “data privacy” too tends to be low in most organizations.
 When we speak of financial losses to the organization and significant insider crimes, such as
leaking customer data, such “crimes” may not be detected by the victimized organization and no
direct costs may be associated with the theft
 Typical network misuses are
 Internet radio/streaming audio,
 streaming video,
 file sharing,
 instant messaging
 online gaming
 Online gambling is illegal in some countries – for example, in India.

4
 CYBERSECURITY-UNIT1

1.4. Who are Cybercriminals?

 Cybercrime involves such activities
 credit card fraud;  cyberstalking;  defaming another online;  gaining unauthorized access to
computer systems;  ignoring copyright, software licensing and trademark protection;  overriding
encryption to make illegal copies;  software piracy and stealing another’s identity (known as
identity theft) to perform criminal acts Cybercriminals are those who conduct such acts.

 Types of Cybercriminals
1. Type I: Cybercriminals – hungry for recognition
• Hobby hackers; • IT professionals (social engineering is one of the biggest threat); • Politically
motivated hackers; • Terrorist organizations.
2. Type II: Cybercriminals – not interested in recognition
• Psychological perverts; • financially motivated hackers (corporate espionage);
3. Type III: Cybercriminals – the insiders
• Disgruntled or former employees seeking revenge; • Competing companies using employees to
gain economic advantage through damage and/or theft.

1.5. Classifications of Cybercrimes

“Crime is defined as “an act or the commission of an act that is forbidden, or the omission of a duty
that is commanded by a public law and that makes the off ender liable to punishment by that law”
Cybercrimes are classified as follows:

1. Cybercrime against individual

a. Electronic mail (E-Mail ) Spoofing and other online frauds:
 A spoofed E-Mail is one that appears to originate from one source but actually has been sent from
another source.
 For example, let us say, Roopa has an E-Mail address [email protected]. Let us say her
boyfriend Suresh and she happen to have a show down. Then Suresh, having become her enemy,
spoofs her E-Mail and sends vulgar messages to all her acquaintances. Since the E-Mails appear to
have originated from Roopa, her friends could take offense and relationships could be spoiled for
life.
b. Online Frauds
 Online Scams.
There are a few major types of crimes under the category of hacking:
 Spoofing website and E-Mail security alerts, false mails about virus threats, lottery frauds and
Spoofing.
 In Spoofing websites and E-Mail security threats, fraudsters create authentic looking websites that
are actually nothing but a spoof.
 The purpose of these websites is to make the user enter personal information which is then used to
access business and bank accounts.
 Fraudsters are increasingly turning to E-Mail to generate traffic to these websites.
 This kind of online fraud is common in banking and financial sector.

