A HANDBOOK ON

CYBER SECURITY
 Table of Contents
Chapter No Topic Page No.

1 INTRODUCTION 1
1.1 Cyber Security - Introduction 2
1.1.1 Definition of Cyber Security 2
1.1.2 Why Cyber Security is important? 2
1.1.3 Layers of Cyber Security 3
1.1.4 Evolution of Cyber Security 4
1.2 Cyber Hacking 5
1.2.1 Introduction 5
1.2.2 Nature and Character of Hackers 6
1.2.3 Types of Hacking 6
1.2.4 Behaviour of Hackers 7
1.2.5 Essential Elements of Hacking 8
1.3 Cyber Fraud 9
1.3.1 Definition 9
1.3.2 Different Modes of Cyber Fraud 9
1.3.3 Cyber Frauds in India 10
1.4 Cyber Pornography 14
1.4.1 Criminalization of Cyber Pornography 15
1.4.2 Measures to Curb Cyber Pornography 15
1.4.3 Legislative Approach in India to Prevent and Control 16
Child Pornography
2 CYBER TERRORISM 19
2.1 Definition 20
2.2 Modes of Cyber Terrorism 20
2.2.1 Attack on National Security 20
2.2.2 Cyber Terrorism is the Forerunner of Warfare 20
2.2.3 International Cyber Terrorist Attack 20
2.2.4 Network to Send Terror Messages 20
 2.2.5 Digital Signature System 20
2.2.6 Flowing Worm 21
2.2.7 Cyber Theft 21
2.3 What Is Cybercrime? 21
2.3.1 Definition 21
2.3.2 Cyber Warfare 21
2.3.3 Computer related Crimes 21
2.4 Cybercrime Preventive Methods 22
2.4.1 Preventive Steps for Individuals 23
2.4.1.1 Children 23
2.4.1.2 Parents 23
2.4.1.3 General Information 23
2.4.2 Preventive Steps for Organizations 23
2.4.2.1 Physical Security 24
2.4.2.2 Access Control 24
2.4.2.3 Password 24
2.4.2.4 Using Network Scanning Programs 25
2.4.2.5 Using Intrusion Alert Programs 25
2.4.2.6 Using Encryption 25
2.4.3 Kinds of Cyber Crime 26
2.4.3.1 Cyber Stalking 26
2.4.3.2 Child Pornography 26
2.4.3.3 Forgery and Counterfeiting 26
2.4.3.4 Software Piracy and Crime related to IPRs 26
2.4.3.5 Cyber Terrorism 27
2.4.3.6 Phishing 27
2.4.3.7 Computer Vandalism 27
2.4.3.8 Computer Hacking 27
2.4.3.9 Creating and distributing viruses over internet 27
2.4.3.10 Spamming 27
2.4.3.11 Online Auction Fraud 27
2.4.3.12 Cyber Squatting 28
2.4.3.13 Web Jacking 28
 2.4.3.14 Data Diddling 28
2.2.3.15 Email Spoofing 28
2.4.4 Malware and its Types 28
2.4.4.1 Adware 28
2.4.4.2 Spyware 28
2.4.4.3. Browser Hijacking Software 29
2.4.4.4. Virus 29
2.4.4.5. Worms 29
2.4.4.6. Trojan Horse 29
2.4.4.7. Scareware 29
2.4.4.8. Ransomeware 29
2.4.4.9. Malspam 30
2.4.4.10 Malvertising 30
2.5 Cyber Attacks 30
2.5.1 Web-Based Attacks 30
2.5.1.1 Injection attacks 31
2.5.1.2 DNS Spoofing 31
2.5.1.3 Session Hijacking 31
2.5.1.4 Phishing 31
2.5.1.5 Brute Force 31
2.4.1.6 Denial of Service 31
2.5.1.7 Dictionary Attacks 31
2.5.2 System-Based Attacks 32
2.5.2.1 Virus 32
2.5.2.2 Worm 32
2.5.2.3 Trojan Horse 32
2.5.2.4.Backdoors 32
2.5.2.5. Bots 32
2.5.3 Active Attacks 32
2.5.3.1 Masquerade 32
2.5.3.2 Session Replay 33
2.5.3.3 Message Modification 33
2.5.3.4 Denial of Service (DoS) 33
 2.5.3.5 Distributed Denial-of-Service (DDoS) 33
2.5.4 Passive Attacks 33
2.5.4.1 Eavesdropping (tapping) 33
2.5.4.2 Traffic Analysis 33
INTERNET MOBILE PHONE AND E-COMMERCE 34
3
SECURITY ISSUES
3.1 Data Theft 35
3.2 Punishment for Data Theft 35
3.3 Theft of Internet Hours 36
3.4 Internet safety Tips for Children & Parents 36
3.4.1. Internet Safety Tips for Children 36
3.4.2. Internet Safety Tips for Parents 37
3.5 Mobile Phone Privacy 38
3.5.1 How does a mobile phone network works? 39
3.5.2 Why is Mobile device security Important? 39
3.5.3 What are the benefits of mobile device security? 39
3.5.4 Technical aspects of privacy of mobile phone 39
3.5.5 Threats and risk to privacy of phone user 41
3.6 E Commerce Security Issues 43
3.6.1 OWASP (Open Web Security Project) Top Ten 44
3.6.2 E-commerce Website Security Measures to Cover you 24/7 46
3.6.3 Zero Trust Security 50
E-MAIL AND SOCIAL MEDIA ISSUES COMPUTER 53
4
VIRUS AND FIREWALL
4.1 E-mail and Social Media Issues 54
4.2 Aspects of social media 55
4.3 The Vicious Cycle of Unhealthy Social Media Use 56
4.4 Modifying social media use to improve mental health 57
4.5 Computer Virus 60
4.5.1 What does a Computer Virus Do? 61
4.5.2 How does a computer get a virus? 61
4.5.3 How do Computer Viruses spread? 62
4.5.4 How are Computer Viruses removed? 62
4.6 Antivirus 63
 4.6.1 Antivirus Software Types 63
4.6.2 How to Choose Antivirus Software 64
4.6.3 Why Should Users Update their Antivirus Software 64
Regularly
How does Antivirus work 64
4.7 Firewall 65
4.7.1 How Firewall works 65
4.7.2 Generation of Firewalls 66
4.7.3 Types of Firewalls 67
CYBER FORENSICS DIGITAL FOOTPRINTS AND 68
5
CYBER LAWS
5.1 Computer Forensic and Digital Evidence 69
5.2 What does a Digital Footprint mean ? 69
5.2.1 Active digital footprints 70
5.2.2 Passive digital footprints 70
5.3 5.3 Web Browing and digital footprints 70
5.3.1 Why do digital footprints matter 71
5.4 Digital Footprint Examples 71
5.5 How to Protect Your Digital Footprint 72
5.5.1 Use search engines to check your digital footprint 73
5.5.2 Reduce the number of information sources that mention 73
you
5.5.3 Limit the amount of data you share 73
5.5.4 Double-check your privacy settings 73
5.5.5 Avoid oversharing on social media 74
5.5.6 Avoid unsafe websites 74
5.5.7 Avoid disclosing private data on public Wi-Fi 74
5.5.8 Delete old accounts 74
5.5.9 Create strong passwords and use a password manager 74
5.5.10 Keep an eye on your medical records 74
5.5.11 Do not log in with Facebook 75
5.5.12 Keep software up to date 75
5.5.13 Review your mobile use 75
5.5.14 Think before you post 75
 5.5.15 Act fast after a breach 75
5.6 How To Erase Your Footprints 75
5.6.1 First, Identify the Reach of Your Digital Footprint 76
5.6.2 Delete or Deactivate Your Shopping/social media & Web 76
Service Accounts
5.6.3 Do Not Forget to Delete All the Cookies 77
5.6.4 Submit Google Listing Removal Requests 77
5.6.5 Eliminate Yourself from Data Collection Websites 77
5.6.6 Unsubscribe Yourself from Mailing Lists 77
5.6.7 Delete Forum Entries & Blog Posts 77
5.6.8 Enable Do Not Track Apps & Programs 77
5.6.9. Anti-Tracking Tools 78
5.6.10 Check If Your Information Has Been Compromised 78
Already
5.7 Browser Extensions and Search Engine Deletion 78
5.8 Cyber Crime and Cyber Laws 78
5.8.1 Introduction 78
5.8.2 Classifications of Cyber Crimes 79
5.8.2.1 Cyber Crimes against Persons 79
5.8.2.2 Crimes against Persons’ Property 79
5.8.2.3 Cybercrimes against Government 84
5.8.2.4 Cybercrimes Against Society at large 85
Common Cyber Crimes and Applicable Legal Provisions: A 86
5.9
Snapshot
5.10 Cyber Law (IT Law) In India 88
5.10.1 Introduction 88
5.10.2 What is the importance of Cyber Law? 88
5.11 The Information Technology Act of India, 2000 88
5.11.1 Some key points of the Information Technology (IT)Act 88
2000
5.12 Cyber Law and Punishment in India 89
5.13 Cyber Crime Prevention Guide to Users 92
5.14 Regulatory Authorities 93
 CHAPTER 1

INTRODUCTION

1
 UNIT - I
1. INTRODUCTION

 Introduction to Cyber Security

 Cyber Hacking
 Cyber Fraud
 Cyber Phonography

1.1 INTRODUCTION TO CYBER SECURITY

Cybersecurity is the protection of internet-connected systems such as hardware, software and
data from cyberthreats. This practice is used by individuals and enterprises to protect against
unauthorized access to data centers and other computerized systems. Since cyber threats and
attacks are overgrowing, Cyber security is the most important matter of concern, Attackers are
now using more sophisticated techniques to target the systems. Individuals, small-scale businesses
or large organization, are all being greatly impacted. So, all these firms whether IT or non-IT ,
have understood the importance of Cyber Security and started focusing on adopting all possible
measures to deal with cyber threats.
1.1.1 Definition of Cyber Security
Cyber security is the body of technologies, processes, and practices designed to protect networks,
computers, programs and data from attack, damage or unauthorized access. The term cyber
security refers to techniques and practices designed to protect digital data.
1.1.2 Why Cyber Security is important?
The following reasons explain clearly why cyber security is important in this predominant digital
world:
 It protects all data from theft and damage.
 To avoid Data leaks that could result in identity theft are now publicly posted on social media.
 Cyber-attacks can be extremely expensive for businesses to endure.
 In addition to financial damage suffered by the business, a data breach can
also inflict untold reputational damage.
 The Regulations such as GDPR are forcing organizations to take better care of their personal
data.

2
 Because of the above reasons, cyber security has become an important part of the business and
the focus now is on developing appropriate response plans that minimize the damage in the
event of a cyber-attack.
1.1.3 Layers of Cyber Security

The 7 layers of cyber security should centre on the mission critical assets you are seeking to
protect.
1. Mission Critical Assets – This is the data you need to protect.
2. Data Security – Data security controls protect the storage and transfer of
data.
3. Application Security – Applications security controls protect access to an
application, an application’s access to your mission critical assets, and the
internal security of the application.
4. Endpoint Security – Endpoint security controls protect the connection
between devices and the network.
5. Network Security – Network security controls protect an organization’s
network and prevent unauthorized access of the network.
6. Perimeter Security – Perimeter security controls include both the physical
and digital security methodologies that protect the business overall.

3
7. The Human Layer – Humans are the weakest link in any cyber security
posture. Human security controls include phishing simulations and access management
controls that protect mission critical assets from a wide variety of human threats, including cyber
criminals, malicious insiders, and negligent users.
1.1.4 Evolution of Cyber Security
In 1970, the world experienced its first “cyber attack” – What first started as a harmless joke, paved
the way for a new wave of criminality - cybercrime. Since then, attacks have become more
sophisticated with the use of malware, ransomware, and phishing attacks, among many others. In
fact, according to Security Magazine, today’s hackers attack computers with Internet access every
39 seconds on average.
Cyber security companies have evolved over the years to stay ahead of the cybercrime industry,
but in order for us to explore where the future of cyber security is headed, we must understand its
origins.
A History of Cyber attacks
A number of cyber attacks that have shaped the cybercrime industry are listed below:
Creeper and Reaper
In early 1970, Bob Thomas, BBN Technologies engineer wrote the first virus code to a program
that could move between computers and display a message once it landed. The message said, “I’m
the creeper: catch me if you can!”. In response to this ‘joke’, Thomas’ friend and coworker, Ray
Tomlinson, wrote another code that could not only move from computer to computer but could
duplicate itself as it traveled. This then eliminated the ‘Creeper’ and the new code became known
as the ‘Reaper’. A little more than an annoyance, Creeper and Reaper were the start of a long
history of cyberattacks.
The Morris Worm
In 1989, the Morris worm was the first-ever denial-of-service (DoS) attack created to gauge the
size of the internet, says creator Robert Morris. The worm significantly slowed down every
computer it infected. It could infect the same computer multiple times until it eventually crashed.
The Virus Era
The 1990s were deemed the “Virus Era”. Viruses such as I LOVE YOU and Melissa infected tens
of millions of computers, causing email systems to crash around the world and costing millions of

4
dollars. Unfortunately, most of the emails that were compromised were unintended victims of
inadequate security solutions. Primarily focused on financial gains or strategic objectives, these
attacks became headline news as they took center stage in the world of cyber attacks.
1.2 CYBER HACKING
1.2.1 Introduction
Computer hacking is when someone modifies computer hardware or software in a way that alters
the creator's original intent. People who hack computers are known as hackers. Hackers think that
what they do is like an art form. They usually have expert-level skills in one specific program. For
most hackers, hacking gives them the opportunity to use their problem-solving skills and a chance
to show off their abilities. Most of them do not wish to harm others.

The word "hacking" has two definitions. The first definition refers to the hobby or profession of
working with computers. The second definition refers to breaking into computer systems. While
the first definition is older, the second definition is much more commonly used.

What kind of Information can a Hacker Steal from a Computer?

Personal information, names address, financial information, even the account information for your
ISP and passwords, in short anything stored on your computer can be obtained by a hacker. A
Trojan may record each and every keystroke you make, save the information to a hidden file, and
automatically upload it to the hacker's computer.
What else can a Hacker do?
There are a number of reasons why a hacker would want to break into your computer. He may use
your computer and ISP account for illegal activity, like distributing child pornography. In a DDOS
attack, the client, commands all of the "servers" located on individual PCs to attack a single
website. Thousands of individual PCs can be commanded to access a website like eBay or Yahoo
at the same time, clogging the site's bandwidth and causing an interruption of service.
What can be done to protect a computer?
 Download or accept files only from reliable sources.
 Use a firewall to block unauthorized access to your computer.
 Keep all software up to date.
 Install a good antivirus software and keep it current.

5
  Make sure all passwords are well- chosen and protected.
 Do not open suspicious attachments or click unusual inks in messages.
 Browse the web safely. Avoid visiting sites that offer potentially illicit content.
 Stay away from pirated materials. Avoid streaming or downloading movies, music , books
or applications that do not come from trusted sources.
 Do not use USBs or any other external devices unless you own them.
 Do not keep passwords, bank, or financial account numbers or other personal and
confidential information on your computer's hard drive.
1.2.2 Nature and Character of Hackers
A hacker is a computer enthusiast who is especially proficient or a computer user who attempts to
gain unauthorized access to computer systems.
1.2.3 Types of hacking
There are various possible ways of hacking, a few of which are listed below:
(i) Physically Entering the premises: The malicious hacker may physically enter into the premises
of others containing the computer and impersonate its owner. That is like criminal trespass under
441 of the Indian Penal Code and is very easy if the owner has no protective and security system
with secret password to start or initiate operating system.

(ii) Brute Forcing Passwords: Even the intelligent hacker may be able to guess password where
it is required by using password cracking tool. Password cracking tool tests many passwords, find
it if written somewhere else, observe it during use i.e., shoulder surf

(iv) Using Trojan Horse for entering systems: Another way to gain control is for the malicious
hacker to deceive the legitimate user into entering and executing a Trojan horse program in the
computer. A Trojan horse program contains computer instructions unknown to the user and it
performs the hacker's attack.

(v) Password cracking: Nowadays we have password for everything e.g. for e-mail, ATM
machines, Websites, administrators, credit cards, online banking, brokerage, web auctions,
microwaves, cable boxes, garage, door openers, bags etc., Password crackers are highly
sophisticated and keep trying words, letters, and symbols combinations until it hits the right one.

6
Sometimes they have knowledge about that person and about his or her personal particulars whose
password they are going to crack and use those particulars till it hits the right answer to open.

(vii) Cryptographic Algorithms: Use of mathematical algorithms in an attempt to break the

password hash or cryptographic scheme is another way of cracking as well as to protect the
password itself.

(viii) Target the servers: Most of the times hackers target servers because critical information are
stored in the machines instead of storing it in client premises.

(ix) Cracking Firewalls: A hacker prima facie tries to operate the internet and the telephone
networks. Hackers also use scanning process to scan hosts internet activities for remote
vulnerabilities through quick fiber-optic connection. Malicious hackers actually focus to attack
and crack the installed firewall of a network.

(x) Sending Messages: Hacking may be done by sending messages through e-mail, websites,
mobile with several offers and pornographic accesses and asking their password or social security
numbers and personal information.

1.2.4 Behavior of hackers

Most of the intensive study of criminologists in the contemporary hi-tech society is based on
hackers and hacking. Several criminologists have attempted to understand hackers' behavior and
to examine the causes for which hackers are involved in delinquent behaviors and to develop
effective legal principles for the prevention and control of this dangerous crime, although we know
complete elimination of Cyber Crimes is not possible in the cyberspace.

Some jurists say that hackers commit crime due to passion or tendency or addiction to use
computer and to act with network e.g., hacker Bedworth in 1993 was arrested in England and his
advocate took defense that he was suffering from a psychological addiction and irresistible impulse
to use computers, computer systems and network on which ground he was acquitted.

It shows that hackers in the new generation do not require intensive study and in-depth knowledge
about Computer science or programming aptitude; they are not always computer or information
technology engineers. Therefore, today's hackers are different from what they were earlier. New
generation hackers are involved in delinquent activities as a fun game or sport and they are not

7
even interested to develop their knowledge on new multimedia technology academically. They are
more interested to take revenge or to fulfill their greed or to show their power or to do other
malicious act through computer system and network.

Prevention and control of hackers' activities become more and more complex from time to time
because they are the members of heterogeneous group and not of homogeneous group. They do
not have any generic fabric. Some hackers are called as sport intruders who break in computer
system, internet and deface web pages; and others are competitive espionage when generally avoid
illegal activities and act in ethical manner. They are also group of intelligent youth who do hack
to save their nation and to keep security in their country with authority.