5
 CYBERSECURITY-UNIT1

 There is a rise in the number of financial institutions’ customers who receive such EMails which
usually contain a link to a spoof website and mislead users to enter user ids and passwords on the
pretence that security details can be updated or passwords changed.
 It is wise to be alert and careful about E-Mails containing an embedded link, with a request for you
to enter secret details. It is strongly recommended not to input any sensitive information that might
help criminals to gain access to sensitive information, such as bank account details, even if the page
appears legitimate.
 In virus E-Mails, the warnings may be genuine, so there is always a dilemma whether to take them
lightly or seriously.
 A wise action is to first confirm by visiting an antivirus site such as McAfee, Sophos or Symantec
before taking any action, such as forwarding them to friends and colleagues.
c. Phishing,
Spear Phishing and its various other forms such as Vishing and Smishing
 “Phishing” refers to an attack using mail programs to deceive or coax (lure) Internet users into
disclosing confidential information that can be then exploited for illegal purposes.
 “Spear Phishing” is a method of sending a Phishing message to a particular organization to gain
organizational information for more targeted social engineering. Here
 “Vishing” is the criminal practice of using social engineering over the telephone system, most
often using features facilitated by VoIP, to gain access to personal and financial information from the
public for the purpose of financial reward. o The term is a combination of V – voice and Phishing
o Vishing is usually used to steal credit card numbers or other related data used in ID theft
schemes from individuals.
o The most profitable uses of the information gained through a Vishing attack include:1.ID
theft; 2. purchasing luxury goods and services; 3. transferring money/funds; 4. monitoring the
victims’ bank accounts; 5. making applications for loans and credit cards.
 “Smishing” is a criminal offense conducted by using social engineering techniques similar to
Phishing. The name is derived from “SMS PhISHING.” SMS – Short Message Service – is the text
messages communication component dominantly used into mobile phones.
d. Spamming:
 People who create electronic Spam are called spammers.
 Spam is the abuse of electronic messaging systems (including most broadcast media, digital
delivery systems) to send unrequested bulk messages indiscriminately.
 Although the most widely recognized form of Spam is E-Mail Spam, the term is applied to similar
abuses in other media:  instant messaging Spam,  Usenet newsgroup Spam,  web search engine
Spam,  Spam in blogs,  wiki Spam,  online classified ads Spam,  mobile phone messaging
Spam,  Internet forum Spam,  junk fax transmissions,  social networking Spam,  file sharing
network Spam,  video sharing sites, etc.
 Spamming is difficult to control because it has economic viability – advertisers have no operating
costs beyond the management of their mailing lists, and it is difficult to hold senders accountable for
their mass mailings.
 Spammers are numerous; the volume of unrequested mail has become very high because the barrier
to entry is low.

6
 CYBERSECURITY-UNIT1

 The costs, such as lost productivity and fraud, are borne by the public and by Internet service
providers (ISPs), who are forced to add extra capacity to cope with the deluge.
 Spamming is widely detested, and has been the subject of legislation in many jurisdictions – for
example, the CAN-SPAM Act of 2003.
 Therefore, the following web publishing techniques should be avoided:
1. Repeating keywords;
2. use of keywords that do not relate to the content on the site;
3. use of fast meta refresh;
4. redirection;
5. IP Cloaking;
6. use of colored text on the same color background;
7. tiny text usage;
8. duplication of pages with different URLs;
9. hidden links;
10. use of different pages that bridge to the same URL (gateway pages).
e. Cyber defamation:
 Cyber defamation is a Software offense.
 Let us first understand what the term entails. CHAPTER XXI of the Indian Penal Code (IPC) is
about DEFAMATION. In Section 499 of CHAPTER XXI of IPC, regarding “defamation” there is a
mention that “Whoever, by words either spoken or intended to be read, or by signs or by visible
representations, makes or publishes any imputation concerning any person intending to harm, or
knowing or having reason to believe that such imputation will harm, the reputation of such person, is
said, except in the cases hereinafter expected, to defame that person.”
 Cyberdefamation happens when the above takes place in an electronic form.
 In other words, “cyberdefamation” occurs when defamation takes place with the help of computers
and/or the Internet,
 for example, someone publishes defamatory matter about someone on a website or sends an E-Mail
containing defamatory information to all friends of that person. According to the IPC Section 499: 1.
It may amount to defamation to impute anything to a deceased person, if the imputation wouldharm
the reputation of that person if living, and is intended to be hurtful to the feelings of his family or
other near relatives.
f. Cyberstalking and harassment:
 The dictionary meaning of “stalking” is an “act or process of following prey stealthily – trying to
approach somebody or something.”
 Cyberstalking has been defined as the use of information and communications technology,
particularly the Internet, by an individual or group of individuals to harass another individual, group
of individuals, or organization.
 The behavior includes false accusations, monitoring, transmission of threats, ID theft, damage to
data or equipment, solicitation of minors for sexual purposes, and gathering information for
harassment purposes.

7
 CYBERSECURITY-UNIT1

g. Computer sabotage:
 The use of the Internet to stop the normal functioning of a computer system through the
introduction of worms, viruses or logic bombs, is referred to as computer sabotage.
 It can be used to gain economic advantage over a competitor, to promote the illegal activities of
terrorists or to steal data or programs for extortion purposes.
 Logic bombs are event-dependent programs created to do something only when a certain event
(known as a trigger event) occurs.
 Some viruses may be termed as logic bombs because they lie dormant all through the year and
become active only on a particular date
h. Pornographic offenses:
 “Child pornography” means any visual depiction, including but not limited to the following: 1. Any
photograph that can be considered obscene and/or unsuitable for the age of child viewer; 2. film,
video, picture;
3. computer-generated image or picture of sexually explicit conduct where the production of such
visual depiction involves the use of a minor engaging in sexually explicit conduct.
 the Internet has become a household commodity in the urban areas of the nation. Its explosion has
made the children a viable victim to the cybercrime.
 As the broad-band connections get into the reach of more and more homes, larger child population
will be using the Internet and therefore greater would be the chances of falling victim to the
aggression of pedophiles.
 “Pedophiles” a person who is sexually attracted to children.
i. Password sniffing:
 This also belongs to the category of cybercrimes against organization because the use of password
could be by an individual for his/her personal work or the work he/she is doing using a computer that
belongs to an organization.

2. Cybercrime against property

a. Credit card frauds:
 Information security requirements for anyone handling credit cards have been increased
dramatically recently.
 Millions of dollars may be lost annually by consumers who have credit card and calling card
numbers stolen from online databases.
 Security measures are improving, and traditional methods of law enforcement seem to be sufficient
for prosecuting the thieves of such information. Bulletin boards and other online services are
frequent targets for hackers who want to access large databases of credit card information.
 Such attacks usually result in the implementation of stronger security systems.
 Security of cardholder data has become one of the biggest issues facing the payment card industry.
Payment Card Industry Data Security Standard (PCI-DSS) is a set of regulations developed jointly
by the leading card schemes to prevent cardholder data theft and to help combat credit card fraud.
b. Intellectual property (IP) crimes:
Basically, IP crimes include • software piracy, • copyright infringement, • trademarks violations, •
theft of computer source code, etc.

8
 CYBERSECURITY-UNIT1

c. Internet time theft:

 Such a theft occurs when an unauthorized person uses the Internet hours paid for by another
person.
 Basically, Internet time theft comes under hacking because the person who gets access to someone
else’s ISP user ID and password, either by hacking or by gaining access to it by illegal means, uses it
to access the Internet without the other person’s knowledge.
 However, one can identify time theft if the Internet time has to be recharged often, even when
one’s own use of the Internet is not frequent.
 The issue of Internet time theft is related to the crimes conducted through “identity theft.”

3. Cybercrime against organization

a. Unauthorized accessing of computer:
Hacking is one method of doing this and hacking is a punishable offense
b. Password sniffing:
• Password Sniffers are programs that monitor and record the name and password of network users
as they login, jeopardizing security at a site.
• Whoever installs the Sniffer can then impersonate an authorized user and login to access restricted
documents.
• Laws are not yet set up to adequately prosecute a person for impersonating another person online.
• Laws designed to prevent unauthorized access to information may be effective in apprehending
crackers using Sniffer programs.
c. Denial-of-service attacks (known as DoS attacks):
• The goal of DoS is not to gain unauthorized access to systems or data, but to prevent intended users
(i.e., legitimate users) of a service from using it.
A DoS attack may do the following:
1. Flood a network with traffic, thereby preventing legitimate network traffic.
2. Disrupt connections between two systems, thereby preventing access to a service.
3. Prevent a particular individual from accessing a service.
4. Disrupt service to a specifi c system or person.
d. Virus attacks:
 Virus attacks can be used to damage the system to make the system unavailable
 Computer virus is a program that can “infect” legitimate (valid) programs by modifying them to
include a possibly “evolved” copy of itself.
 Viruses spread themselves, without the knowledge or permission of the users, to potentially large
numbers of programs on many machines.
 A computer virus passes from computer to computer in a similar manner as a biological virus
passes from person to person.
 Viruses may also contain malicious instructions that may cause damage or annoyance; the
combination of possibly Malicious Code with the ability to spread is what makes viruses a
considerable concern. Viruses can often spread without any readily visible symptoms.
e. E-Mail bombing/mail bombs:

9
 CYBERSECURITY-UNIT1

• E-Mail bombing refers to sending a large number of E-Mails to the victim to crash victim’s E-Mail
account (in the case of an individual) or to make victim’s mail servers crash (in the case of a
company or an E-Mail service provider).
• Computer program can be written to instruct a computer to do such tasks on a repeated basis. In
recent times, terrorism has hit the Internet in the form of mail bombings.
• By instructing a computer to repeatedly send E-Mail to a specified person’s E-Mail address, the
cybercriminal can overwhelm the recipient’s personal account and potentially shut down entire
systems. This may or may not be illegal, but it is certainly disruptive.
f. Salami attack/Salami technique:
 These attacks are used for committing financial crimes.
 The idea here is to make the alteration so insignificant that in a single case it would go completely
unnoticed;
 for example a bank employee inserts a program, into the bank’s servers, that deducts a small
amount of money from the account of every customer.
 No account holder will probably notice this unauthorized debit, but the bank employee will make a
sizable amount every month.
g. Logic bomb:
 Logic bombs are event-dependent programs created to do something only when a certain event
(known as a trigger event) occurs.
 Some viruses may be termed as logic bombs because they lie dormant all through the year and
become active only on a particular date
h. Trojan Horse:
 Trojan Horses: A Trojan Horse, Trojan for short, is a term used to describe malware that appears,
to the user, to perform a desirable function but, in fact, facilitates unauthorized access to the user’s
computer system
i. Data diddling:
 A data diddling (data cheating) attack involves altering raw data just before it is processed by a
computer and then changing it back after the processing is completed.  Electricity Boards in India
have been victims to data diddling programs inserted when private parties computerize their systems.
j. Crimes emanating from Usenet newsgroup:
 As explained earlier, this is one form of spamming. The word “Spam” was usually taken to mean
Excessive Multiple Posting (EMP).
 The advent of Google Groups, and its large Usenet archive, has made Usenet more attractive to
spammers than ever.
 Spamming of Usenet newsgroups actually predates E-Mail Spam.
 Bot Serdar Argic also appeared in early 1994, posting tens of thousands of messages to various
newsgroups, consisting of identical copies of a political screed relating to the Armenian Genocide.
k. Industrial spying/industrial espionage:
 Spying is not limited to governments. Corporations, like governments, often spy on the enemy.
 The Internet and privately networked systems provide new and better opportunities for espionage.
 “Spies” can get information about product finances, research and development and marketing
strategies, an activity known as “industrial spying.”

10
 CYBERSECURITY-UNIT1

 However, cyberspies rarely leave behind a trail.