Hackers are most of the times male teenagers, who are and were neglected children at their early
age, habitually, addicted for drugs and alcohol they are generally very smart but with poor
educational performance, they are pleasant and representable personalities with patience to sit well
at the keyboard and monitor hours after hours.

1.2.5 Essential elements of hacking

Essential elements of hacking are as follows:

 Causing intentional wrong or damage to others.

 Causing wrong or damage to others with knowledge.

 It must relate to computer, computer system or computer network.

 The results must be to (a) destroy (b) delete (c) alter (d) diminish the value or utility of
information, or (e) affect injuriously.

In contemporary phenomenon, urgent need is to adopt uniform and high standard cyber laws
and specially law on cybercrimes to adopt more teeth to combat the situation. Industries are
ignorant about even inside cyber hackers.

Credit card hacking is rising day by day. Websites for example, rediff.com, Yahoo.com,
satyamonline.com etc., simply asks for credit card numbers with other details for e-shopping
and e-commerce. Their responsibilities are up to payment and not till the delivery of goods to
the consumers; these processes are exploited by hackers. These caused two-way hacking:

8
1. If user is actual card holder and given original information, then hackers easily use it to commit
other crimes ie., identity theft, cyber fraud, sell it to others etc.,
2. If user is not the actual card holder and giving wrong information about credit - debit card, then
the companies and others who offer to sell through internet may be in loss.
1.3 CYBER FRAUD
1.3.1 Definition

Cyber fraud is the stealing money or property by using of a computer dishonestly, property
including money and cheques, credit card services, or to evade dishonestly some debt or liability.
It might involve dishonesty giving an instruction to a computer to transfer funds into a bank
account or using a forged bank card to obtain money from a cash dispenser ie., automated teller
machine.

Cyber fraud is the crime committed via a computer with the intent to corrupt another individual's
personal and financial information stored online.

1.3.2 Different Modes of Cyber Fraud

The following are some of the modes of Cyber Fraud:

1. Cyber fraud due to victim's excitement

Most of the times victims are attracted and motivated to facilitate the schemes in cyberspace like
cyber marketing, e-banking, e-shopping etc, which are most of the times misleading.

2. Personal identities and password fraud in the cyberspace

Internet users should be acutely aware of the real dangers from cybercriminals that lurk when u
open innocent looking emails, conduct online banking, shop online or even access social media
networks. Identity thefts includes stealing of personal information that enables cyber criminals to
impersonate someone else. The more personal the information a cyber criminal collects on their
victim, the more susceptible the victim is to the criminal stealing their money.
3. Cyber fraud by false representation
The offenders in cyberspace represent falsely that they have authority to do something for or on
behalf of the victim or they act as government officials. By this way, they access the personal
identity and commit cyber fraud.

9
4. Cyber fraud using urgency
"Urgent" is the term the fraudsters often use with some advertisement or statement that shows
scope to win prizes if invested by the victims.
5. Cyber lottery fraud
Cyber lottery scheme is one way to commit cyber fraud which requires investment in tickets to
give chance to win prizes. It may also be called as cyber gambling.
6. Credit scheme fraud
Identity is a unique piece of information associated with an entity. Identity is a collection of
characteristics which are either inherent or assigned by another. Generally physical traits are
carried along a transaction. The credit scheme to offer loan in exchange off fees, interests, taxes,
service charges etc. are ways to commit cyber fraud.
7. Travel related scheme
Cyber shopping, tele funding, telemarketing are also ways to commit cyber fraud in the cyber
world.
8. Electronic mail and internet fraud
In January 2005, a mass email was posted to help tsunami disaster victims, but it was a way to
spread computer virus, to initiate a denial-of-service attack against a German website. If anyone
opens it, then it will forward the virus to another internet user. The innocent users were in a belief
that they are helping the Tsunami victims. If it sounds too good to be true, it probably is.
1.3.3 Cyber Fraud in India

Cyber fraud or cybercrime is construed as using a computer as a weapon, or instrument, to advance

or secure something deemed illegal. Stealing identities or intellectual property, committing fraud,
or violating privacy laws are considered as cybercrimes.

Top 10 cybercruds affecting businesses and individuals are:

1. Phishing Scams
2. Website Spoofing
3. Ransomware
4. Malware
5. Intellectual Property crimes
6. Cyber Defamation
7. Cyber stalking
8. Unauthorized access to computer systems or networks

10
 9. Denial of Service attack
10. IOT Hacking

Phishing Scams

The majority of successful cyber-attacks i.e.., 91% according to a study is by PhishMe. It begins
when curiosity, fear, or a sense of urgency entices someone to enter personal data or click on a
link.

Phishing emails mimic messages from someone you know or a business that you trust. They are
designed to trick people into giving up personal information or clicking on a malicious link that
downloads malware. Thousands of phishing attacks are launched every day.

Website Spoofing

The word spoof means to hoax, trick, or deceive. Website spoofing is when a website is designed
to look like a real one and deceive you into believing it is a legitimate site. This is done to gain
your confidence, get access to your systems, steal data, steal money, or spread malware.

Website spoofing works by replicating a legitimate website with a big company’s style, branding,
user interface, and even domain name in an attempt to trick users into entering their usernames
and passwords. This is how the bad guys capture your data or drop malware onto your computer.

Spoofed websites are generally used in conjunction with an email that links to the illegitimate
website.

Email spoofing
A spoofed email is one that appears to originate from one source but actually has been sent from
another source. E.g. Gauri has an e-mail address [email protected]. A Threat actor spoofs
her e-mail and sends obscene messages to all her acquaintances. Since the e-mails appear to have
originated from Gauri, her friends could take offence and relationships could be spoiled for life.

Ransomware

Ransomware is a modern day, technical twist on a crime that has been around for ages - extortion.
At its core, ransomware works when criminals steal something of great value and demand payment
in exchange for its return. For most businesses, this involves the encryption of company data.
Ransomware encrypts data on the victim’s computer and demands money from the victim. This
ransom is usually in form of crypto currency. Without restorable backup data, the company is
generally at the mercy of the attacker who will hold your data hostage in exchange for a decryption
key. Once the victim pays, the decryption key is given to the victim. However, this is not
guaranteed in most cases. When ransomware hits, businesses come to a standstill, and employees

11
cannot do their jobs. Ransomware has matured into its own category of malware and should be a
primary concern for all organizations.

Malware

Norton defines malware as “malicious software” specifically designed to gain access to or damage
a computer. In the case of ransomware, it's designed to hold your data hostage, but that isn’t the
only kind. There can be multiple objectives for malware - power, influence, money, information -
but the result is always the same - a time consuming, often expensive recovery effort.

Common types of malwares include:

 Viruses that spread, damage functionality, and corrupt files

 Trojans disguised as legitimate software that quietly create backdoors to let other malware
into your network
 Worms that can infect all of the devices connected to a network
 Ransomware that holds your data hostage
 Botnets - a network of infected devices that work together under the control of an attacker

Intellectual Property crimes

These include software piracy, copyright infringement, trademarks violations, theft of computer
source code etc. In other words, this is also referred to as cybersquatting.

Cyber Defamation
This occurs when defamation takes place with the help of computers and / or the Internet. E.g.,
someone publishes defamatory matter about someone on a website or sends e-mails containing
defamatory information to all of that person’s friends.

India’s first case of cyber defamation was reported when a company’s employee started sending
derogatory, defamatory, and obscene e-mails about its Managing Director. The e-mails were
anonymous and frequent, and were sent to many of their business associates to tarnish the image
and goodwill of the company.

The company was able to identify the employee with the help of a private computer expert and
moved the Delhi High Court. The court granted an ad-interim injunction and restrained the
employee from sending, publishing and transmitting e-mails, which are defamatory or derogatory
to the plaintiffs.

12
Cyber stalking
Cyber stalking involves following a person’s movements across the Internet by posting messages
on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim,
constantly bombarding the victim with emails etc.

Unauthorized access to computer systems or networks

This activity is commonly referred to as hacking. The Indian law has, however, given a different
connotation to the term hacking, so we will not use the term “unauthorized access” interchangeably
with the term “hacking”. However, as per Indian law, unauthorized access does occur, if hacking
has taken place.

Denial of Service attack ( DoS)

This involves flooding a computer resource with more requests than it can handle. This causes the
resource to crash thereby denying authorized users the service offered by the resource. Another
variation to a typical denial of service attack is known as a Distributed Denial of Service (DDoS)
attack wherein the perpetrators are many and are geographically widespread. Denial-of-service
attacks have had an impressive history having, in the past, brought down websites like Amazon,
CNN, Yahoo and eBay.

IoT Hacking

The Internet of Things is a brave new world that has opened insights into our daily routines and
our business processes to the web. Whether we like it or not, all of these internet-connected objects
are collecting and exchanging data. As you know, data is valuable and for that reason, hackers will
look to exploit any devices that aggregate it.

The more “things” we connect - the juicier the reward becomes for hackers. That’s why it’s
important to remember that personal passwords and business passwords all belong to humans with
memories that we know are going to let us down from time to time.

Remember, while you’re working within a business, each person has to take personal responsibility
for ensuring your cybersecurity. You have to prioritize your risks and think through the scenarios
that are likely to affect you, based on what you know about your unique infrastructure and team.
Don’t wait until it’s too late to take a proactive approach. Keep focused on what’s coming and
work to bring your team up to speed to create the strongest defense against cyberattacks.

13
How to Prevent Cyber frauds

Stay Up to Date

It goes without saying that having the most up-to-date security software provides better protection
against hackers, malware, viruses, and more. This is only one piece of the actions that we can take,
against frauds.

Be Smart with Devices

That computer, smart phone, tablet, and social media site are also avenues for bad actors to steal
data. It’s not a complete doomsday scenario. Each device or site normally has security settings in
the form of pins, passwords, and control over who sees your content. Brush up on security features
and use them to your advantage. And, finally, be smart. Do not share passwords, codes or pins
with anyone.

1.4 CYBER PORNOGRAPHY

By pornography we generally mean the depiction of any content, whether printed or visual, that
contains manifest narration, demonstration or display of sexual activities, sexual organs or any
other obscene material with an intention to trigger the sexual excitement of the viewers. We call it
child pornography when children are included in the said activity. Although, merely a prefix has
been added to the term ‘pornography’ in this case, but this little prefix increases the dreadfulness
of this term horrendously.

The words ‘child’ and ‘sexual activity’ together already sound so wicked, and then displaying it
to people who are watching it to arouse their sexual desires only make it worse. Consequently,
such deeds provoke the exploitation, trafficking, and violence towards children. This is the reason
that child pornography is considered so heinous.

In India, the term ‘child pornography’ has been defined under the Protection of Children from
Sexual Offences Act, 2012 (POCSO). According to section 2(da) of the POCSO Act, child
pornography is any kind of visual display of overt sexual activity that engages a child. Such content
may be an image, a video or any computer-generated picture which cannot easily be differentiated
from a real child. It includes all those images which shows a child to be involved in such activities
whether it is created, adapted or modified.

14
To be very specific, section 2(d) of the POCSO Act defines a ‘child’ to be any person who has not
attained the age of eighteen years.

1.4.1 Criminalization of Cyber Pornography

Sexual portrayals which establish “pornography” or “indecency” have not just led to an amazingly
productive business, but at the same time are the object of administrative worry by the public
authority and significant developments in the society. Though there is no particular arrangement
in any resolution that straightforwardly manages pornography, it has been brought inside the the
Penal Code, 1860 (‘IPC’) that forces criminal risk available to be purchased, circulation and so on
of foul material. This Section was presented by the Obscene Publications Act, 1925 to offer impact
to Art. I of the International Convention for the Suppression of the Circulation of and Traffic in
Obscene Publications endorsed by India in 1923 at Geneva. Pornography has likewise been
restricted under the Information Technology Act, 2000 (‘IT Act’).

Under the IT Act sending or distributing of any obscene material is illicit. The Sections in the
Information Technology Act, 2000 which forbids cyber pornography yet with specific exemptions
for them are-Section 67 and 67A. Section 67 arrangements with distributing or communicating
disgusting material in electronic structure.

The Information Technology Amendment Act 2008 has likewise included kid pornography and
maintenance of records by delegates. Whoever distributes or communicates any material which is
indecent or claims to the lewd interest or if its belongings will in general debase and ruin the psyche
of people who are probably going to peruse, see the explicit matter contained in it, will be rebuffed
with detainment for a term up to three years which may reach out to five years and fine of five
lakh rupees which may stretch out to ten lakh rupees or both.

1.4.2 Measures to curb Cyber Pornography

Instructing the police on cyber pornography offenses
To check Cyber Pornography offenses, the chief advance is to make more rigid arrangements
identified with conviction which makes dread at the top of the priority list of guilty party. This will
be conceivable if the researching organizations gather direct proof against the cyber obscene guilty
party under the watchful eye of the Court of Law. The Central and State government ought to

15
coordinate courses by drawing in Cyber Experts, which give powerful and nature of examination
and proof social event identified with Cyber Offenses. Mindfulness Campaigns for Educating
Parents on Parental Control to check Cyber Pornography

In this globalized world everybody is utilizing web innovation with no separation of sex, age, and
so on. The enormous measure of material accessible on the Internet which is identified with
assorted fields like governmental issues, news, sports, schooling, wellbeing, climate and others,
yet it likewise contain materials which isn’t suitable for kids. Subsequently, it is especially
legitimized to impede and channel advances which will resolve cyber obscene issues more viably
and deftly than any such law.
Role of cyber cafes
The Cyber Cafes has to keep a record of the client ID ought to either store a copy or a filtered
duplicate of the report appropriately validated by illustrative of cyber bistro. The client ID record
to be kept up for in any event one year. Alongside the client ID records the web camera photos
approved by cyber cafes, will be important for the log register which might be kept up in physical
or electronic structure.
Parental control
Guardians ought to consistently keep beware of the web exercises of their youngsters. It ought to
be perceived that observing any sort of pornography is profoundly habit-forming in this way; it
can truly hamper the psychological prosperity of the kid.

1.4.3 Legislative approach in India to prevent and control child pornography

Under Protection of Children from Sexual Offences Act, 2012 (POCSO)
The POCSO Act makes the act of using a child for pornographic purposes punishable. Now what
all acts constitute to be usage of a child for pornographic purposes have been explained in section
13 of the Act. According to the said section, any person who uses a child for the purpose of sexual
gratification through any kind of media either printed or electronic, no matter whether it was aimed
for distribution or just personal use is said to have used the child for pornographic purposes. It
includes the display of a child’s sexual organs, indecent representation of a child, and engaging a
child in true or simulated sexual activity where penetration is not a mandatory condition.

16
Section 14 of the POCSO Act punishes any person committing an offence u/s 13 with an
imprisonment for at least 5 years and fine. And if the person is convicted for the same offence
again, then he would be punishable with imprisonment for a minimum of 7 years and fine. It further
provides that if a person is committing the offence of using child for pornography along with
offence given under sections 3 or 5 or 7 or 9 by getting himself involved in the pornographic act,
then such a person shall be punished under section 4 or 6 or 8 or 10 respectively in addition to
section 14 of the POCSO Act.

Furthermore, section 15 of the POCSO Act provides punishment for storing or possessing
pornographic material that involves a child in three different situations. Firstly, if it has been done
to share such material so as to commit child pornography then it is punishable with a minimum
fine of Rs. 5000, and if such an act is repeated then with a fine not less than Rs. 10,000. Secondly,
if such storage or possession has been done to display or distribute it, then the punishment is
imprisonment for a term which may extend to 3 years, or with fine, or both.

However, the storage would be exempted from this offence if it was done for the purpose of
reporting or using it as evidence in court. Lastly, if the said pornographic material is possessed
with an intention to use it for commercial purposes, then the person would be punishable with
imprisonment, the term of which would be between 3 years to 5 years, or fine, or both. And if the
same is committed again, the punishment would be between 5 years to 7 years of imprisonment
and fine.
Under the Indian Penal Code, 1860
The Indian Penal Code does not deal with child pornography directly, however, it prohibits the
display of obscene material to young persons under section 293. In this context, a young person
would be a person who is under 20 years of age. So, a person would be punishable u/s 293 of the
Code if he/she shares, disperses, exhibits, sells or lets to hire any obscene material (as explained
in section 292 IPC) to any young person. The offender would be punishable with an imprisonment
up to 3 years and a fine of Rs. 2000 on first conviction, however, he would be punishable with an
imprisonment up to 7 years and Rs. 5000 fine in case of second conviction.

17
Under the Information Technology Act, 2000
Section 67B of the IT Act punishes the act of publishing, transmitting, creating, collecting,
browsing, downloading, advertising, promoting, exchanging, distributing, recording, etc. of any
material in electronic form which shows a sexually explicit activity engaging a child. It also
punishes the formation of online relationships with any child for sexually explicit act and abusing
the child online. The punishment provided u/s 67B is imprisonment of 5 years and ten lakh rupees
fine on first conviction and in case of second conviction, it is 7 years of imprisonment and fine of
Rs. ten lakhs.

The offence of child pornography is not just one offence, rather it is a series of offences and harsh
consequences. It begins with the sexual abuse of child who probably don’t even understand as to
what is happening with him, and even if he knows about it, that doesn’t make it any better. Then
such abuse is recorded and distributed among certain horrible people who take intense pleasure in
watching those children suffering in pain owing to their exploitation, which provokes them to do
it themselves. This is how the desire to do such heinous acts evolves among people, and many of
them even succeed to do it, hence more crimes.

A child is someone who is at the very beginning of his/her life and have many years to live ahead,
however, when he/she becomes a victim of an offence as brutal as child pornography, it becomes
very difficult for that child to live normally afterwards. Such an incident would leave a stigma in
the mind of such a child forever.

It has also been found that in a significant number of cases of child sexual abuse, the children know
their offenders, they might be relatives, family friends, teachers, etc. Such types of cases are even
more disheartening because here the child would have trusted that person and would never have
expected it to happen.
There is no doubt that government has taken various actions to combat this evil such as enactment
of legislations like POCSO, IT Act which specifically deal with the issue of child pornography.
The government has even banned the websites providing the said indecent stuff from time to time
but we still see no drop in the statistics of child abuse.

18
 CHAPTER 2

CYBER TERRORISM

19
 UNIT-II
2. CYBER TERRORISM

 Definition
 Modes of Cyber Terrorism
 Cyber Crime
o Prevention Methods
o Kinds of Cyber Crimes
 Cyber Attacks

2.1 DEFINITION
Cyber terrorism can be defined in different ways namely it can be politically motivated by hacking
operations intended to cause grave harm such as loss of life or severe economic damage or it can
be unlawful attacks and threats of attack against computers, networks, and the information stored
therein, done to intimidate or force a government or its people in furtherance of political or social
objectives.
2.2 MODES OF CYBER TERRORISM
2.2.1 Attack on National Security
The clear and present danger of cyber threats to our critical infrastructure, such as the national
power grid, can no longer be ignored. Fortunately, the government began calling attention to cyber
risks in the form of a recent presidential executive order, the reintroduction of cyber security
legislation, and some long-delayed but honest pronouncements about ongoing attacks from China
and other nation-states. Now it is time to move from rhetoric to action.
2.2.2. Cyber Terrorism is the Forerunner of warfare
In contemporary era of communication, convergence and new technology, one nation causes
terrorist violence against other nation or nations by using or making the target of new technology,
This is called netwar or warfare.
2.2.3. International Cyber Terrorist Attack
When international terrorist groups communicate each other through internet and through their
own network to attack any nation then it is called International cyber terrorist attack.
2.2.4. Network to Send Terror Messages
The cyber criminals started to use new technology to develop their own website, and network to
send terror messages and to communicate within or between groups.
2.2.5. Digital Signature System

20
A digital code was created that can be attached to an electronically transmitted message that
uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to
guarantee that the individual sending the message really is who he or she claims to be. Digital
signatures are especially important for electronic commerce and are a key component of most
authentication schemes.
2.2.6. Flowing Worm
Flowing "worm", virus, Trojan horse to collapse government and people interest sites, network
and computer is also one mode of cyber terrorism.
2.2.7. Cyber Theft.
Cybercrime is a criminal activity done using computers and the Internet. It includes anything from
downloading illegal music files to stealing millions of dollar from online bank accounts.
2.3 WHAT IS CYBERCRIME?
2.3.1 Definition
Cybercrime is defined as Criminal activities carried out by means of computers or the Internet.
Cybercrime may be said to be those species, of which, genus is the conventional crime, and where
either the computer is an object or subject of the conduct constituting crime.
“Cybercrime means any criminal or other offence that is facilitated by or involves the use of
electronic communications or information systems, including any device or the Internet or any one
or more of them.
2.3.2. Cyber Warfare
Cyber warfare has been defined as "actions by a nation-state to penetrate another nation's
computers or networks for the purposes of causing damage or disruption". Other definitions also
include non-state actors, such as terrorist groups, companies, political or ideological extremist
groups, hacktivists, and transnational criminal organizations. Some governments have made it an
integral part of their overall military strategy, with some having invested heavily in cyber warfare
capabilities.
2.3.3. Computer Related Crimes
The computer is now an indispensable tool for banking, corporate records and various activities of
government. The absence of tangible printed records of credit transactions is testimony to the
efficiency of the computer, yet it leaves the auditor without the accustomed paper trail for verifying
accounts. A computer need not be manipulated at any particular place but can be operated from a
distance using telecommunication facilities.

21
 Offence Sections

Sending threatening messages by E-mail Sec.503,IPC

Sending defamatory messages by E-mail Sec.499,IPC

Forgery of electronic records Sec.463,IPC

Bogus websites, cyber frauds Sec.420,IPC

Email Spoofing Sec.463,IPC

Web Jacking Sec.383,IPC

E-mail abuse Sec.500,IPC

Online sale of drugs NDPS Act

Online sale of arms Arms Act

Table 2.1 Computer related crime covered under IPC and Special Laws

2.4 CYBERCRIME PREVENTIVE METHODS

Prevention is always better than cure. It is always better to take certain precautions while working
on the net. There are 5 mantras for online security steps are: Precaution, Prevention, Protection,
Preservation and Perseverance.Identification of exposures trough education will assist responsible
companies and firms to meet these challenges.
 One should avoid disclosing any personal information to strangers, the person whom they
don’t know, via email or while chatting or any social networking site.
 One must avoid sending any photograph to strangers by online as misusing or modification
of photograph incidents increasing day by day.
 An update antivirus software to guard against virus attacks should be used by all the
netizens and should also keep back up volumes so that one may not suffer data oss in case
of virus confirmation.
 A person should never send his credit card number or debit card number to any site that is
not secured, to guard against frauds.

22
  Web site owners should watch traffic and check any irregularity on the site. It is the
responsibility of the website owners to adopt some policy for preventing cybercrimes as
number of internet users are growing day by day.
 It is better to use a security programs by the body corporate to control information on sites.
 IT department should pass certain guidelines and notifications for the protection of
computer system and should also bring out with some more strict laws to breakdown te
criminal activities relating to cyberspace.
 As cybercrime is the major threat to all the countries worldwide, certain steps should be
taken at the international level for preventing the cybercrime.
2.4.1 Preventive Steps for Individuals
2.4.1.1 Children
Children should not give identifying information such as name, home address, and school name in
a chat room. They should not share photographs with anyone on the net without first checking or
informing parents, guardians. They should not respond to message, which are suggestive, obscene,
belligerent or threatening, and not to arrange a face to face meeting without telling parents or
guardians.
2.4.1.2. Parents
Parent should use content filtering software on PC to protect children from pornography, gambling,
hate speech, drugs and alcohol. There is also software to establish time controls for use of limpets
and allowing parents to have visited. Parents can se this software to keep track of the type of
activities see which site their children of children.
2.4.1.3. General Information
General precautions to be followed while providing vital information about system and address of
the person
 Try not to panic.
 If you feel any immediate physical danger contact your local police.
 Avoid getting into huge arguments online during chat and discussions with other users.
 Choose your chatting nickname carefully so as others.
 Do not share personal information in public space and do not give it to strangers.
2.4.2. Preventive Steps for Organizations

Computer crime is an expanding division of criminal activity. Cybercrime cases include

intrusion/infiltration, financial and identity theft, espionage and cyber warfare. Computer crime

23
may also include child pornography and copyright infringements as well as any other illegal
activity that was performed with the assistance of a computer.
2.4.2.1. Physical security
If an intruder gets physical access to a computer, they can easily gain access to the information
stored on the computer. Physical security is the most sensitive component, as prevention from
cybercrime computer network should be protected from the access of unauthorized persons.
2.4.2.2. Access control
It describes any technique used to control passage into or out of any area. The standard lock that
uses a brass key may be thought of as a simple form of an access control system. Today the term
access control system most often refers to a computer-based system or electronic card access
control system. The purpose of an access control system is to provide quick, convenient access to
those persons who are authorized, while at the same time, restricting access to unauthorized people.
It is generally implemented using firewalls which provide a centralized point from where to permit
or allow access.
2.4.2.3. Password
A password is an unspaced sequence of characters used to determine that a computer user
requesting access to a computer system is really that user. A password is typically somewhere
between 4 and 16 characters, depending on how the computer system is set up.
Proof of identity is an essential component to identify intruders. The use of passwords in the most
common security for network system includes servers, routers and firewalls.

Fig.2.1. Access control

24
2.4.2.4. Using Network Scanning Programs
Network scanning is a procedure for identifying active hosts on a network, for the purpose of
attacking them or for network security assessment.
Scanning is one of the three components of intelligence gathering for an attacker. In the foot
printing phase, the attacker creates a profile of the target organization, with information such as its
domain name system (DNS) and email servers. In the scanning phase, the attacker finds
information about the specific IP address that can be accessed over the internet, their operating
systems, the system architecture, and the services running on each computer. In the enumeration
phase, the attacker gathers information such as network service and group names, routing tables,
and Simple Network Management Protocol (SNMP) data.
2.4.2.5. Using Intrusion Alert Programs
This tool is designed to facilitate the interactive analysis of alerts reported by Intrusion Detection
System (IDS). It was started as a prototype system and was developed to validate who method to
correlate intrusion alerts based on the prerequisites and consequences of known attacks. Now it
has been serving as a platform to test and validate techniques for intrusion analysis.
2.4.2.6. Using Encryption
Encryption is a process which is applied to text message or other important data, and alerts it to
make it humanly unreadable except by someone who knows how to decrypt it. The most popular
use of encryption is for securing web servers that are accessed by the https protocol .Encryption is
the conversion of data into a form called a ciphertext that cannot be easily understood by
unauthorized people. Decryption is the process of converting encrypted data back in its original
form.
Encryption can transform data into a form that makes it almost impossible to read it without the
right key. This key is used to allow controlled access to the information to selected people.
Encryption allows sending confidential documents by email or save confidential information on
laptop computers without having to fear that if someone steals it the data will become public. With

25
 Fig.2.2 Symmetric Encryption
the right encryption/decryption software installed, it will hook up to military program and
encrypt/decrypt messages automatically without user interaction.

2.4.3. Kinds Of Cyber Crime

2.4.3.1. Cyber Stalking
It is an act of stalking, harassing or threatening someone using Internet/computer as a medium.
This is often done to defame a person and use email, social network, instant messenger, web-
posting, etc. as a using Internet as a medium as it offers anonymity. The behaviour includes false
accusations, threats, sexual exploitation to minors, monitoring, etc.
2.4.3.2. Child Pornography
It is an act of possessing image or video of a minor (under 18), engaged in sexual conduct.
2.4.3.3 Forgery and Counterfeiting
It is a use of computer to forgery and counterfeiting is a document. With the advancement in the
hardware and the software, it is possible to produce counterfeit which matches the original document
to such an extent that it is not possible to judge the authenticity of the document without expert
judgement.
2.4.3.4. Software Piracy and Crime related to IPRs
Software piracy is an illegal reproduction and distribution for personal use or business. It comes
under crime related to IPR infringement. Some of the other crimes under IPR infringement are:
download of songs, downloading movies, etc.

26
2.4.3.5. Cyber Terrorism
It is defined as the use of computer resources to intimidate or coerce government, the civilian
population, or any segment thereof in furtherance of political or social objectives.
2.4.3.6. Phishing
It is a process of acquiring personal and sensitive information of an individual via email by
disguising as a trustworthy entity in an electronic communication. The purpose of phishing is
identity theft and the personal information like username, password, and credit card number etc.
may be used to steal money from user account.
2.4.3.7. Computer Vandalism
It is an act of physical destroying computing resources using physical force or malicious code.
2.4.3.8. Computer Hacking
It is a practice of modifying computer hardware and software to accomplish a goal outside the creator’s
original purpose. The purpose of hacking a computer system may vary from simply demonstrations of
the technical ability, to sealing, modifying or destroying information for social, economic or political
reasons
2.4.3.9. Creating and distributing viruses over internet
The spreading of a virus can cause business and financial loss to an organization. The loss includes
the cost of repairing the system, cost associated with the loss of business during downtime and
cost of loss of opportunity.
2.4.3.10. Spamming
Sending of unsolicited and commercial bulk message over the internet is known as spamming. An
email can be classified as spam, if it meets following criteria:
a. Mass mailing:- the email is not targeted to one particular person but to a large number
of peoples.
b. Anonymity:- The real identify of the person not known
c. Unsolicited:- the email is neither expected nor requested for the recipient.
2.4.3.11. Online Auction Fraud
There are many genuine websites who offers online auction over internet. Taking the advantage
of the reputation of these websites, some of the cyber criminals lure the customers to online auction
fraud schemes which often lead to either overpayment of the product or the item is never delivered
once the payment is made.

27
2.4.3.12. Cyber Squatting
It is an act of reserving the domain names of someone else’s trademark with intent to sell it afterwards
to the organization who is the owner of the trademark at a higher price.
2.4.3.13. Web Jacking
The hacker gain access to a website of an organization and either blocks it or modify it to serve
political, economic or social interest. The recent examples of web jacking are some of the websites
of the educational institutes were hacked by Pakistani hackers and an animation which contains
Pakistani flags were flashed in the homepage of these websites.
2.4.3.14. Data Diddling
It is a practice of changing the data before its entry into the computer system. Often, the original data
is retained after the execution on the data is done. For example, DA or the basic salary of the person is
changed in the payroll data of an individual for pay calculation. Once the salary is calculated and
transferred to his account, the total salary is replaced by his actual salary in the report.
2.4.3.15. Email Spoofing
It is a process of changing the header information of an e-mail so that its original source is not identified
and it appears to an individual at the receiving end that the email has been originated from source other
than the original source.
2.4.4. MALWARE AND ITS TYPES
Malware stands for “Malicious Software” and it is designed to gain access or installed into the
computer without the consent of the user. They perform unwanted tasks in the host computer for
the benefit of a third party. There are various types of malwares present in the Internet. Some of
the popular ones are:
2.4.4.1 Adware
It is a special type of malware which is used for forced advertising. They either redirect the page
to some advertising page or pop-up an additional page which promotes some product or event.
This adware are financially supported by the organizations whose products are advertised.
2.4.4.2 Spyware
It is a special type of which is installed in the target computer with or without the user permission
and is designed to steal sensitive information from the target machine. Mostly it gathers the
browsing habits of the user and the send it to the remote server without the knowledge of the owner
of the computer. Most of the time they are downloaded in to the host computer while downloading
freeware i.e. free application programmes from the internet.

28
2.4.4.3. Browser hijacking software
There is some malicious software which are downloaded along with the free software offered over
the internet and installed in the host computer without the knowledge of the user. This software
modifies the browsers setting and redirect links to other unintentional sites.
2.4.4.4. Virus
A virus is a malicious code written to damage/harm the host computer by deleting or appending a
file, occupy memory space of the computer by replicating the copy of the code, slow down the
performance of the computer, format the host machine, etc. It can be spread via email attachment,
pen drives, digital images, e-greeting, audio or video clips, etc. A virus may be present in a
computer but it cannot activate itself without the human intervention.
2.4.4.5. Worms
They are a class of virus which can replicate themselves. They are different from the virus by the
fact that they does not require human intervention to travel over the network and spread from the
infected machine to the whole network. Worms can spread either through network, using the
loopholes of the Operating System or via email.
2.4.4.6. Trojan Horse
Trojan horse is a malicious code that is installed in the host machine by pretending to be useful
software. The user clicks on the link or download the file which pretends to be a useful file or
software from legitimate source. It not only damages the host computer by manipulating the data
but also it creates a backdoor in the host computer so that it could be controlled by a remote
computer.
2.4.4.7. Scareware
Internet has changed how we talk, shop, play etc. It has even changed the way how the criminal
target the people for ransom. While surfing the Internet, suddenly a pop-up alert appears in the
screen which warns the presence of dangerous virus, spywares, etc. in the user’s computer. As a
remedial measure, the message suggests the used download the full paid version of the software.
As the user proceeds to download, a malicious code, known as scareware is downloaded into the
host computer.
2.4.4.8 Ransomware
Ransomware is a type (malicious software) used by cybercriminals. If a computer or network has
been infected with ransomware, the ransomware blocks access to the system or encrypts its data.
Cybercriminals demand ransom money from their victims in exchange for releasing the data. In
order to protect against of malware ransomware infection, a watchful eye and security software
are recommended. Victims of malware attacks have three options after an infection: they can

29
either pay the ransom, try to remove the malware, or restart the device. A ransomware attack can
therefore target both individuals and companies.

2.4.4.9. Malspam
Malspam is basically a spam email that delivers malware. Such emails contain infected
attachments, phishing messages or malicious URLs to deceive users. It can be used to deliver a
variety of malware including ransomware, trojans, bots, info-stealer, crypto miners, spyware and
keyloggers.

A successful malspam attack is executed by using an obfuscation technique to get through the
installed security product’s spam email filters such that the malicious attachment is opened by the
user. Attackers use social engineering techniques to make their malicious email look attractive or
legitimate.

2.4.4.10 Malvertising

Malvertising or malicious advertising is a relatively new cyberattack technique that injects

malicious code within digital ads. Difficult to detect by both internet users and publishers, these
infected ads are usually served to consumers through legitimate advertising networks. Because ads
are displayed to all website visitors, virtually every page viewer is at risk of infection.

Typically, the attacker begins by breaching a third-party server, which allows the cybercriminal to
inject malicious code within a display ad or some element thereof, such as banner ad copy, creative
imagery or video content.

Once clicked by a website visitor, the corrupted code within the ad will install malware or adware
on the user’s computer. The attacker may also redirect the user to a malicious website and leverage
spoofing or social engineering techniques to advance the attack.

2.5. CYBER ATTACKS

A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter
computer code, logic or data and lead to cybercrimes, such as information and identity theft. Cyber-
attacks can be classified into the following categories:
 Web-based attacks
 System-based attacks
 Active Attacks
 Passive Attacks
2.5.1. Web-Based Attacks
These are the attacks which occur on a website or web applications. Some of the important web-
based attacks are as follows

30
2.5.1.1. Injection attacks
It is the attack in which some data will be injected into a web application to manipulate the application
and fetch the required information.
Example- SQL Injection, code Injection, log Injection, XML Injection etc.
2.5.1.2. DNS Spoofing
DNS Spoofing is a type of computer security hacking whereby a data is introduced into a DNS
resolver's cache causing the name server to return an incorrect IP address, diverting traffic to the
attacker’s computer or any other computer. The DNS spoofing attacks can go on for a long period of
time without being detected and can cause serious security issues.
2.5.1.3. Session Hijacking
It is a security attack on a user session over a protected network. Web applications create cookies to
store the state and user sessions. By stealing the cookies, an attacker can have access to all of the user
data.
2.5.1.4. Phishing
Phishing is a type of attack which attempts to steal sensitive information like user login credentials and
credit card number. It occurs when an attacker is masquerading as a trustworthy entity in electronic
communication.
2.5.1.5. Brute force
It is a type of attack which uses a trial-and-error method. This attack generates many guesses and
validates them to obtain actual data like user password and personal identification number. This attack
may be used by criminals to crack encrypted data, or by security, analysts to test an organization's
network security.
2.5.1.6. Denial of Service
It is an attack which meant to make a server or network resource unavailable to the users. It
accomplishes this by flooding the target with traffic or sending it information that triggers a crash. It
uses the single system and single internet connection to attack a server. It can be classified into the
following-
2.5.1.7 Volume-based attacks- Its goal is to saturate the bandwidth of the attacked site, and is
measured in bit per second.
2.5.1.8 Protocol attacks- It consumes actual server resources, and is measured in a packet.
Application layer attacks- Its goal is to crash the web server and is measured in request per second.
2.4.1.9. Dictionary attacks
This type of attack stored the list of a commonly used password and validated them to get original
password.

31
2.5.2. System-Based Attacks
These are the attacks which are intended to compromise a computer or a computer network. Some
of the important system-based attacks are as follows-
2.5.2.1. Virus
It is a type of malicious software program that spread throughout the computer files without the
knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting
copies of itself into other computer programs when executed. It can also execute instructions that
cause harm to the system.
2.5.2.2. Worm
It is a type of malware whose primary function is to replicate itself to spread to uninfected
computers. It works same as the computer virus. Worms often originate from email attachments
that appear to be from trusted senders.
2.5.2.3. Trojan horse
It is a malicious program that occurs unexpected changes to computer setting and unusual activity,
even when the computer should be idle. It misleads the user of its true intent. It appears to be a
normal application but when opened/executed some malicious code will run in the background.
2.5.2.4. Backdoors
It is a method that bypasses the normal authentication process. A developer may create a backdoor
so that an application or operating system can be accessed for troubleshooting or other purposes.
2.5.2.5. Bots
A bot (short for "robot") is an automated process that interacts with other network services. Some
bots program run automatically, while others only execute commands when they receive specific
input. Common examples of bots program are the crawler, chatroom bots, and malicious bots.
2.5.3. Active Attacks
An active attack is a network exploit in which a hacker attempts to make changes to data on the
target or data enroute to the target.