 Industrial spying is not new; in fact it is as old as industries themselves. The use of the Internet to
achieve this is probably as old as the Internet itself.
 Traditionally, this has been the reserved hunting field of a few hundreds of highly skilled hackers,
contracted by high-profile companies or certain governments via the means of registered
organizations (it is said that they get several hundreds of thousands of dollars, depending on the
“assignment”).
 With the growing public availability of Trojans and Spyware material, even low-skilled individuals
are now inclined to generate high volume profit out of industrial spying.
 This is referred to as “Targeted Attacks” (which includes “Spear Phishing”).
l. Computer network intrusions:
 “Crackers” who are often misnamed “Hackers can break into computer systems from anywhere in
the world and steal data, plant viruses, create backdoors, insert Trojan Horses or change user names
and passwords.
 Network intrusions are illegal, but detection and enforcement are difficult.
 Current laws are limited and many intrusions go undetected.
 The cracker can bypass existing password protection by creating a program to capture logon IDs
and passwords.
 The practice of “strong password” is therefore important.
m. Software piracy :
 This is a big challenge area indeed.
 Cybercrime investigation cell of India defines “software piracy” as theft of software through the
illegal copying of genuine programs or the counterfeiting and distribution of products intended to
pass for the original.
 There are many examples of software piracy: o end-user copying – friends loaning disks to each
other, or organizations underreporting the number of software installations they have made, or
organizations not tracking their software licenses; o hard disk loading with illicit means – hard disk
vendors load pirated software; o counterfeiting – large-scale duplication and distribution of illegally
copied software; o illegal downloads from the Internet – by intrusion, by cracking serial numbers,
etc.
Beware that those who buy pirated software have a lot to lose:
(a) getting untested software that may have been copied thousands of times over,
(b) the software, if pirated, may potentially contain hard-drive-infecting viruses,
(c) there is no technical support in the case of software failure, that is, lack of technical product
support available to properly licensed users,
(d) there is no warranty protection,
(e) there is no legal right to use the product, etc.

4. Cybercrime against Society

a. Forgery
 Counterfeit currency notes, postage and revenue stamps, marksheets, etc. can be forged using
sophisticated computers, printers and scanners.

11
 CYBERSECURITY-UNIT1

 Outside many colleges there are miscreants soliciting the sale of fake mark-sheets or even degree
certificates.
 These are made using computers and high quality scanners and printers. In fact, this is becoming a
booming business involving large monetary amount given to student gangs in exchange for these
bogus but authentic looking certificates.
b. Cyberterrorism:
Cyberterrorism is defined as “any person, group or organization who, with terrorist intent, utilizes
accesses or aids in accessing a computer or computer network or electronic system or electronic
device by any available means, and thereby knowingly engages in or attempts to engage in a terrorist
act commits the offence of cyberterrorism.”
c. Web jacking:
 Web jacking occurs when someone forcefully takes control of a website (by cracking the password
and later changing it).
 Thus, the first stage of this crime involves “password sniffing.”
 The actual owner of the website does not have any more control over what appears on that website.
5. Crimes emanating from Usenet newsgroup:
 By its very nature, Usenet groups may carry very off ensive, harmful, inaccurate or otherwise
inappropriate material, or in some cases, postings that have been mislabeled or are deceptive in
another way. Therefore, it is expected that you will use caution and common sense and exercise
proper judgment when using Usenet, as well as use the service at your own risk
.  Usenet is a popular means of sharing and distributing information on the Web with respect to
specific topic or subjects
.  Usenet is a mechanism that allows sharing information in a many-to-many manner.
 The newsgroups are spread across 30,000 different topics.  In principle, it is possible to prevent
the distribution of specific newsgroup.
 In reality, however, there is no technical method available for controlling the contents of any
newsgroup.
 It is merely subject to self-regulation and net etiquette.
 It is feasible to block specific newsgroups, however, this cannot be considered as a definitive
solution to illegal or harmful content.
 It is possible to put Usenet to following criminal use:
1. Distribution/sale of pornographic material;
2. distribution/sale of pirated software packages;
3. distribution of hacking software;
4. sale of stolen credit card numbers.
5. sale of stolen data/stolen property.

1.6 Other cybercrime forms

1.6.1 Hacking
 Although the purposes of hacking are many, the main ones are as follows: 1. Greed; 2. power; 3.
publicity; 4. revenge; 5. adventure; 6. desire to access forbidden information; 7. destructive mindset.