Types of Active attacks:

2.5.3.1. Masquerade
In this attack, the intruder pretends to be a particular user of a system to gain access or to gain
greater privileges than they are authorized for. A masquerade may be attempted through the use of
stolen login IDs and passwords, through finding security gaps in programs or through bypassing
the authentication mechanism.

32
2.5.3.2. Session replay
In this type of attack, a hacker steals an authorized user’s log in information by stealing the session
ID. The intruder gains access and the ability to do anything the authorized user can do on the
website.
2.5.3.3. Message modification:
In this attack, an intruder alters packet header addresses to direct a message to a different
destination or modify the data on a target machine.
2.5.3.4. Denial of service (DoS)
In this attack, users are deprived of access to a network or web resource. This is generally
accomplished by overwhelming the target with more traffic than it can handle.
2.4.3.5. Distributed denial-of-service (DDoS)
Large numbers of compromised systems (sometimes called a botnet or zombie army) attack a
single target.
2.5.4. Passive Attacks
Passive attacks are relatively scarce from a classification perspective, but can be carried out with
relative ease, particularly if the traffic is not encrypted.
2.5.4.1. Eavesdropping (tapping):
The attacker simply listens to messages exchanged by two entities. For the attack to be useful, the
traffic must not be encrypted. Any unencrypted information, such as a password sent in response
to an HTTP request, may be retrieved by the attacker.
2.5.4.2. Traffic analysis:
The attacker looks at the metadata transmitted in traffic in order to deduce information relating to
the exchange and the participating entities, e.g., the form of the exchanged traffic (rate, duration,
etc.). In the cases where encrypted data are used, traffic analysis can also lead to attacks by
cryptanalysis, whereby the attacker may obtain information or succeed in unencrypting the traffic.

33
 CHAPTER 3
INTERNET, MOBILE PHONE AND
E-COMMERCE SECURITY

34
 UNIT-III
3. INTERNET, MOBILE PHONES AND E-COMMERCE SECURITY ISSUES

 Data Theft
 Punishments for data theft
 Theft of Internet Hours
 Internet safety for Children and Parents
 Mobile Phone Privacy
 E-Commerce Security Issues

3.1 DATA THEFT

Data theft in simple terms is an act of illicit/unapproved replicating, taking or removal of
confidential, valuable or personal information from an association without its assent or
information. It’s the act of taking virtual data with an aim to compromise someone’s privacy or to
procure confidential data. It may be regarding taking or hacking passwords, banking data, personal
data of customers, master card data or some other data, for example, trade secrets, source codes,
programming, customer database and so forth of significance to any association, or hacking into
government databases for taking confidential data and abusing them and a few more in accordance
with these.
“Data theft is currently a new era of crime in India as well as everywhere throughout the world.
With the sharp ascent being used of web and technology, a new series of cyber-crime has come
up. This has made a new breed of criminals, who plan to exploit the helplessness of computer
programs and use it for their very own benefit or just to cause harm.”
3.2. PUNISHMENT FOR DATA THEFT
“The Indian law deals with punishments and penalties for data crimes in the IT Act, 2000, in this
manner making a method of redressal for violations attempted with the help of technology through
the web. This Act is the supreme law managing E-commerce and provides punishments for the
following:”
 Unauthorized access of a computer framework,
 Destruction of computer framework programming,
 Unauthorized download or duplicating of data,
 Tampering with computer source codes,
 Hacking into unapproved computer framework,

35
  Accessing information kept in secured framework and abusing it. secured system data
is that data which is expressed by the legislature as secured information,
 Breach of confidentiality and protection of data by a person who has been agreed
powers under the IT Act.”

“The IPC defines ‘theft’ and lays down punishments for theft of movable property which
consolidates all corporeal property. This clarifies that data, which is impalpable, is beyond the
extent of IPC. In any case, if the information is kept in a medium, for instance: floppy disks, CD,
pen drives, hard drives, and so forth., and afterward on the off chance that that is taken, at that
point the applicable Sec identifying with theft in the IPC can be applied in a criminal court and, if
proved guilty, will be criminally charged for the same.”
3.3. THEFT OF INTERNET HOURS
Theft of Internet hours refers to using up or utilizing of somebody else’s Internet services. In many
cases, when a person takes up the services of any Internet service provider, he utilizes the services
in terms of number of hours consumed and makes the payment on a per hour basis. However, in
case a third person is able to identify the username and password of the Internet service user, he
can easily consume those Internet hours.
Theft of Internet hours refers to using somebody else’s internet hours. Section 43(h) of the Indian
Technology Act, 2000, lays down civil liability for this offence. It reads as, whoever without the
permission of the owner or any other person who is incharge of a computer, computer system or
computer network, charges the services availed of by a person to the account of another person by
tampering with or manipulating any computer, computer system, computer network is liable to
pay damages not exceeding one crore to the person on office.
Normally in these kinds of thefts of the Internet another person uses up surfing hours of the victim.
This is done by gaining access to the login ID and the password. In May 2000, the economic
offences wing, IPR section crime branch of Delhi police registered its first case involving theft of
Internet hours.
3.4. INTERNET SAFETY TIPS FOR CHILDREN & PARENTS
3.4.1. Internet Safety Tips for Children
 Never give out personal information, such as your name, home address, telephone number,
school name or mascot in a public message. Also, never send a person a picture of yourself
without first checking with your parent or guardian.
 Do not set up a “User Profile” on any Internet provider. People you do not know will be
able to obtain personal information simply by looking up your profile. If you already have
a profile, you should consider deleting it.

36
  Be sure you are dealing with someone who you and your parents know and trust before
giving out any personal information via E-mail or Instant Messages. Also, be aware that
by calling an “800” number or calling collect, strangers can get your phone number.
 Never respond to messages or bulletin board items that are: Suggestive, Obscene, Hostile,
Threatening or Make you feel uncomfortable.
 If you come across any information that makes you feel uncomfortable, tell your parent or
guardian right away
 Be careful when someone offers you something for nothing, such as gifts or money. Be
especially careful about any offers that involve meeting someone or having someone come
to your house.
 Never arrange a face-to-face meeting without telling your parent or guardian. If your
parent or guardian agrees to the meeting, make sure you meet in a public place, and have
that parent or guardian with you.
 Don’t tell other kids your password or user ID. If other kids have your password, they could
pretend to be you on-line.
 Remember that people on-line may not be who they seem. Someone indicating that “she”
is a “12-year-old girl” could actually be much older, and of the opposite sex.
 If you receive any messages that make you feel uncomfortable, or view information that
appears to be criminal, tell your parent or guardian right away, and please contact your
local police
3.4.2. Internet Safety Tips for parents
 Do teach your child not to post identifying information on the Internet.
 Do set a limit for how much time your child can spend online.
 Do keep the computer in a public room in the house. Do not have an Internet-connected
computer in your child’s bedroom.
 Do utilize parental controls provided by your Internet Service Provider and/or blocking
software.
 Do periodically review your child’s computer and emails. You should have your child’s
password.
 Do spend time with your child online. Have them show you their favorite online
destinations. Get to know your child’s online friends as you would their real-life friends.
Learn to navigate the web.
 Do monitor your child’s access to the Internet outside the home.
 Do talk to your child about the danger of Internet predators.

37
  Do watch for unexplained changes in your child’s behavior.
 Do NOT hesitate to seek help from law enforcement if you think a predator may be
targeting your child.
3.5 MOBILE PHONE PRIVACY
Mobile Device Security refers to the measures designed to protect sensitive information stored on
and transmitted by laptops, smart phones, tablets, wearable’s, and other portable devices. At the
root of mobile device security is the goal of keeping unauthorized users from accessing the
enterprise network. It is one aspect of a complete enterprise security plan.
3.5.1 HOW MOBILE PHONE NETWORK WORKS?
Very simply, a mobile phone network is made-up of a large number of geographic areas called ‘cells’.
These cells are arranged to provide large areas of mobile coverage. Within these cells are mobile base
stations which send and receive radio signals to and from mobile handsets located in those cells to
enable their users to connect to the internet and make calls.
These base stations are all linked via a transmission network back to the mobile carrier’s core network
which manages connections between its customers and other mobile users as well as between its
customers and the internet
Mobile base station
A mobile base station is typically made up of:
 Antennas – send and receive radio signals to/from users within the cell.
 A tower or supporting structure – where the antennas are mounted, this could be on top or
side of a building, or a separate mast or tower.
 Electronic equipment – which supports the operations of the base station which are stored
in a cabinet or shelter?
 Transmission – which is the link back to the mobile carrier’s core network, which can be
either fibre optic cable or a microwave wireless connection.
 Mobile base station antennas talk to your mobile device, which, much like a 2-way radio then
sends a radio signal to the antenna. This signal then travels down the tower into a cabinet at
the bottom where electronic equipment is located that processes that signal and decides where
to send it.
 The location of mobile base stations is determined by a number of factors, including
topography, physical constraints such as trees and buildings, the number of calls expected to
be made in the cell and the radio frequency at which the base station will operate, also known
as ‘spectrum’.

38
3.5.2 Why is mobile device security important?
With more than half of business PCs now being mobile, portable devices present distinct
challenges to network security. Potential threats to devices include malicious mobile apps,
phishing scams, data leakage, spyware, and unsecure Wi-Fi networks. On top of that, enterprises
have to account for the possibility of an employee losing a mobile device or the device being
stolen. To avoid a security breach, companies should take clear, preventative steps to reduce the
risk.
3.5.3 What are the benefits of mobile device security?
Mobile device security, or mobile device management, provides the following:
 Regulatory compliance
 Security policy enforcement
 Support of “bring your own device” (BYOD)
 Remote control of device updates
 Application control
 Automated device registration
 Data backup
Above all, mobile device security protects an enterprise from unknown or malicious outsiders
being able to access sensitive company data.
3.5.4. Technical aspects of privacy of mobile phone:
These days, smart phones are a one-stop payment, personal health, work, gaming, productivity,
texting, tweeting, and Face book-checking machine. We use them to do just about everything, from
mobile banking to navigating new places, to emailing out last minute notes on a project.
But when you to lose electronics device in cabs, using your Smartphone as a centralized source
for all of your information comes with big risks, and the more you’ve connected and stored, the
more you stand to lose. In fact, in the last year alone, at least 7.1 million phones were lost or stolen
That’s bad news, not only for individuals but for countless businesses as well, particularly if they
have BYOD policies, because each individual phone and carrier really varies in their level of
security.
It’s no wonder, then, that so many individuals and businesses are starting to take mobile security
seriously. Let’s take a look at few steps you can take to keep your phone and its wealth of personal
data secure.

39
Use a Pass code:
This may sound obvious, but according to a Consumer Reports survey, 64% of us don’t use our
passcodes. Quite frankly, not using a passcode is a horrible idea. You’re essentially handing over
all of your personal information to anyone who swipes your phone.

When you set up your passcode, use the same security measures you would on any other device,
such as not using your birthday or social security number for your passcode, and definitely not
“1234.” Never share your passcode with anyone, even if they ask nicely or give you sad, puppy
eyes. Don’t reuse passwords from other sites or devices.
While this is a subject of debate, most experts think it’s best to go with a pin rather than the swipe
patterns, as the chances of guessing a pin are much lower than guessing a pattern.
Be Selective with Your Apps
New applications might look great, but with so many unknown third party providers out there, it
can be difficult to know how private and secure it may be. For that reason, it’s best to go through
a trusted app store like iTunes, Android Market or Amazon, and to thoroughly check reviews
before downloading any app and entering your personal information.
Be particularly cautious with financial apps, the best of which shouldn’t require you to repeatedly
enter account information in order to access your account.
Don’t Click on Suspicious Links
People are three times more likely to click on suspicious links on their cell phone than on a PC. A
best advice is not to click on it. Look more carefully at the URL, especially if they’re asking you
to enter personal information. Most banks have a page explaining what they will and will not ask
for. Do your research before divulging your personal details.
Enable Remote Wiping
Should your phone ever be lost or stolen, it would be great to erase your important data from afar.
You can do this through remote wiping, and it’s relatively easy to do on most devices. An iPhone,
for example, simply requires you to do enable “Find My Phone” on the device and to sign up for
an iCloud account, which will be your command central when it’s time to wipe.
There are some concerns about corporations using location tracking software like this to infringe
upon personal privacy rights. Look up the company’s policy, and make sure it’s something you’re
comfortable with, before getting it all set up.
Keep Software Up to Date
Software updates often patch security and privacy holes users have found as they’ve tested the
software out in the real world. Keeping your software up to date will mean you’ll have the very
latest solutions.

40
Use Security Applications
Both Spyware and Malware are becoming an increasingly formidable problem for mobile phone
users. They track your whereabouts, send out your personal information, and slow down your
phone. It can be difficult to avoid downloading these, and users often don’t know they’re running.
To combat this, install security software, just like you might have on your computer, to protect
your privacy against any unbeknownst mischief. Make sure that you keep this software up to date.
Stay Off of Open Wi-Fi Networks
Since smart phones are now acting like mini-PCs, avoid unknown open Wi-Fi networks, just like
you would on your PC. As you type, malicious hotspots can transmit your credit card information
and passwords without you even knowing it.
Write down Your IMEI
Every phone has a fifteen digits serial number called an IMEI (International Mobile Equipment
Identity), which can come in handy if your phone is ever lost or stolen. You’ll find it behind your
phone’s battery or in the settings. Its well worth writing down, as it can speed the process of getting
the phone back to you.
Back Up Your Phone Regularly
Backing up your phone means you’ll always have access to all of your photos, music, apps and
whatever else. This is of course important in case your phone gets lost or stolen, but it can also
come in handy when you’re doing an OS update and experience a loss of data (it happens). Make
sure to backup at least once a day for the best results, or consider using automatic syncing with a
cloud program.
Guard the Data on Your Sim Card
If you decide to sell your cell phone, there are a number of things you should do before shipping
it off to a stranger. One of the most important is to remove both your SIM and your SD card, both
of which contain a wealth of data. Do this when sending your phone in for repairs, as well,
particularly if you don’t know your repair shop well.
3.5.5 Threats And Risk To The Privacy of Mobile Phone Users:
Mobile security threats are commonly thought of as a single, all-encompassing threat. But the
truth is, there are different types of mobile security threats that organizations need to take steps
to protect themselves from:
Below are the most common examples of these threats, as well as steps organizations can take
to protect themselves from them.
1. Social Engineering

41
Social engineering attacks are when bad actors send fake emails (phishing attacks) or text
messages (smishing attacks) to your employees in an effort to trick them into handing over
private information like their passwords or downloading malware onto their devices.
2. Data Leakage via Malicious Apps
Enterprises face a far greater threat from the millions of generally available apps on their
employees devices than from mobile malware. 85% of mobile apps today are largely unsecured.
When we visit Google Play or the App Store to download apps that look innocent enough, the
apps ask for a list of permissions before people are allowed to download them. These
permissions generally require some kind of access to files or folders on the mobile device, and
most people just glance at the list of permissions and agree without reviewing them in great
detail.However, this lack of scrutiny can leave devices and enterprises vulnerable. Even if the
app works the way it’s supposed to, it still has the potential to mine corporate data and send it
to a third party, like a competitor, and expose sensitive product or business information.
3. Unsecured Public WiFi
Public WiFi networks are generally less secure than private networks because there’s no way
to know who set the network up, how it’s secured with encryption, or who is currently accessing
it or monitoring it. And as more companies offer remote work options, the public WiFi networks
your employees use to access your servers could present a risk to your organization.
For example, cybercriminals often set up WiFi networks that look authentic but are actually a
front to capture data that passes through their system (a “man in the middle” attack).
4. End-to-End Encryption Gaps
An encryption gap is like a water pipe with a hole in it. While the point where the water enters
(your users’ mobile devices) and the point where the water exits the pipe (your systems) might
be secure, the hole in the middle lets bad actors access the water flow in between.
5. Internet of Things (IoT) Devices
The types of mobile devices that access your organization’s systems are branching out from
mobile phones and tablets to include wearable tech (like the Apple Watch) and physical devices
(like Google Home or Alexa). And since many of the latest IoT mobile devices have IP
addresses, it means bad actors can use them to gain access to your organizations’ network over
the internet if those devices are connected to your systems.
6. Spyware
Spyware is used to survey or collect data and is most commonly installed on a mobile device
when users click on a malicious advertisement (“malvertisement”) or through scams that trick
users into downloading it unintentionally.

42
Whether your employees have an iOS or Android device, their devices are targets ripe for data
mining with spyware which could include your private corporate data if that device is connected
to your systems.
7. Poor Password Habits
A 2020 study by Balbix found that 99% of the people surveyed reused their passwords between
work accounts or between work and personal accounts. Unfortunately, the passwords that
employees are reusing are often weak as well.
For example, a 2019 study by Google found that 59% of the people they surveyed used a name
or a birthday in their password.
8. Lost or Stolen Mobile Devices
Lost and stolen devices aren’t a new threat for organizations. But with more people working
remotely in public places like cafes or coffee shops and accessing the company’s system with
a wider range of devices, lost and stolen devices pose a growing risk to your organization.
9. Malvertising
Malvertising, or malicious advertising, is the term for criminally controlled advertisements
within Internet connected programs, usually web browsers, which intentionally harm people
and businesses with all manner of malware, potentially unwanted programs and assorted scams.
In other words, malvertising uses what looks like legitimate online advertising to distribute
malware and other threats to other computers.
3.6 E COMMERCE SECURITY ISSUES
E-Commerce refers to the activity of buying and selling things over the internet. Simply, it refers
to the commercial transactions, which are conducted online. E-commerce can be drawn on many
technologies such as mobile commerce, Internet marketing, online transaction processing,
electronic funds transfer, supply chain management, electronic data interchange (EDI), inventory
management systems, and automated data collection systems.
E-commerce threat is occurring by using the internet for unfair means with the intention of stealing,
fraud and security breach. There are various types of e-commerce threats. Some are accidental,
some are purposeful, and some of them are due to human error. E-commerce security is the
guidelines that ensure safe transaction through the internet. It consists of protocols that safeguard
people who engage in online selling and buying of goods and services. You need to gain your
customers’ trust by putting in place e-commerce security basics. Such basics include:
 Privacy
 Integrity
 Authentication

43
  Non-repudiation
Privacy
Privacy includes preventing any activity that will lead to the sharing of customers’ data with
unauthorized third parties. Apart from the online seller that a customer has chosen, no one else
should access their personal information and account details.
A breach of confidentiality occurs when sellers let others have access to such information. An
online business should put in place at least a necessary minimum of anti-virus, firewall, encryption,
and other data protection. It will go a long way in protecting credit card and bank details of clients.
Integrity
Integrity is another crucial concept of e-commerce Security. It means ensuring that any
information that customers have shared online remains unaltered. The principle states that the
online business is utilizing the customers’ information as given, without changing anything.
Altering any part of the data causes the buyer to lose confidence in the security and integrity of the
online enterprise.
Authentication
The principle of authentication in e-commerce security requires that both the seller and the buyer
should be real. They should be who they say they are. The business should prove that it is real,
deals with genuine items or services, and delivers what it promises. The clients should also give
their proof of identity to make the seller feel secure about the online transactions. It is possible to
ensure authentication and identification. If you are unable to do so, hiring an expert will help a lot.
Among the standard solutions include client logins information and credit card PINs.
Non-repudiation
Repudiation means denial. Therefore, non-repudiation is a legal principle that instructs players not
to deny their actions in a transaction. The business and the buyer should follow through on the
transaction part that they initiated. e-commerce can feel less safe since it occurs in cyberspace with
no live video. Non-repudiation gives e-commerce security another layer. It confirms that the
communication that occurred between the two players indeed reached the recipients. Therefore, a
party in that particular transaction cannot deny a signature, email, or a purchase.

3.6.1 OWASP (Open Web Security Project) Top Ten

The Open Web Application Security Project (OWASP) is a non-profit foundation that aims to
improve software security by publishing industry standards, articles, tools, and documents. Each
year OWASP (the Open Web Application Security Project) publishes the top ten security
vulnerabilities. It represents a broad consensus about the most critical security risks to web
applications. The aim of the report is to provide web application security experts and developers

44
with an understanding into the most common security risks so that they can use the findings of the
report as part of their security practices. This can help limit the presence of such known risks
within their web applications.

Each year OWASP publishes the top ten security vulnerabilities. Top 10 Vulnerabilities for 2022
are:

1. Broken Access Control

Access controls are critical for securing applications against unauthorized access to data and
resources. Broken access controls can lead to data compromise, obtaining permissions beyond
what’s intended for standard users, or account takeover attacks where outsiders hijack user
accounts and initiate fraudulent transactions.

2. Cryptographic Failures

Cryptographic failures refer to either a bad implementation of encryption or a complete lack of

encryption. The major consequence of a cryptographic failure is that you can potentially expose
sensitive data. The exposure of sensitive data can pose compliance, reputational, or competitive
business risks depending on what information is not adequately protected by encryption.

3. Injection

Injection is a risk category that refers to the ability of threat actors to provide malicious input to
web applications that result in the app executing unexpected and unwanted commands. Injection
occurs when the app can’t distinguish malicious input from its code. Common injection attacks
include SQL injections that insert malicious SQL queries into input fields or JavaScript injections
that load malicious code into the client-side of the web app.

4. Insecure Design

This is an entirely new category for the OWASP Top Ten, focusing broadly on application design
and architectural flaws that lead to increased security risks. When an application is inherently
designed in an insecure way, even a perfect implementation of security controls and risks can’t
compensate for those design weaknesses. Sophisticated threat actors will eventually find and
exploit design flaws.

5. Security Misconfiguration

This category of risks relates to the security components in an application being incorrectly
configured. Misconfigurations are increasingly common due to the cloud being used as a
development environment and web apps being built with container images. The infrastructural
complexity adds more points at which security misconfigurations can occur.

45
6. Vulnerable and Outdated Components

Web apps comprise many components or building blocks from external sources (libraries,
frameworks, etc.). These components handle both back-end and front-end functionality. When
threat actors try to compromise an application, they look at its component parts and attempt to
exploit any vulnerabilities. Often, these vulnerabilities come from using out-of-date frameworks
or libraries that are easy to exploit.

7. Identification and Authentication Failures

Failures in authentication and identity management make applications vulnerable to threat actors
masquerading as legitimate users. Some examples of vulnerabilities include not setting validity
periods for session IDs, permitting weak passwords that are easy to guess, and not rate limiting
login attempts against automated attacks.The solutions include implementing multi-factor
authentication in apps and communicating the importance of complying with recommended
password length, complexity, and rotation policies to developers.

8. Software and Data Integrity Failures

This is another new risk category in the OWASP Top Ten, and it’s all about making faulty default
assumptions within development pipelines about the integrity of software or data. Since web apps
regularly rely on plugins and libraries from external sources, a lack of verification of the integrity
of these sources introduces the risk of malicious code, unauthorized access, and compromise.

9. Security Logging and Monitoring Failures

Logging and monitoring helps to provide security, accountability, visibility into events, incident
alerting, and forensics. When there are failures in these capabilities, the company must be able to
detect and respond to application breaches. To mitigate, use open source or proprietary tools to
correlate logs, implement monitoring and alerting, and create an incident recovery and response
strategy using established guidelines.

10. Server-Side Request Forgery (SSRF)

SSRF is one of the two OWASP Top Ten risks added based on the community survey rather than
data from web apps. Most web apps today require external resources for their functionality, which
are usually accessed at URLs. SSRF occurs when hackers can get servers to make requests that
they control. The typical vulnerability is that the web application doesn’t validate the user-supplied
URL, potentially allowing access to internal services or resources by bypassing access controls.

3.6.2 E-Commerce Website Security Measures To Cover You 24/7

HTTPS and SSL certificates
SSL certificate is one of the ways to protect user’s personal data on the internet.

46
You may have seen that there are two types of browser addresses — HTTP and HTTPS. Both
abbreviations stand for communication protocol. The protocol is a set of rules that defines data
exchange between browser and server, what kind of information should exist there and what to do
with that data.
HTTPS is a protected version of HTTP. It’s an SSL protocol, that gets activated after SSL-
certificate is set and encrypts personal data before the information is transferred to the e-commerce
website or app owner.
This kind of protection is really useful when you have transactions to be done on your website.
Whenever customers enter their credit card information it can be stolen by hackers and used by
them later on. Thus, using an SSL certificate will make payments on your website secure and
clients will not be afraid of frauds. One of the primary benefits of SSL Certificates is to encrypt
sensitive data shared across the internet. It ensures that the information reaches only the intended
person. It is a very crucial step because all data sent will pass through multiple computers before
the destination server receives it.If SSL certificate encryption is absent, any electronic device
between the sender and the server can access sensitive details. Hackers can thus take advantage of
your exposed passwords, usernames, credit card numbers, and other information. Therefore, the
SSL certificate will come to your aid by making the data unreadable to unintended users.
Anti-malware
Your electronic devices, computer systems, and web system need a program or software that
detects and block malicious software, otherwise known as malware. Such protective software is
called Anti-malware software. An effective anti-malware should render all the hidden malware on
your website.
Anti-malware is software that detects and deletes computer viruses, as well as other undesirable
or harmful programs. Anti-malware also re-establishes files that have already been harmed by
viruses and prevent further file or software modification that can be done by malicious code.
Anti-malware is used against
 Worms
 Viruses and
 Trojan horses.
Secure server and the admin panel
Using passwords that contain different characters and are very hard to guess. The passwords should
be changed frequently. Another good practice is restricting user access and defining user roles.
Everyone should perform only what they have to do on the admin panel. Making the panel notify
you if a foreign IP tries to access it is an extra step for your security.
Secure payment gateway

47
Do not store clients’ credit card information on your database. Alternatively, use Stripe and PayPal
as a third party to manage the payment transactions away from your website.
Deploy firewall
Use effective e-commerce software and plugins to bar untrusted networks and regulate the inflow
and outflow of website traffic. They should provide selective permeability, only permitting trusted
traffic to go through. Efficient firewalls protect your website against
 XSS (Cross-Site Scripting)
 SQL injection and
 other cyber-attacks.
A firewall is a network security system that controls and filters network traffic (incoming and
outgoing) according to defined rules and eliminates e-commerce security threats.
Use Multi-Layer Security
It is helpful to employ various security layers to fortify your security. A Content Delivery Network
(CDN) that is widespread can block DDoS threats and infectious incoming traffic. They use
machine learning to keep malicious traffic at bay.
You can go ahead and squeeze in an extra security layer, such as Multi-Factor Authentication. A
two-factor authentication is a good example. After the user enters the login information, they
instantly receive an SMS or email for further actions. By implementing this step, it blocks
fraudsters as they will require more than just usernames and passwords to access the legit users’
accounts. However, hacking can still occur even if an MFA is in place.
Comply with PCI-DSS Requirements
Make it a routine to maintain the Payment Card Industry Data Security Standard (PCI-DSS) to
protect all credit card data. All businesses that handle credit card transactions need to follow these
requirements:

48
Ecommerce Security Plugins
Security plugins are a simple way to enforce security protection on your website. They provide
protection against bad bots, SQLi, XSS, code injections and hundreds of other severe attacks.
Ecommerce Security Plugins helps automatically secure your site and virtually patch software by
preventing malicious requests from ever reaching your website.
Backup Your Data
Data loss due to hardware malfunction or cyber-attacks is not uncommon. Moreover, if you do not
backup your data regularly, you are at the risk of losing it for good. You should do it yourself and
not trust anyone else to do it for you. Employ automatic backup service so that even if you forget
to do it manually, all your data will be backed up automatically. You can go one step further and
make a copy of the backup, so you will have a contingency plan available if you lose your original
backup.
Stay Updated
The importance of regularly updating WordPress core, security tools, and plugins can be stressful,
however, install security updates and patches as soon as they release because hackers can use bots
that identify which websites use outdated software. That makes outdated software a serious
liability.
Train Your Staff Better
Your staff should be aware of laws and policies pertaining to the protection of user information.
They should not share login credentials, and you should review the personnel who have access to
sensitive customer information.

49
Once your employee tenders their resignation, expunge their details and revoke all their access to
keep them from committing a cybercrime against your business.
Businesses should employ several e-commerce security measures and protocols to keep security
threats at bay all the time. Apart from the basic authentication systems like username and
passwords, SSL, multi-factor authentication is essential.
3.6.3 Zero Trust Security
Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating
implicit trust and continuously validating every stage of a digital interaction. Rooted in the
principle of “never trust, always verify,” Zero Trust is designed to protect modern environments
and enable digital transformation by using strong authentication methods, leveraging network
segmentation, preventing lateral movement, providing Layer 7 threat prevention, and simplifying
granular, “least access” policies.

Core Principles of the Zero Trust Model

The main principle of Zero Trust is “never trust, always verify”. No device or user is to be trusted,
regardless of their location, IP address, or network access method. Every interaction on the
network always requires verification wherever the source is located. Also, network access should
be limited to the smallest possible segment to achieve the desired goal, since most networks are
comprised of interconnected zones including on-premises infrastructure, cloud, remote, and
mobile users.

Top 5 pillars of zero trust architecture are:

50
 1. Device Trust
By implementing solutions such as device management, device inventory, device
compliance and device authentication, organizations can greatly limit the risk that a non-
authorized user gains access to a device and leverages that access for nefarious purposes.
2. User Trust
User trust is comprised of password authentication. Multi-factor authentication,
conditional access and dynamic scoring are all geared towards proving that the user is in
fact an authorized and validated user.
3. Transport/Session Trust
Transport/session parameters build on the principle of least privilege access to resources
by limiting access rights to users and applying minimum permissions required to perform
the given work.
4. Application Trust
Enhancing application trust parameters are made capable with tools such as single sign-on
(SSO), isolation and any device access.
5. Data Trust
Data trust is the final pillar of the Zero Trust model. Data trust strategies include protecting
data at rest via encryption or immutability, data integrity (checking data integrity often),
DLP (data loss prevention) and data classification.

Each of these five pillars of Zero Trust is supported by an architecture layer of visibility and
analytics as well as automation and orchestration.

Best Practices for Implementing Zero Trust Architecture

Several tools and technologies contribute to best practices for Zero Trust. Here is a shortlist of
those most critical to success:

 Trust nothing, authenticate everything.

Assume all devices are compromised and never trust any device that has not been
verified. ZTI tools assist with endpoint security by pushing identity controls to endpoints,
which helps to ensure that devices are first enrolled before access is granted to corporate
resources. Device enrollment also simplifies identifying and verifying every device granted
access and ensures devices meet ZTNA security requirements.

51
  Adopt network micro-segmentation

A Zero Trust Network Architecture only grants access to small segments of the network at
a time — and only to users who confirm they are authorized to access each network
segment. User and device authentication are carried out at a micro-segment level.
Connectivity to each micro-segment is based on a need-to-know model. To access any
individual segment, users must pass strict identity and device verification procedures.
Every session must be authenticated, authorized, and accounted for (AAA) before a
communication session can be established.

 Limit Access based on the Principle of Least Privilege (PoLP)

PoLP limits permissions and access to the absolute minimum required to perform a specific
task. If a user only requires read access, do not grant read or execute access. PoLP equally
applies to users and devices, so IoT devices, connected applications, and micro-services
should only be granted the minimum permission levels required to complete their
transaction.

 Deploy multi-factor authentication (MFA)

MFA has become popular for consumer banking and finance websites, and MFA makes
perfect sense as part of a zero-trust environment as well. As a rule, MFA requires users to
present at least two things including:
o Something known. A secret such as a password, PIN, or phrase the user has
memorized
o Something possessed. An object or token in the user’s possession such as a
smartphone or smart card can generate or display a one-time use code to be
provided along with something known.
o Something human. Biometric information can include a fingerprint, face scan, or
retina scan
Authentication only occurs after two (or more) of the factors validate the user as legitimate.

52
 CHAPTER 4

E-MAIL, SOCIAL MEDIA, COMPUTER

VIRUSES AND FIREWALL

53
 UNIT-IV
4. E-MAIL , SOCIAL MEDIA ISSUES, COMPUTER VIRUSES AND FIREWALL

 E-Mail and Social Media Issues

 Aspects of social media
 The Vicious Cycle of unhealthy social media use
 Modifying Social Media Use to improve Mental
Health
 Computer Virus
 Antivirus
 Firewall

4.1 E-MAIL & SOCIAL MEDIA ISSUES

While many of us enjoy staying connected on social media, excessive use can fuel feelings of
anxiety, depression, isolation, and FOMO. Here’s how to modify your habits and improve your
mood.
The role social media plays in mental health
Human beings are social creatures. We need the companionship of others to thrive in life, and the
strength of our connections has a huge impact on our mental health and happiness. Being socially
connected to others can ease stress, anxiety, and depression, boost self-worth, provide comfort and
joy, prevent loneliness, and even add years to your life. On the flip side, lacking strong social
connections can pose a serious risk to your mental and emotional health.
In today’s world, many of us rely on social media platforms such as Facebook, Twitter, Snapchat,
YouTube, and Instagram to find and connect with each other. While each has its benefits, it’s
important to remember that social media can never be a replacement for real-world human
connection. It requires in-person contact with others to trigger the hormones that alleviate stress
and make you feel happier, healthier, and more positive. Ironically for a technology that’s designed
to bring people closer together, spending too much time engaging with social media can actually
make you feel more lonely and isolated—and exacerbate mental health problems such
as anxiety and depression.
If you’re spending an excessive amount of time on social media and feelings of sadness,
dissatisfaction, frustration, or loneliness are impacting your life, it may be time to re-examine your
online habits and find a healthier balance.

54
4.2 ASPECTS OF SOCIAL MEDIA
The positive aspects of social media
While virtual interaction on social media does not have the same psychological benefits as face-
to-face contact, there are still many positive ways in which it can help you stay connected and
support your wellbeing.
Social media enables you to:
 Communicate and stay up to date with family and friends around the world.
 Find new friends and communities; network with other people who share similar
interests or ambitions.
 Join or promote worthwhile causes; raise awareness on important issues.
 Seek or offer emotional support during tough times.
 Find vital social connection if you live in a remote area.
 Find an outlet for your creativity and self-expression.
 Discover (with care) sources of valuable information and learning.
The negative aspects of social media
Since it’s a relatively new technology, there’s little research to establish the long-term
consequences, good or bad, of social media use. However, multiple studies have found a strong
link between heavy social media and an increased risk for depression, anxiety, loneliness, self-
harm, and even suicidal thoughts.

Social media may promote negative experiences such as:

Inadequacy about your life or appearance. Even if you know that images you’re viewing on
social media are manipulated, they can still make you feel insecure about how you look or what’s
going on in your own life. Similarly, we’re all aware that other people tend to share just the
highlights of their lives, rarely the low points that everyone experiences. But that doesn’t lessen
those feelings of envy and dissatisfaction when you’re scrolling through a friend’s airbrushed
photos of their tropical beach holiday or reading about their exciting new promotion at work.
Fear of missing out (FOMO). While FOMO has been around far longer than social media, sites
such as Facebook and Instagram seem to exacerbate feelings that others are having more fun or
living better lives than you are. The idea that you’re missing out on certain things can impact your
self-esteem, trigger anxiety, and fuel even greater social media use. FOMO can compel you to pick
up your phone every few minutes to check for updates, or compulsively respond to each and every

55
alert—even if that means taking risks while you’re driving, missing out on sleep at night, or
prioritizing social media interaction over real world relationships.
Isolation. A study at the University of Pennsylvania found that high usage of Facebook, Snapchat,
and Instagram increases rather decreases feelings of loneliness. Conversely, the study found that
reducing social media usage can actually make you feel less lonely and isolated and improve your
overall wellbeing.
Depression and anxiety. Human beings need face-to-face contact to be mentally healthy. Nothing
reduces stress and boosts your mood faster or more effectively than eye-to-eye contact with
someone who cares about you. The more you prioritize social media interaction over in-person
relationships, the more you’re at risk for developing or exacerbating mood disorders such as
anxiety and depression.
Cyberbullying. About 10 percent of teens report being bullied on social media and many other
users are subjected to offensive comments. Social media platforms such as Twitter can be hotspots
for spreading hurtful rumors, lies, and abuse that can leave lasting emotional scars.
Self-absorption. Sharing endless selfies and all your innermost thoughts on social media can
create an unhealthy self-centeredness and distance you from real-life connections.

4. 3 THE VICIOUS CYCLE OF UNHEALTHY SOCIAL MEDIA USE

When you feel lonely, depressed, anxious, or stressed, you use social media more often—as a way
to relieve boredom or feel connected to others. Using social media more often, though, increases
FOMO and feelings of inadequacy, dissatisfaction, and isolation. In turn, these feelings negatively
affect your mood and worsen symptoms of depression, anxiety, and stress. These worsening
symptoms cause you to use social media even more, and so the downward spiral continues.