12
 CYBERSECURITY-UNIT1

 Every act committed toward breaking into a computer and/or network is hacking and it is an
offense.
 Hackers write or use ready-made computer programs to attack the target computer.
 They possess the desire to destruct and they get enjoyment out of such destruction.
 Some hackers hack for personal monetary gains, such as stealing credit card information,
transferring money from various bank accounts to their own account followed by withdrawal of
money.
 They extort money from some corporate giant threatening him to publish the stolen information
that is critical in nature.
 Government websites are hot on hackers’ target lists and attacks on Government websites receive
wide press coverage.
 For example, according to the story posted on December 2009, the NASA site was hacked via SQL
Injection
 Hackers, crackers and phrackers are some of the oft-heard terms.
 The original meaning of the word “hack” meaning an elegant, witty or inspired way of doing
almost anything originated at MIT.
 The meaning has now changed to become something associated with the breaking into or harming
of any kind of computer or telecommunications system.
 Some people claim that those who break into computer systems should ideally be called “crackers”
and those targeting phones should be known as “phreaks”
1.6.2 Identity Theft
 Identity theft is a fraud involving another person’s identity for an illicit purpose.
 This occurs when a criminal uses someone else’s identity for his/her own illegal purposes.
 Phishing and identity theft are related offenses
 Examples include fraudulently obtaining credit, stealing money from the victim’s bank accounts,
using the victim’s credit card number
1.6.3 Spam in Cyberworld
 Basically, “Spam” is the abuse of electronic messaging systems to send unsolicited bulk messages
indiscriminately.
 Although the most widely recognized form of Spam is E-Mail Spam, this term is applied to similar
abuses in other media:
o instant messaging Spam, o Usenet newsgroup Spam, o web search engine Spam, o Spam in blogs,
o wiki Spam, o online classified ads Spam, o mobile phone messaging Spam, o Internet forum Spam,
o junk fax transmissions o file sharing network Spam.
 Spam is caused by flooding the Internet with many copies of the same message, in an attempt to
force the message on people who would not otherwise choose to receive it.
 Often, this may result in the notorious DoS attack.
 Commercial advertising often happens to be the cause of Spam. Such advertisements are often for
products of dubious reputation and fraud schemes meant to make people believe they can get rich
overnight!
 Some Spam may also get generated through quasi-legal services.

13
 CYBERSECURITY-UNIT1

 Spam hardly costs much to the sender; most of the costs are paid for by the recipient or the carriers
rather than by the sender.
 People who engage in the activity of electronic Spam are called spammers.
 Two main types of Spam are worth mentioning:
o “cancellable Usenet Spam” in which a single message is sent to several Usenet newsgroups
and
o “E-Mail Spam” which targets individual users with direct mail messages.
 Often, spammers create E-Mail Spam lists by scanning Usenet postings, by stealing Internet
mailing lists or searching the Web for addresses.
 Typically, it costs money to users if they receive E-Mail Spam.
 Any person with measured phone service can read or receive their mail.
 Spam does not cost much to people.
 Spam does, however, cost money to ISPs and to online service providers to transmit Spam.
Unfortunately, subscribers end up paying these costs because the costs are transmitted directly to
subscribers.

1.8. Cybercrime and the Indian ITA 2000

 In India, the ITA 2000 was enacted after the United Nation General Assembly Resolution
A/RES/51/162 in January 30, 1997 by adopting the Model Law on Electronic Commerce adopted by
the United Nations Commission on International Trade Law.
 This was the first step toward the Law relating to E-Commerce at international level to regulate an
alternative form of commerce and to give legal status in the area of E-Commerce.  It was enacted
taking into consideration UNICITRAL model of Law on Electronic Commerce (1996). 8.1 Hacking
and the Indian Law(s)
 Cybercrimes are punishable under two categories: the ITA 2000 and the IPC
 A total of 207 cases of cybercrime were registered under the IT Act in 2007 compared to 142
cases registered in 2006. Under the IPC too, 339 cases were recorded in 2007 compared to 311 cases
in 2006.
 There are some noteworthy provisions under the ITA 2000, which is said to be undergoing key
changes very soon.