Indicators that social media may be adversely affecting your mental health include:
Spending more time on social media than with real world friends: Using social media has
become a substitute for a lot of your offline social interaction. Even if you are out with friends,
you still feel the need to constantly check social media, often driven by feelings that others may
be having more fun than you.
Comparing yourself unfavorably with others on social media: You have low self-esteem or
negative body image. You may even have patterns of disordered eating.
Experiencing cyberbullying: You worry that you have no control over the things people post
about you.
Being distracted at school or work: You feel pressure to post regular content about yourself, get
comments or likes on your posts, or respond quickly and enthusiastically to friends’ posts.

56
Having no time for self-reflection: Every spare moment is filled by engaging with social media,
leaving you little or no time for reflecting on who you are, what you think, or why you act the way
that you do—the things that allow you to grow as a person.
Engaging in risky behavior: In order to gain likes, shares, or positive reactions on social media.
You play dangerous pranks, post embarrassing material, cyberbully others, or access your phone
while driving or in other unsafe situations.
Suffering from sleep problems: Do you check social media last thing at night, first thing in the
morning, or even when you wake up in the night? The light from phones and other devices
can disrupt your sleep, which in turn can have a serious impact on your mental health.
Worsening symptoms of anxiety or depression: Rather than helping to alleviate negative
feelings and boost your mood, you feel more anxious, depressed, or lonely after using social media.
4.4 MODIFYING SOCIAL MEDIA USE TO IMPROVE MENTAL HEALTH
Step 1: Reduce time online
A 2018 University of Pennsylvania study found that reducing social media use to 30 minutes a day
resulted in a significant reduction in levels of anxiety, depression, loneliness, sleep problems, and
FOMO. But you don’t need to cut back on your social media use that drastically to improve your
mental health. The same study concluded that just being more mindful of your social media use
can have beneficial results on your mood and focus.
While 30 minutes a day may not be a realistic target for many of us, we can still benefit from
reducing the amount of time we spend on social media. For most of us, that means reducing how
much we use our smartphones. The following tips can help:
1. Use an app to track how much time you spend on social media each day. Then set a
goal for how much you want to reduce it by.
2. Turn off your phone at certain times of the day, such as when you’re driving, in a
meeting, at the gym, having dinner, spending time with offline friends, or playing with
your kids. Don’t take your phone with you to the bathroom.
3. Don’t bring your phone or tablet to bed. Turn devices off and leave them in another
room overnight to charge.
4. Disable social media notifications. It’s hard to resist the constant buzzing, beeping,
and dinging of your phone alerting you to new messages. Turning off notifications can
help you regain control of your time and focus.
5. Limit checks. If you compulsively check your phone every few minutes, wean yourself
off by limiting your checks to once in every 15 minutes. Then once in every 30 minutes,

57
 then once an hour. There are apps that can automatically limit when you’re able to access
your phone.
6. Try removing social media apps from your phone: You can only check Facebook,
Twitter and the like from your tablet or computer. If this sounds like too drastic a step,
try removing one social media app at a time to see how much you really miss it.
Step 2: Change your focus
Many of us access social media purely out of habit or to mindlessly kill moments of downtime.
But by focusing on your motivation for logging on, you can not only reduce the time you spend
on social media, you can also improve your experience and avoid many of the negative aspects.
If you’re accessing social media to find specific information, check on a friend who’s been ill, or
share new photos of your kids with family, for example, your experience is likely to be very
different than if you’re logging on simply because you’re bored, you want to see how many likes
you got from a previous post, or to check if you’re missing out on something.
Next time when you go to access social media, pause for a moment and clarify your motivation
for doing so.
Are you using social media as a substitute for real life? Is there a healthier substitute for your
social media use? If you’re lonely, for example, invite a friend out for coffee instead. Feeling
depressed? Take a walk or go to the gym. Bored? Take up a new hobby. Social media may be
quick and convenient, but there are often healthier, more effective ways to satisfy a craving.
Are you an active or a passive user on social media? Passively scrolling through posts or
anonymously following the interaction of others on social media does not provide any meaningful
sense of connection. It may even increase feelings of isolation. Being an active participant, though,
will offer you more engagement with others.
Does social media leave you feeling inadequate or disappointed about your life? You can
counter symptoms of FOMO by focusing on what you have, rather than what you lack. Make a list
of all the positive aspects of your life and read it back when you feel you’re missing out on
something better. And remember: no one’s life is ever as perfect as it seems on social media. We
all deal with heartache, self-doubt, and disappointment, even if we choose not to share it online.
Step 3: Spend more time with offline friends
We all need the face-to-face company of others to be happy and healthy. At its best, social media
is a great tool for facilitating real-life connections. But if you’ve allowed virtual connections to
replace real-life friendships in your life, there are plenty of ways to build meaningful
connections without relying on social media.
Set aside time each week to interact offline with friends and family. Try to make it a regular get-
together where you always keep your phones off.

58
If you’ve neglected face-to-face friendships, reach out to an old friend (or an online friend)
and arrange to meet up. If you both lead busy lives, offer to run errands or exercise together.
Join a club. Find a hobby, creative endeavor, or fitness activity you enjoy and join a group of like-
minded individuals that meet on a regular basis.
Don’t let social awkwardness stand in the way. Even if you’re shy, there are proven techniques
to overcome insecurity and build friendships.
If you don’t feel that you have anyone to spend time with, reach out to acquaintances. Lots
of other people feel just as uncomfortable about making new friends as you do—so be the one to
break the ice. Invite a coworker out for lunch or ask a neighbor or classmate to join you for coffee.
Interact with strangers. Look up from your screen and connect with people you cross paths with
on public transport, at the coffee shop, or in the grocery store. Simply smiling or saying hello will
improve how you feel—and you never know where it may lead.
Step 4: Express gratitude
Feeling and expressing gratitude about the important things in your life can be a welcome relief to
the resentment, animosity, and discontent sometimes generated by social media.
Take time for reflection. Try keeping a gratitude journal or using a gratitude app. Keep track of
all the great memories and positives in your life—as well as those things and people you’d miss if
they were suddenly absent from your life. If you’re more prone to venting or negative posts, you
can even express your gratitude on social media—although you may benefit more from private
reflection that isn’t subject to the scrutiny of others.
Practice mindfulness. Experiencing FOMO and comparing yourself unfavorably to others keeps
you dwelling on life’s disappointments and frustrations. Instead of being fully engaged in the
present, you’re focused on the “what ifs” and the “if onlys” that prevent you from having a life
that matches those you see on social media. By practicing mindfulness, you can learn to live more
in the present moment, lessen the impact of FOMO, and improve your overall mental wellbeing.
Volunteer. Just as human beings are hard-wired to seek social connection, we’re also hard-wired
to give to others. Helping other people or animals not only enriches your community and benefits
a cause that’s important to you, but it also makes you feel happier and more grateful.
Step 5: Helping a child or teen with unhealthy social media use
Childhood and the teenage years can be filled with developmental challenges and social pressures.
For some kids, social media has a way of exacerbating those problems and fueling anxiety,
bullying, depression, and issues with self-esteem. If you’re worried about your child’s social media
use, simply confiscate their phone or other device. But that can create further problems, separating
your child from their friends and the positive aspects of social media. Instead, there are other ways
to help your child use Facebook, Instagram, and other platforms in a more responsible way.

59
Monitor and limit your child’s social media use. The more you know about how your child is
interacting on social media, the better you’ll be able to address any problems. Parental control apps
can help limit your child’s data usage or restrict their phone use to certain times of the day. You
can also adjust privacy settings on the different platforms to limit their potential exposure to bullies
or predators.
Talk to your child about underlying issues. Problems with social media use can often mask
deeper issues. Is your child having problems fitting in at school? Are they suffering from shyness
or social anxiety? Are problems at home causing them stress?
Enforce “social media” breaks. For example, you could ban social media until your child
completes his/her homework in the evening, and do not allow phones at the dinner table or in their
bedroom, and plan family activities that preclude the use of phones or other devices. To prevent
sleep problems, always insist phones are turned off at least one hour before bed.
Teach your child how social media is not an accurate reflection of people’s lives. They
shouldn’t compare themselves or their lives negatively to others on social media. People only post
what they want others to see. Images are manipulated and carefully posted. And having fewer
friends on social media doesn’t make your child less popular or less worthy.
Encourage exercise and offline interests. Get your child away from social media by encouraging
them to pursue physical activities and hobbies that involve real-world interaction. Exercise is great
for relieving anxiety and stress, boosting self-esteem, and improving mood—and is something you
can do as a family. The more engaged your child is offline, the less their mood and sense of self-
worth will be dependent on how many friends, likes, or shares they have on social media.
4.5 COMPUTER VIRUS
A computer virus is a type of computer program that, when executed, replicates itself by
modifying other computer programs and inserting its own code. If this replication succeeds, the
affected areas are then said to be "infected" with a computer virus, a metaphor derived from
biological viruses.
Computer viruses generally require a host program. The virus writes its own code into the host
program. When the program runs, the written virus program is executed first, causing infection
and damage. A computer worm does not need a host program, as it is an independent program or
code chunk. Therefore, it is not restricted by the host program, but can run independently and
actively carry out attacks.
Virus writers use social engineering deceptions and exploit detailed knowledge of security
vulnerabilities to initially infect systems and to spread the virus. The vast majority of viruses target
systems running Microsoft Windows employing a variety of mechanisms to infect new hosts, and
often using complex anti-detection/stealth strategies to evade antivirus software. Motives for
creating viruses can include seeking profit (e.g., with ransomware), desire to send a political

60
message, personal amusement, to demonstrate that a vulnerability exists in software,
for sabotage and denial of service, or simply because they wish to explore cyber
security issues, artificial life and evolutionary algorithms. Computer viruses cause billions of
dollars' worth of economic damage each year.
4.5.1 What Does A Computer Virus Do?
Computer Virus cause damage resulting in a system failure, corrupting data, wasting computer
resources, increasing maintenance costs or stealing personal information. Even though no antivirus
software can uncover all computer viruses (especially new ones), computer security researchers
are actively searching for new ways to enable antivirus solutions to more effectively detect
emerging viruses, before they become widely distributed.
A power virus is a computer program that executes specific machine code to reach the
maximum CPU power dissipation (thermal energy output for the central processing units).
Computer cooling apparatus are designed to dissipate power up to the thermal design power, rather
than maximum power, and a power virus could cause the system to overheat if it does not have
logic to stop the processor. This may cause permanent physical damage.
Stability test applications are similar programs which have the same effect as power viruses (high
CPU usage) but stay under the user's control. They are used for testing CPUs, for example,
when overclocking. Spinlock in a poorly written program may cause similar symptoms, if it lasts
sufficiently long.
Different micro-architectures typically require different machine code to hit their maximum
power. Examples of such machine code do not appear to be distributed in CPU reference materials.
4.5.2 How Does A Computer Get A Virus?
Once a virus has successfully attached to a program, file, or document, the virus will lie dormant
until circumstances cause the computer or device to execute its code. In order for a virus to infect
your computer, you have to run the infected program, which in turn causes the virus code to be
executed.
This means that a virus can remain dormant on your computer, without showing major signs or
symptoms. However, once the virus infects your computer, the virus can infect other computers
on the same network. Stealing passwords or data, logging keystrokes, corrupting files, spamming
your email contacts, and even taking over your machine are just some of the devastating and
irritating things a virus can do.
While some viruses can be playful in intent and effect, others can have profound and damaging
effects. This includes erasing data or causing permanent damage to your hard disk. Worse yet,
some viruses are designed with financial gains in mind.

61
4.5.3 How Do Computer Viruses Spread?
In a constantly connected world, you can contract a computer virus in many ways, some more
obvious than others. Viruses can be spread through email and text message attachments, Internet
file downloads, and social media scam links. Your mobile devices and smartphones can become
infected with mobile viruses through shady app downloads. Viruses can hide disguised as
attachments of socially shareable content such as funny images, greeting cards, or audio and video
files.
To avoid contact with a virus, it’s important to exercise caution when surfing the web,
downloading files, and opening links or attachments. To help stay safe, never download text or
email attachments that you’re not expecting, or files from websites you don’t trust
4.5.4 How Are Computer Viruses Removed?
Download and install antivirus software:
Windows Defender or Microsoft Security Essentials are pre-installed on modern Windows
systems, but you might want to opt for a different solution. Choose a reputable vendor, download
and install the package. Read instructions carefully and make sure there’s no conflict of interest:
in some cases, you may have to disable the OS’s built-in software (if the new product doesn’t take
care of it automatically).
Disconnect from the internet:
Now that you have your weapon, it’s time to cut the connection, so the malware can’t use it to
share your data or send itself to all of your contacts. Turn on Airplane Mode, switch off Wi-Fi
connectivity, or unplug the internet cable, and you’re done. If the virus is blocking control of those
functions, and your connection is wireless, turn off your cable modem or router.
Reboot into safe mode:
In Safe Mode, your system runs with the bare minimum of services needed for operation. This
prevents most malware from starting up at all or seriously limits the damage it can inflict.
Run a full scan, delete the virus or put it in quarantine:
Now, it’s time to fire up the antivirus software. Choose the most complete scan option available
and make sure to include all of your hard drive letters. If you suspect the virus could have come
from an external disk or a pen drive, keep them connected too.
When your software detects the threat, select the appropriate action: to delete or quarantine it. Use
the latter option if that’s what the program suggests or if you know that the file in question is
critical or valuable to you.

62
Delete temporary files and clear browser cache:
There’s a chance the virus is lurking in the Windows temporary folders or the cache of your
browser. We advise you to go the extra mile and take no prisoners.
4.6 ANTIVIRUSES
Definition
Software that is created specifically to help detect, prevent and remove malware (malicious
software).Antivirus is a kind of software used to prevent, scan, detect and delete viruses from a
computer. Once installed, most antivirus software runs automatically in the background to provide
real-time protection against virus attacks.
Comprehensive virus protection programs help protect your files and hardware from malware such
as worms, Trojan horses and spyware, and may also offer additional protection such as
customizable firewalls and website blocking.
4.6.1 Antivirus Software Types
All antivirus programs can be organized into the following three categories:
Standalone Antivirus Software:
Standalone antivirus software is a specialized tool designed to detect and remove certain viruses.
It is commonly referred to as portable antivirus software because it can also be installed on a USB
drive and used by administrators to run an emergency scan of an infected system. However, most
portable programs aren’t designed to provide real-time protection and download new virus
definitions daily, which is why they cannot substitute internet security suites that include a variety
of additional features.
Security Software Suites:
As mentioned above, security software suites are more than just antivirus programs. In addition to
being able to detect and remove viruses, they are also equipped to fight all other types of malicious
software and provide round-the-clock protection for your computer and files. Most of these
program packages include anti-spyware, firewall, and parental controls features. Some also include
additional functionality like password managers, a VPN, and even a standalone antivirus program
bundled with the suite.
Cloud-Based Antivirus Software:
Cloud-based antivirus software is a fairly new type of antivirus technology that analyzes your files
in the cloud rather than your computer in order to free up your computational resources and allow
for a faster response. These programs typically consist of two parts – the client that is installed on
your computer and runs periodic virus and malware scans without taking up too much memory

63
and the web service that processes the data gathered by the client and inspects it for matches in its
virus and malware database.
4.6.2 How To Choose Antivirus Software
It is important to constantly update the antivirus software on a computer because computers are
regularly threatened by new viruses. The anti-virus updates contain the latest files needed to
combat new viruses and protect your computer.
Antivirus software provides signature files which are very important since they contain the latest
lists of known viruses. These signature files are released daily, and sometimes even more often.
4.6.3 Why should users update their antivirus software regularly
It is important to constantly update the antivirus software on a computer because computers are
regularly threatened by new viruses. The anti-virus updates contain the latest files needed to
combat new viruses and protect your computer.
Antivirus software provides signature files which are very important since they contain the latest
lists of known viruses. These signature files are released daily, and sometimes even more often.
4.6.4 How Does Antivirus Work
Antivirus software works by scanning incoming files or code that's being passed through your
network traffic. Companies who build this software compile an extensive database of already
known viruses and malware and teach the software how to detect, flag, and remove them.When
files, programs, and applications are flowing in and out of your computer, the antivirus compares
them to its database to find matches. Matches that are similar or identical to the database are
isolated, scanned, and removed. While you can adjust settings so that your antivirus runs automatic
scans of your computer for malicious files, you can also opt-in to manual scans, which let you sit
and see in real-time which malicious files were found and neutralized. Some antivirus software
will ask for your permission before "cleaning" a file to remove malicious code. If you prefer a
hands-off approach, you can adjust the settings so the software automatically removes malicious
files. Most antivirus software performs the same functions, so choosing between one brand and
another shouldn't be that complex of a decision.

64
4.7 FIREWALLS
A firewall is a network security device, either hardware or software-based, which monitors all
incoming and outgoing traffic and based on a defined set of security rules it accepts, rejects or
drops that specific traffic.
Accept: allow the traffic
Reject : block the traffic but reply with an “unreachable error”
Drop : block the traffic with no reply
A firewall establishes a barrier between secured internal networks and outside untrusted network,
such as the Internet.

3.5.1 History and Need for Firewall

Before Firewalls, network security was performed by Access Control Lists (ACLs) residing on
routers. ACLs are rules that determine whether network access should be granted or denied to
specific IP address. But ACLs cannot determine the nature of the packet it is blocking. Also, ACL
alone does not have the capacity to keep threats out of the network. Hence, the Firewall was
introduced.
Connectivity to the Internet is no longer optional for organizations. However, accessing the
Internet provides benefits to the organization , it also enables the outside world to interact with the
internal network of the organization. This creates a threat to the organization. In order to secure
the internal network from unauthorized traffic, we need a Firewall.
4.7.1 How Firewall Works
Firewall match the network traffic against the rule set defined in its table. Once the rule is matched,
associate action is applied to the network traffic. For example, Rules are defined as any employee
from HR department cannot access the data from code server and at the same time another rule is
defined like system administrator can access the data from both HR and technical department.