1.9. A Global Perspective on Cybercrimes

 In Australia, cybercrime has a narrow statutory meaning as used in the Cyber Crime Act 2001,
which details offenses against computer data and systems.
 However, a broad meaning is given to cybercrime at an international level.
 In the Council of Europe’s (CoE’s) Cyber Crime Treaty, cybercrime is used as an umbrella term to
refer to an array of criminal activity including o offenses against computer data and systems, o
computer-related offenses, o content offenses and copyright offenses.
 This wide definition of cybercrime overlaps in part with general offense categories that need not be
Information & Communication Technology (ICT)-dependent, such as white-collar crime and
economic crime.

14
 CYBERSECURITY-UNIT1

 Although this status is from the International Telecommunication Union (ITU) survey conducted in
2005, we get an idea about the global perspective.
 ITU activities on countering Spam can be read by visiting the link www.itu.int/spam (8 May 2010).
 The Spam legislation scenario mentions “none” about India as far as E-Mail legislation in India is
concerned.
 The legislation refers to India as a “loose” legislation, although there is a mention in Section 67 of
Indian ITA 2000.
 About 30 countries have enacted some form of anti-Spam legislation.
 There are also technical solutions by ISPs and end-users.
 However, in spite of this, so far there has been no significant impact on the volume of Spam with
spammers sending hundreds of millions of messages per day.
 The growing phenomenon is the use of Spam to support fraudulent and criminal activities –
including attempts to capture financial information (e.g., account numbers and passwords) by
masquerading messages as originating from trusted companies (“brand-spoofi ng” or “Phishing”) –
and as a vehicle to spread viruses and worms.
 On mobile networks, a peculiar problem is that of sending of bulk unsolicited text messages aimed
at generating traffic to premium-rate numbers. As there are no national “boundaries” to such crimes
under cybercrime realm, it requires international cooperation between those who seek to enforce
anti-Spam laws.
 Thus, one can see that there is a lot to do toward building confidence and security in the use of
ICTs and moving toward international cooperation agenda.
 This is because in the 21st century, there is a growing dependency on ICTs that span the globe.
 There was a rapid growth in ICTs and dependencies that led to shift in perception of cybersecurity
threats in mid-1990s.
 The linkage of cybersecurity and critical infrastructure protection has become a big issue as a
number of countries have began assessment of threats, vulnerabilities and started exploring
mechanisms to redress them. Recently, there have been a number of significant developments such
as
1. August 4, 2006 Announcement: The US Senate ratifies CoE Convention on Cyber Crime. The
convention targets hackers, those spreading destructive computer viruses those using the Internet for
the sexual exploitation of children or the distribution of racist material, and terrorists attempting to
attack infrastructure facilities or financial institutions. The Convention is in full accord with all the
US constitutional protections, such as free speech and other civil liberties, and will require no change
to the US laws.
2. In August 18, 2006, there was a news article published “ISPs Wary About ‘Drastic Obligations’
on Web Site Blocking.” European Union (EU) officials want to debar suspicious websites as part of
a 6-point plan to boost joint antiterrorism activities. They want to block websites that incite terrorist
action. Once again it is underlined that monitoring calls, Internet and E-Mail traffi c for law
enforcement purposes is a task vested in the government, which must reimburse carriers and
providers for retaining the data.

15
 CYBERSECURITY-UNIT1

3. CoE Cyber Crime Convention (1997–2001) was the first international treaty seeking to address
Internet crimes by harmonizing national laws, improving investigative techniques and increasing
cooperation among nations More than 40 countries have ratified the Convention to date.
 One wonders as to what is the role of business/private sector in taking up measures to prevent
cybercrime and toward responsibilities and role related to the ownership of information and
communication infrastructures. Effective security requires an in-depth understanding of the various
aspects of information and communication networks. Therefore, private sector’s expertise should be
increasingly involved in the development and implementation of a country’s cybersecurity strategy.