65
Rules can be defined on the firewall based on the necessity and security policies of the
organization. From the perspective of a server, network traffic can be either outgoing or incoming.
Firewall maintains a distinct set of rules for both the cases. Mostly the outgoing traffic, originated
from the server itself, allowed to pass. Still, setting a rule on outgoing traffic is always better in
order to achieve more security and prevent unwanted communication.
Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of these
three major Transport Layer protocols- TCP, UDP or ICMP. All these types have a source address
and destination address. Also, TCP and UDP have port numbers. ICMP uses type code instead of
port number which identifies purpose of that packet.
Default policy: It is very difficult to explicitly cover every possible rule on the firewall. For this
reason, the firewall must always have a default policy. Default policy only consists of action
(accept, reject or drop). Suppose no rule is defined about SSH connection to the server on the
firewall. So, it will follow the default policy. If default policy on the firewall is set to accept, then
any computer outside of your office can establish an SSH connection to the server. Therefore,
setting default policy as drop (or reject) is always a good practice.
4.7.2 Generation of Firewall
Firewalls can be categorized based on its generation.
First Generation - Packet Filtering Firewall: Packet filtering firewall is used to control network
access by monitoring outgoing and incoming packet and allowing them to pass or stop based on
source and destination IP address, protocols and ports. It analyses traffic at the transport protocol
layer (but mainly uses first 3 layers). Packet firewalls treat each packet in isolation. They have no
ability to tell whether a packet is part of an existing stream of traffic. Only It can allow or deny the
packets based on unique packet headers.
Packet filtering firewall maintains a filtering table which decides whether the packet will be
forwarded or discarded. From the given filtering table, the packets will be Filtered according to
following rules:

66
  Incoming packets from network 192.168.21.0 are blocked.
 Incoming packets destined for internal TELNET server (port 23) are blocked.
 Incoming packets destined for host 192.168.21.3 are blocked.
 All well-known services to the network 192.168.21.0 are allowed.
Second Generation- Stateful Inspection Firewall : Stateful firewalls (performs Stateful Packet
Inspection) are able to determine the connection state of packet, unlike Packet filtering firewall,
which makes it more efficient. It keeps track of the state of networks connection travelling across
it, such as TCP streams. So the filtering decisions would not only be based on defined rules, but
also on packet’s history in the state table.
Third Generation- Application Layer Firewall : Application layer firewall can inspect and filter
the packets on any OSI layer, up to the application layer. It has the ability to block specific content,
also recognize when certain application and protocols (like HTTP, FTP) are being misused.In other
words, Application layer firewalls are hosts that run proxy servers. A proxy firewall prevents the
direct connection between either side of the firewall, each packet has to pass through the proxy. It
can allow or block the traffic based on predefined rules.
Note: Application layer firewalls can also be used as Network Address Translator(NAT).
Next Generation Firewalls (NGFW) : Next Generation Firewalls are being deployed these days
to stop modern security breaches like advance malware attacks and application-layer attacks.
NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSH inspection and many
functionalities to protect the network from these modern threats.
4.7.3 Types of Firewalls
Firewalls are generally of two types: Host-based and Network-based.
Host- based Firewalls : Host-based firewall is installed on each network node which controls
each incoming and outgoing packet. It is a software application or suite of applications, comes as
a part of the operating system. Host-based firewalls are needed because network firewalls cannot
provide protection inside a trusted network. Host firewall protects each host from attacks and
unauthorized access.
Network-based Firewalls : Network firewall function on network level. In other words, these
firewalls filter all incoming and outgoing traffic across the network. It protects the internal network
by filtering the traffic using rules defined on the firewall. A Network firewall might have two or
more network interface cards (NICs). A network-based firewall is usually a dedicated system with
proprietary software installed.

67
 CHAPTER 5

CYBER FORENSICS, DIGITAL

FOOTPRINTS AND CYBER LAWS

68
 Unit V
5 CYBER FORENSICS,DIGITAL FOOTPRINTS AND CYBER LAWS

 Cyber Forensics and Digital Evidence

 What does a digital footprint mean?
 Web Browsing and Digital Footprints
 Protect your Digital Footprint
 Cyber crimes and Cyber laws
 Regulatory Authorities

5.1 CYBER FORENSICS & DIGITAL EVIDENCE:

Computers are used for committing crime, and, thanks to the burgeoning science of digital
evidence forensics, law enforcement now uses computers to fight crime.
Digital evidence is information stored or transmitted in binary form that may be relied on in court.
It can be found on a computer hard drive, a mobile phone, among other places. Digital evidence is
commonly associated with electronic crime, or e-crime, such as child pornography or credit card
fraud. However, digital evidence is now used to prosecute all types of crimes, not just e-crime. For
example, suspects' e-mail or mobile phone files might contain critical evidence regarding their
intent, their whereabouts at the time of a crime and their relationship with other suspects. In 2005,
for example, a floppy disk led investigators to the BTK serial killer who had eluded police capture
since 1974 and claimed the lives of at least 10 victims.
In an effort to fight e-crime and to collect relevant digital evidence for all crimes, law enforcement
agencies are incorporating the collection and analysis of digital evidence, also known as computer
forensics, into their infrastructure. Law enforcement agencies are challenged by the need to train
officers to collect digital evidence and keep up with rapidly evolving technologies such as
computer operating systems.
5.2 WHAT DOES DIGITAL FOOTPRINT MEAN?
A digital footprint is a unique data trace of a user’s activities, actions, communications or
transactions in digital media. This data trace can be left on the internet, computers, mobile devices
or other mediums. A digital footprint can be used to track the user's activities and devices. A user
can leave digital footprint either actively or passively, but once shared, a digital footprint is almost
permanent in nature.

69
5.2.1 Active digital footprints
An active digital footprint is where the user has deliberately shared information about themselves.
For example, through posting or participating on social networking sites or online forums. If a user
is logged into a website through a registered username or profile, any posts they make form part
of their active digital footprint. Other activities that contribute to active digital footprints include
completing an online form such as, subscribing to a newsletter or agreeing to accept cookies on
your browser.
5.2.2 Passive digital footprints
A passive digital footprint is created when information is collected about the user without them
being aware that this is happening.
For example, this occurs when websites collect information about how many times users visit,
where they come from, and their IP address. This is a hidden process, which users may not realize
is taking place. Other examples of passive footprints include social networking sites and
advertisers using your likes, shares, and comments to profile you and target you with specific
content.
5.3 WEB BROWSING AND DIGITAL FOOTPRINTS
The digital footprint we leave after browsing websites is called the internet footprint. These are
commonly called “cookies” and most websites will ask you to accept the use of cookies before
you can access the site, without actually knowing what this means. If we inadvertently leave, other
people could passively or actively collect a lot of information about ourselves behind it just by
using a simple search engine.
It is becoming more and more common for employers to “cyber vet” prospective employees based
on their online activities. The police to gather information about individuals to help them with their
enquiries can also use digital footprints.
Social networking sites can also give a very good idea of an individual’s life. These sites can allow
digital tracing data, which can include what social groups they belong to, their interests, location
etc. This data can be gathered and analyzed without the users being aware that this is happening.
Of course there is no limit as to how far you can go back in time on social media sites and once
something is posted, there is no way of removing it completely. Others might have commented or
shared your posts and this in turn will create their own digital footprint. This is something that
needs to be discussed with your online users and teenagers so they can be educated and are aware
what might happen to that information.

70
5.3.1 Why do digital footprints matter?
Digital footprints matter because
● They are relatively permanent, and once the data is public or even semi-public, as may be
the case with Facebook posts ,the owner has little control over how others will use it.
● A digital footprint can determine a person’s digital reputation, which is now considered as
important as their offline reputation.
● Employers can check their potential employees digital footprints, particularly their social
media, before making hiring decisions.
● Colleges and universities can check their prospective student’s digital footprints before
accepting them too.
● Words and photos, which you post online, can be misinterpreted or altered, causing
unintentional offense.
● Content intended for a private group can spread to a broader circle, potentially damaging
relationships and friendships.
● Cybercriminals can exploit your digital footprint using it for purposes such as phishing for
account access or creating false identities based on your data.
For these reasons, it is worth considering what your digital footprint says about you. Many people
try to manage their digital footprint by being cautious about their online activities to control the
data that can be gathered in the first place.
5.4 DIGITAL FOOTPRINT EXAMPLES
An internet user could have hundreds of items form part of their digital footprint. Some of the
ways in which users add to their digital footprint which include:
Online shopping
● Making purchases from e-commerce websites
● Signing up for coupons or creating an account
● Downloading and using shopping applications
● Registering for brand newsletters
Online banking
● Using a mobile banking applications
● Buying or selling stocks online
● Subscribing to financial publications and blogs

71
 ● Opening a credit card account
Social media
● Using social media on your computer or devices
● Logging into other websites using your social media credentials
● Connecting with friends and contacts
● Sharing information, data, and photos with your connections
● Joining a dating site or application
Reading the news
● Subscribing to an online news source
● Viewing articles on a news applications
● Signing up for a publication’s newsletter
● Reposting articles and information you read
Health and fitness
● Using fitness trackers
● Using apps to receive healthcare
● Registering your email address with a gym
● Subscribing to health and fitness blogs

5.5 HOW TO PROTECT YOUR DIGITAL FOOTPRINT

Because employers, colleges, and others can look up your online identity, it’s a good idea to be
mindful of your digital footprint. Here are some tips for protecting your personal data and
managing your online reputation.
● Use search engines to check your digital footprint
● Reduce the number of information sources that mention you
● Limit the amount of data you share
● Double-check your privacy settings
● Avoid oversharing on social media
● Avoid unsafe websites
● Avoid disclosing private data on public Wi-Fi

72
 ● Delete old accounts
● Create strong passwords and use a password manager
● Keep an eye on your medical records
● Don’t log in with Facebook
● Keep software up to date
● Review your mobile use
● Think before you post
● Act fast after a breach
5.5.1 Use search engines to check your digital footprint
Enter your name into search engines. Include your first and last name and any variations on
spellings. If you have changed your name, search for both current and former names. Reviewing
the search engine results will give you a sense of what information about you is publicly available.
If any of the results show you in a negative light, you could contact the site administrator to see if
they can remove it. Setting up Google Alerts is one way to keep an eye on your name.
5.5.2 Reduce the number of information sources that mention you
For example, real estate websites and yellowpage.com, whitepages.com ect. May have more
information about you than you may wish. These sites can often include personal information like
your phone number, address, and age. If you are not comfortable with this, you can contact the
websites and request that the information be removed.
5.5.3 Limit the amount of data you share
Every time you provide your personal information to an organization, you widen your digital
footprint. You also increase the possibility that one of the organizations storing your data will
misuse it or suffer a breach, putting your data in the wrong hands. So, before you submit that form,
consider if it’s worth it. Are there other ways to obtain that information or service without sharing
your data?
5.5.4 Double-check your privacy settings
Privacy settings on social media allow you to control who sees your posts. Review these settings
and ensure they are set to a level you are comfortable with. For example, Facebook allows you to
limit posts to friends and make customized lists of people who can see certain posts. However,
bear in mind that privacy settings only protect you on the relevant social media site.

73
5.5.5 Avoid oversharing on social media
Social media makes it easy to connect with others but can also make oversharing easy. Think twice
before revealing your location or travel plans, or other personal information. Avoid disclosing your
phone number or email address in your social media bio. It's also a good idea to avoid 'liking' your
own bank, healthcare provider, pharmacy, etc. as this can lead cybercriminals to your critical
accounts.
5.5.6 Avoid unsafe websites
Make sure you are transacting with a secure website – the URL should start with https:// rather
than http:// - the “s” stands for “secure” and indicates that the site has a security certificate. There
should also be a padlock icon to the left of the address bar. Never share any confidential
information on unsecured sites, especially payment details.
5.5.7 Avoid disclosing private data on public Wi-Fi
A public Wi-Fi network is inherently less secure than your personal one since you do not know
who set it up or who else might be watching. Avoid sending personal information when using
public Wi-Fi networks.
5.5.8 Delete old accounts
One way to reduce your digital footprint is by deleting old accounts – for example, social media
profiles you no longer use or newsletter subscriptions you no longer read. Getting rid of dormant
accounts minimizes your exposure to potential data breaches.
5.5.9 Create strong passwords and use a password manager
A strong password will help you maintain internet security. A strong password is long made up
of at least 12 characters and ideally more and contains a mix of upper and lower-case letters plus
symbols and numbers. The more complex and involved your password, the harder it is to crack.
Using a password manager will help generate, store, and manage all your passwords in one secure
online account. Keep your passwords private avoid sharing them with others or writing them down.
Try to avoid using the same password for all your accounts, and remember to change them
regularly.
5.5.10 Keep an eye on your medical records
Practice good data hygiene by periodically reviewing your medical records. Identity thieves target
medical and health information as well as financial data. When criminals use your personal
information to obtain medical treatment in your name, their health records can become intertwined
with your own.

74
5.5.11 Do not log in with Facebook
Logging into websites and apps using Facebook is convenient. However, every time you sign into
a third-party website using your Facebook credentials, you give that company permission to mine
your Facebook user data potentially placing your personal information at risk.
5.5.12 Keep software up to date
Outdated software could house a wealth of digital footprints. Without the latest updates,
cybercriminals could gain access to this information. Cybercriminals can easily access a victim’s
devices and data by exploiting vulnerabilities in software. You can help prevent this by keeping
your software up to date. Older software can be more vulnerable to attacks by hackers.
5.5.13 Review your mobile use
Set a passcode for your mobile device so that it can't be accessed by other people if you lose it.
When installing an app, read the user agreement. Many apps disclose what kind of information
they collect and what it may be used for. These apps may mine personal data like your email,
location, and online activities. Check that you are comfortable with the information being shared
before you use the app.
5.5.14 Think before you post
What you post or say online sends a message about who you are, as does what others reveal about
you. Aspects of your digital footprint, such as uploaded photographs, blog comments, YouTube
videos, and Facebook posts, might not portray the way you would like to be seen. Create a positive
digital footprint by posting only those things that contribute to the image of you that you want
others to see.
5.5.15 Act fast after a breach
If you suspect your data might have been compromised in a breach, take action immediately. If a
financial loss is involved, contact your bank or credit card provider to report the breach. Change
any passwords that might have been exposed. If it's a password you have used for other accounts,
update it across the board.
5.6 HOW TO ERASE YOUR FOOTPRINTS ?
A Digital Footprint is a track of data a user creates while surfing the Internet. It includes all the
traces of your online activity, including websites you browse, emails you share, social media feeds
you scroll through and information you submit while signing up for any online services.
Therefore, almost everyone who uses technology and the Internet leaves a Digital Footprint.
Having an online presence is useful for making connections across the globe. But it can become
equally dangerous especially you’ve got any personal or confidential stuff stored online. This

75
includes inappropriate photos, comments, and other personal data, that might display you in bad
light or affect your reputation.
5.6.1 First, Identify the Reach Of Your Digital Footprint
To see how big a digital footprint you have, run your name through different search engines & see
what comes up. Search yourself on all major social media networking sites & make a note of all
the undesirable information that pops up.
Have a look at all the forums that you belong to and observe what information about you is
available there. Think about the websites you’ve created profiles with or have subscribed to. For
this, you can use the search function on your e-mail & look for phrases, ‘Sign up’, ‘Account’,
‘Activation’, ‘Registration’, ‘Username’, ‘Verification’, ‘Password’ or ‘Welcome’.
Take a moment to consider your past activities and passion. Like, what did you like a couple of
years ago? Have you participated in any contest or something? These types of questions may lead
you to those long-forgotten websites that you are associated with. Make a list of them!
Once you have scouted these websites through email, the next step is to search for your personally
identifying information in quotation marks on Google & other search engines. You can look for
things like your “Name”, “Email Address”, “Old or Current Contact Numbers”, “Usernames” and
so on.
Not to forget, your favorite apps and programs running on your PC can be a big source for
revealing your online activity. So, make a list of these apps as well, that asked for certain
permissions during the sign-up process.
At last, try to reminisce about all the hardware pieces you own and think about whether you have
ever registered for any of your details with the production company maybe for any support or for
warranty purposes. However, you should always keep in mind to un-register your name, once the
warranty period is over for better privacy.
Now that you have compiled a list of all the online accounts, websites, apps and other platforms
that you would like to delete your digital footprint. The next step is to start the process to erase
your digital footprints!
5.6.2 Delete or Deactivate Your Shopping/Social Media & Web Service Accounts
The very first thing you can do to erase your Internet presence is to delete or deactivate your
accounts. To get rid of them, go to these websites’ Account Settings, look for options to deactivate,
remove or close account. Often times, you find these options under Privacy & Security or
something similar. If you’re unable to remember all such accounts, try using a tool like Account
Killer that can help you track & delete online accounts automatically.

76
5.6.3 Do Not Forget To Delete All The Cookies
It’s often recommended to remove all the cookies every now and then so that no website can be
traced back to you by any means. All the popular web browsers Google, Firefox, Microsoft Edge
allows users to delete cookies. If you don’t want to follow the long process to clean cookies on
each browser one-by-one, you can use a third-party tool like Advanced System Optimizer to delete
cookies from all your browsers in one-go.
5.6.4 Submit Google Listing Removal Requests
To erase your personal data from these services, just visit the EU Privacy Removal page and fill
in all the fields. This may require some time, but it’s absolutely worth pursuing if you’ve found
that your sensitive information such as medical records or bank details are stored somewhere
online.
5.6.5 Eliminate Yourself From Data Collection Websites
Data Brokers like Spokeo, Whitepages.com, PeopleFinder are some familiar names that collect
your information and sell them to third-parties. So, that they can bombard you with advertisements
and sell stuff. Since there are several data brokers sitting online, you can’t deal with each of the
sites individually, so an easier way to opt-out of your name from such sites, try using services like
DeleteMe or Deseat.me that can help you clean your digital footprints.
5.6.6 Unsubscribe Yourself from Mailing Lists
You can’t obviously remember all the newsletters you’ve subscribed to in your entire life. But
there’s a better and easy way to unsubscribe from all them in one go. Try using a tool like
Unroll.me , it would help you to see the list of all your subscription emails. You can then easily
unsubscribe from each service without any hassles.
5.6.7 Delete Forum Entries & Blog Posts
If you wish to remove an old forum post or any blog that you wrote back in the past, you have to
contact the webmaster of those websites individually. To contact them, you can either check the
About Us or Contacts Section or use the third-party tool like www.whois.com to search for the
domain name you wish to connect. The tool would help you find the right person to connect with
them to remove your posts.
5.6.8 Enable Do Not Track Apps & Programs
There are a plethora of Anti-Virus Guards & Privacy Software that can prevent web browsers and
third-party websites from tracking your online activity. Using these security tools ensures that no
online service or website can record or store any of your personal data & hence eliminating Digital
Footprints.