1.6. Cybercrime: The Legal Perspectives

 Cybercrime poses a biggest challenge.
 Computer Crime: As per “Criminal Justice Resource Manual (1979)”, computer-related crime was
defined in the broader meaning as: “any illegal act for which knowledge of computer technology is
essential for a successful prosecution”.
 International legal aspects of computer crimes were studied in 1983.
 In that study, computer crime was consequently defined as: “encompasses any illegal act for which
knowledge of computer technology is essential for its commit”.
 Cybercrime, in a way, is the outcome of “globalization.” However, globalization does not mean
globalized welfare at all.
 Globalized information systems accommodate an increasing number of transnational offenses.
 The network context of cybercrime makes it one of the most globalized offenses of the present and
the most modernized threats of the future.
 This problem can be resolved in two ways.
 One is to divide information systems into segments bordered by state boundaries
(cross-border flow of information).
 The other is to incorporate the legal system into an integrated entity obliterating these
state boundaries.
 Apparently, the first way is unrealistic. Although all ancient empires including Rome, Greece and
Mongolia became historical remnants, and giant empires are not prevalent in current world, the
partition of information systems cannot be an imagined practice.
 In a globally connected world, information systems become the unique empire without tangible
territory.

1.7. Cybercrimes: An Indian Perspective

 India has the fourth highest number of Internet users in the world.
 According to the statistics posted on the site (http://www.iamai.in/), there are 45 million Internet
users in India, 37% of all Internet accesses happen from cybercafes and 57% of Indian Internet users
are between 18 and 35 years.
 The population of educated youth is high in India.
 It is reported that compared to the year 2006, cybercrime under the Information Technology (IT)
Act recorded a whopping 50% increase in the year 2007.
 A point to note is that the majority of off enders were under 30 years.

16
 CYBERSECURITY-UNIT1

 The maximum cybercrime cases, about 46%, were related to incidents of cyberpornography,
followed by hacking. In over 60% of these cases, offenders were between 18 and 30 years, according
to the “Crime in 2007” report of the National Crime Record Bureau (NCRB).
 Box 1.6 shows the Indian Statistics on cybercrimes.
 The Indian Government is doing its best to control cybercrimes.
 For example, Delhi Police have now trained 100 of its officers in handling cybercrime and placed
them in its Economic Offences Wing.
 As at the time of writing this, the officers were trained for 6 weeks in computer hardware and
software, computer networks comprising data communication networks, network protocols, wireless
networks and network security.

1.9.1 Cybercrime and the Extended Enterprise

 It is a continuing problem that the average user is not adequately educated to understand the
threats and how to protect oneself.
 Actually, it is the responsibility of each user to become aware of the threats as well as the
opportunities that “connectivity” and “mobility” presents them with.
 In this context, it is important to understand the concept of “extended enterprise.” This term below
Figure represents the concept that a company is made up not just of its employees, its board members
and executives, but also its business partners, its suppliers and even its customers.
The extended enterprise can only be successful if all of the component groups and individuals have
the information they need in order to do business effectively.
 An extended enterprise is a “loosely coupled, self-organizing network” of firms that combine their
economic output to provide “products and services” offerings to the market.
 Firms in the extended enterprise may operate independently, for example, through market
mechanisms or cooperatively through agreements and contracts.
 Seamless flow of “information” to support instantaneous “decision-making ability” is crucial for
the “external enterprise.”
 This becomes possible through the “interconnectedness.”
 Due to the interconnected features of information and communication technologies, security
overall can only be fully promoted when the users have full awareness of the existing threats and
dangers.
 Governments, businesses and the international community must, therefore, proactively help users’
access information on how to protect themselves.
 Given the promises and challenges in the extended enterprise scenario, organizations in the
international community have a special role in sharing information on good practices, and creating
open and accessible enterprise information flow channels for exchanging of ideas in a collaborative
manner. International cooperation at the levels of government, industry, consumer, business and
technical groups to allow a global and coordinated approach to achieving global cybersecurity is the
key.

17
CYBERSECURITY-UNIT1

18