77
5.6.9. Anti-Tracking Tools
There are additional Anti-tracking tools in the market like Disconnect & Abine, that simply works
to mask your Internet Browsing activities.
5.6.10 Check If Your Information Has Been Compromised Already
Websites like ‘have I been owned?’ can help you to check if any of your online account and
personal details associated with it has been compromised in a data breach or not. To check your
information, just enter your email address on the main dashboard and it would list the websites
where your data was unintentionally or intentionally exposed to the public.
5.7 BROWSER EXTENSIONS AND SEARCH ENGINE DELETION
There are browser extensions that you could install to prevent websites from collecting your data.
One of these features is called Do Not Track, and it is available for Chrome, Firefox, and Internet
Explorer. It has some drawbacks; for instance, the Share buttons may disappear from some
websites.
There is also something called DeleteMe, a removal service that erases personal information that
may have been collected by data brokers companies that either collect or buy personal information
online, then aggregate it with data from offline sources, and sell complete personal-info databases.
To use the service, you submit your personal information for removal. Then, DeleteMe experts
find and remove that personal information from leading broker sites, also removing it from Google
search results.
And, another one to clean up your online presence, try Deseat.me, a tool that gives you a list of all
the services you have created an account for, then lets you choose which ones to keep and which
ones to delete, and sends removal requests to the services you will not use anymore.
Another browser extension that could help you go unnoticed while you’re online is Ghostery.
Ghostery blocks third-party tracking scripts and updates a script library to facilitate future
blocking. Anytime a tracker is blocked, all the cookies that tracker could have placed will not be
accessible to anyone but the user. Therefore, they will not be read when called upon.
5.8 CYBER CRIME AND CYBER LAWS
5.8.1 Introduction
"Cyber" is a prefix used to describe a person, thing, or idea as part of the computer and information
age. Taken from kybernetes, Greek word for "steersman" or "governor," it was first used in
cybernetics, a word coined by Norbert Wiener and his colleagues. The virtual world of internet is
known as cyberspace, the laws governing this area are known as Cyber laws, and all the netizens
of this space come under the ambit of these laws as it carries a kind of universal jurisdiction. Cyber
law can also be described as that branch of law that deals with legal issues related to use of inter-

78
networked information technology. In short, cyber law is the law governing computers and the
internet.
The growth of Electronic Commerce has propelled the need for vibrant and effective regulatory
mechanisms, which would further strengthen the legal infrastructure, so crucial to the success of
Electronic Commerce. All these regulatory mechanisms and legal infrastructures come within the
domain of Cyber law.
Cyber law is important because it touches almost all aspects of transactions and activities on and
involving the internet, World Wide Web and cyberspace. Every action and reaction in cyberspace
has some legal and cyber legal perspectives. Cyber law encompasses laws relating to
● Cyber crimes
● Electronic and digital signatures
● Intellectual property
● Data protection and privacy
Cyber crimes are technology based crimes wherein the computer or internet itself is used as a
weapon or means to commit such crimes. They are organized and white-collar crimes like cyber
frauds, hacking, data theft, phishing, identity theft, etc. Cyber-crimes are committed with the help
of technology and cyber criminals have a deep understanding of technology. In fact, cyber
criminals are technocrats who understand the intricacies of Information Technology. Cybercrimes
do not know or recognize any territorial boundary or barrier.
In general, a Cyber Crime can be classified into the following three categories:
1. Target Cyber Crime: It is a crime wherein a computer is the target of the offence.
2. Tool Cyber Crime: It is a crime wherein a computer is used as a tool in committing the offence.
3. Computer incidental: It is a crime wherein the computer plays only a minor role in the
commission of the offence.
Accordance to the Information Technology Act, 2000 a Cyber Crime can be defined as “an act or
omission that is punishable under the Information Technology Act, 2000”.
This however is not an exhaustive definition as the Indian Penal Code also covers certain cyber-
crimes, such as email spoofing and cyber defamation, sending threatening emails, etc.
5.8.2 CLASSIFICATIONS OF CYBER CRIMES
The number of Cyber Crimes committed is increasing with each passing day, and it is very difficult
to find out as to what is actually a cybercrime and what is the conventional crime. However, to
deal with this challenge, the most common cyber crimes can be categorised and discussed under
the following heads:

79
 ● Cyber Crime Against Person
● Cyber Crime Against Property
● Cyber Crime Against Government
● Cyber Crime Against Society
5.8.2.1 Cyber Crimes against Persons
There are certain offences which affect the personality of an individual and can be defined as:
(i) Harassment via E-Mails: It is a very common type of harassment done through letters,
attachments of files & folders, i.e., via e-mails. At present, harassment is common with the increase
in the usage of social networking sites, like Facebook.com, Twitter.com, etc.
(ii) Cyber-Stalking: It means expressed or implied a physical threat that creates fear through the
use to computer technology such as internet , e-mail, phones, text messages,webcam, websites or
videos.
(iii) Dissemination of Obscene Material: It includes Indecent exposure/ Pornography (basically
child pornography), hosting of web site containing these prohibited materials. These obscene
matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.
(iv) Malware: Malware is software that takes control of any individual’s computer to spread a bug
to other people’s devices or social networking profiles. Such software can also be used to create a
‘bot net ’ a network of computers controlled remotely by hackers, known as ‘herders’ to spread
spam or viruses.
(v) Defamation: It is an act of imputing any person with intent to lower down the dignity of the
person by hacking his mail account and sending some mails with vulgar language to unknown
persons mail account.
(vi) Hacking: It means unauthorized control/access over computer system and act of hacking
completely destroys the whole data as w ell as computer programmes. Hackers usually hack
telecommunication and mobile network.
(vii) Cracking: It is amongst the gravest cybercrimes known till date. It is a dreadful feeling to
know that a stranger has broken into your computer systems without your knowledge and consent
and has tampered with precious confidential data and information.
(viii) E-Mail Spoofing: A spoofed e-mail may be said to be one, which misrepresents its origin. It
shows its origin to be different from which actually it originates.
(ix) SMS Spoofing: Spoofing is a blocking through spam, which means the unwanted uninvited
messages. Here a offender steals identity of another in the form of mobile phone number and

80
sending SMS via internet and receiver gets the SMS from the mobile phone number of the victim.
It is very serious cybercrime against any individual.
(x) Carding: It means false ATM cards, i.e., Debit and Credit cards used by criminals for their
monetary benefits through withdrawing money from the victim’s bank account mala-fidely. There
is always unauthorized use of ATM cards in this type of cybercrimes.
(xi) Cheating & Fraud : It means the person who is doing the act of cybercrime i.e. stealing
password and data storage has done it with wrongful intention which leads to fraud and cheating.
(xii) Child Pornography: It involves the use of computer networks to create, distribute, or access
materials that sexually exploits underage children.
(xiii) Phishing: Phishing is just one of the many frauds on the Internet, Phishing trying to fool
people into parting with their money. Phishing refers to the receipt of unsolicited emails by
customers of financial institutions, requesting them to enter their username, password or other
personal information to access their account for some reason. Customers are directed to a
fraudulent replica of the original institution's website when they click on the links on the email to
enter their information, and so they remain unaware that the fraud has occurred. The fraudster then
has access to the customer's online bank account and t o t he funds contained in that account.
(xiv) Vishing: Vishing is the criminal practice of using social engineering and Voice over IP
(VoIP) to gain access to private personal and financial Information from the public for the purpose
of financial reward. The term is a combination of “voice" and phishing.
(xv) Bot networks: A cybercrime called 'Bot Networks', wherein spamsters and other perpetrators
of cybercrimes remotely take control of computers without the users realizing it, is increasing at
an alarming rate. Computers get linked to Bot Networks when users unknowingly download
malicious codes such as Trojan horse sent as e-mail attachments. Such affected computers, know
n as zombies, can work together whenever the malicious code within them get activated, and those
who are behind the Bot Networks attacks get the computing powers of thousands of systems at
their disposal. Attackers often coordinate large groups of Bot controlled systems, or Boot
networks, to scan for vulnerable systems and use them to increase the speed and breadth of their
attacks. Boot networks create unique problems for organizations because they can be remotely
upgraded with new exploits very quickly and this could help attackers pre-empt security efforts.
(xvi) Assault by Threat: It refers to threatening a person with fear for their lives or lives of their
families through the use of a computer network, i.e., E-mail, videos or phones.
(xvii) Buffer overflow: This is the most common way of breaking into a computer. Buffers are
created to hold a finite amount of data. When it overflows, it goes into adjacent buffers, which can
cause data to be over written. In buffer overflow attacks, the extra data can contain instructions
that trigger specific actions. These actions can cause damage to files and change data.

81
5.8.2.2 Crimes against Persons’ Property
As there is rapid growth in the international trade where businesses and consumers are increasingly
using computers to create, transmit and to store information in the electronic form instead of
traditional paper documents. There are certain offences, which affect person’s properties, which
are as follows:
(i) Intellectual Property Crimes: Intellectual property consists of a bundle of rights. Any unlawful
act by which the owner is deprived completely or partially of his rights is an offence. The common
form of IPR violation may be said to be software piracy, infringement of copyright, trademark,
patents, designs and service mark violation, theft of computer source code, etc.

(ii) Software piracy: Many people do not consider software piracy to be theft. They would never
steal a rupee from someone but would not think twice before using pirated software. There is a
common perception amongst normal computer users to not consider software as “property”.
This has led the software piracy to become a flourishing business. The software pirate sells the
pirated software in physical media (usually CD ROMs) through a close network of dealers.
The suspect uses high-speed CD duplication equipment to create multiple copies of the pirated
software. This software is sold through a network of computer hardware and software vendors
(iii) Cyber Squatting: It means where two persons claim the same Domain Name either by claiming
that they had registered the name first on by right of using it before the other or using something
similar to that previously.
For example, two similar names, i.e., www.yahoo.com and www.yaahoo.com.
(iv) Cyber Vandalism: Vandalism means deliberately destroying or damaging property of another.
Thus, cyber vandalism means destroying or damaging the data when a network service is stopped
or disrupted. It may include within its purview any kind of physical harm done to the computer of
any person. These acts may take the form of the theft of a computer, some part of a computer or a
peripheral attached to the computer.
(v) Hacking Computer System: Hacktivism attacks those included Famous Twitter, blogging plat
form by unauthorized access/control over the computer. Due to the hacking activity, there will be
loss of data as well as computer. In addition, research especially indicates that those attacks were
not mainly intended for financial gain too and to diminish the reputation of particular person or
company.
A hacker is an unauthorized user who attempts to or gains access to an information system.
Hacking is a crime even if there is no visible damage to the system, since it is an invasion in to the
privacy of data. There are different classes of Hackers.

82
(a) White Hat Hackers - They believe that information sharing is good, and that it is their duty to
share their expertise by facilitating access to information.
However, there are some white hat hackers who are just “joy riding" on computer systems.
(b) Black Hat Hackers -They cause damage after intrusion.
They may steal or modify data or insert viruses or worms, which damage the system. They are also
called ‘crackers.
(c) Grey Hat Hackers - Typically ethical but occasionally violates hacker ethics. Hackers will hack
into networks, stand-alone computers and software. Network hackers try to gain unauthorized
access to private computer networks just for challenge, curiosity, and distribution of information.
Crackers perform unauthorized intrusion with damage like stealing or changing of information or
inserting malware (viruses or worms)
(vi) Transmitting Virus: Viruses are programs that attach themselves to a computer or a file and
then circulate themselves to other files and to other computers on a network. They usually affect
the data on a computer, either by altering or deleting it. Worm attacks plays major role in affecting
the computerize system of the individuals.
(vii) Packet Sniffing: This is used by hackers and forensic experts. Data travels in the form of
packets and vary in size depending on the network bandwidth and amount of data. The hacker
intercepts the transmission between computer A and B. All the hacker needs is the IP address from
one of the computers and any data can be stolen. The data is not stolen because sniffers do not do
that. Instead, they copy the hex value and translate it into original data. This is why it is hard for
firewalls to detect this because they only provide application level security.
(viii) Cyber Trespass: It means to access someone’s computer without the right authorization of
the owner and does not disturb, alter, misuse, or damage data or system by using wireless internet
connection.
(ix) Salami Attack: Those attacks are used for the commission of financial crimes. The key here is
to make the alteration so insignificant that in a single case it would go completely unnoticed. e.g.,
a bank employee inserts a program into bank’s servers that deducts a small amount from the
account of every customer.
(x) Internet Time Thefts: Basically, Internet time theft comes under hacking. It is the use by an
unauthorized person, of the Internet hours paid for by another person. The person who gets access
to someone else’s ISP user ID and password, either by hacking or by gaining access to it by illegal
means, uses it to access the Internet without the other person’s knowledge. You can identify time
theft if your Internet time has to be recharged often, despite infrequent usage.
(xi) Trojan and Rats: Trojan horses are programs that appear to be doing what the user wants while
they are actually doing something else such as deleting files or formatting disks. All the user sees

83
is the interface of the program that he wants to run. RATs are remote access Trojans that provide
a backdoor into the system through which a hacker can snoop into your system and run malicious
code.
(xii) Data Diddling: Data diddling involves changing data prior or during input into a computer.
In other words, information is changed from the way it should be entered by a person typing in the
data, a virus that changes data, the programmer of the database or application, or anyone else
involved in the process of having information stored in a computer file. The culprit can be anyone
involved in the process of creating, recording, encoding, examining, checking, converting, or
transmitting data. This is one of the simplest methods of committing a computer-related crime,
because it requires almost no computer skills whatsoever. Despite the ease of committing the
crime, the cost can be considerable.
(xiii) Email account hacking: Emails are increasingly being used for social interaction, business
communication and online transactions. Most email account holders do not take basic precautions
to protect their email account passwords. Cases of theft of email passwords and subsequent misuse
of email accounts are becoming very common.
The victim’s email account password is stolen and the account is then misused for sending out
malicious code (virus, worm, Trojan etc.) to people in the victim’s address book. The recipients of
these viruses believe that the email is coming from a known person and run the attachments. This
infects their computers with the malicious code.
The suspect would install key loggers in public computers (such as cyber cafes, airport lounges
etc.) or the computers of the victim.
5.8.2.3. Cybercrimes against Government
There are certain offences done by group of persons intending to threaten the international
governments by using internet facilities. It includes:
(i) Cyber Terrorism: Cyber terrorism is a major burning issue in the domestic as well as global
concern. The common form of these terrorist attacks on the internet is by distributed denial of
service attacks, hate websites and hate e-mails, attacks on sensitive computer networks etc. Cyber
terrorism activities endanger the sovereignty and integrity of the nation.
(ii) Web defacement: Website defacement is usually the substitution of the original home page of
a website with another page (usually pornographic or defamatory in nature) by a hacker.
Religious and government sites are regularly targeted by hackers in order to display political or
religious beliefs. Under the scenario, the homepage of a website is replaced with a pornographic
or defamatory page. In case of Government websites, this is most commonly done on symbolic
days (e.g., the Independence Day of the country).

84
The defacer may exploit the vulnerabilities of the operating system or applications used to host the
website. This will allow him to hack into the web server and change the home page and other
pages. Alternatively, he may launch a brute force or dictionary attack to obtain the administrator
passwords for the website. He can then connect to the web server and change the Web Pages.
(iii) Cyber Warfare: It refers to politically motivated hacking to conduct sabotage and espionage.
It is a form of information warfare sometimes seen as analogous to conventional warfare although
this analogy is controversial for both its accuracy and its political motivation.
(iv) Use of Internet and Computers by terrorists: Many terrorists are using virtual as well as
physical storage media for hiding information and records of their illicit business. They also use
emails and chat rooms to communicate with their counterparts around the globe. The suspects
carry laptops wherein information relating to their activities is stored in encrypted and password-
protected form. They also create email accounts using fictitious details. In many cases, many
people share one email account. E.g., one terrorist composes an email and saves it in the draft
folder. Another terrorist logs into the same account from another city / country and reads the saved
email.
He then composes his reply and saves it in the draft folder. The emails are not actually sent. This
makes email tracking and tracing almost impossible. For committing this crime, the terrorists
purchase small storage devices with large data storage capacities. They also purchase and use
encryption software. The terrorists may also use free or paid accounts with online storage
providers.
(v) Distribution of pirated software: It means distributing pirated software from one computer to
another intending to destroy the data and official records of the government.
(vi) Possession of Unauthorized Information: It is very easy to access any information by the
terrorists with the aid of internet and to possess that information for political, religious, social,
ideological objectives.
5.8.2.4. Cybercrimes Against Society at large
An unlawful act done with the intention of causing harm to the cyberspace will affect large number
of persons. These offences include:
(i) Child Pornography: It involves the use of computer networks to create, distribute, or access
materials that sexually exploit underage children. It also includes activities concerning indecent
exposure and obscenity.
(ii) Cyber Trafficking: It may be trafficking in drugs, human beings, arms weapons etc. which
affects large number of persons. Trafficking in the cyberspace is also a gravest crime.

85
(iii) Online Gambling: Online fraud and cheating is one of the most lucrative businesses that are
growing today in the cyber space. There are many cases that have come to light are t hose
pertaining to credit card crimes, contractual crimes, offering jobs, etc.
(iv) Financial Crimes: This type of offence is common as there is rapid growth in the users of
networking sites and phone networking where culprit will try to attack by sending bogus mails or
messages through internet. Ex: Using credit cards by obtaining password illegally.
(v) Forgery: It means to deceive large number of persons by sending threatening mails as online
business transactions are becoming the habitual need of today’s life style.
5.9 COMMON CYBER CRIMES AND APPLICABLE LEGAL PROVISIONS: A
SNAPSHOT
S.No Cyber Crime Applicable Provisions
1 Harassment via fake public profile on social Sections 66A, 67 of IT Act and Section
networking site: A fake profile of a person 509 of the Indian Penal Code.
is created on a social networking site with
the correct address, residential information
or contact details but he/she is labeled as
‘prostitute’ or a person of ‘loose character’.
This leads to harassment of the victim
2 Online Hate Community: Online hate Section 66A of IT Act 153A & 153B of
community is created and inciting a the Indian Penal Code.
religious group to act or pass objectionable
remarks against a country, national figures
etc.
3 Email Account Hacking: If victim’s email Sections 43, 66, 66A,66C, 67, 67A and
account is hacked and Obscene emails are 67B of Information Technology Act
sent to people in victim’s address book.
4 Credit Card Fraud: Unsuspecting victims Sections 43, 66, 66C, 66D of IT Act and
would use infected Computers to make section 420 of the Indian Penal Code.
online transactions.
5 Web Defacement: The homepage of a Sections 43 and 66 of IT Act and Sections
website is replaced with a pornographic or 66F, 67, 70 of IT Act also apply in some
defamatory and page. Government sites cases.
generally face the wrath of hackers on
symbolic days
6 Introducing Viruses, Worms, Backdoors, Sections 43, 66, 66A of Act and Section
Rootkits, Trojans, Bugs, all of the above are 426 of Indian Penal Code.
some sort of Indian Penal Code malicious
programs which are used to destroy or gain
access to some electronic information
7 Cyber Terrorism: Many terrorists use Conventional terrorism laws may apply
virtual (G-Drive, FTP sites) and physical along with Section 69 of IT Act.

86
 storage media (USB’s) hard drives) for
hiding information and records of their
illicit business
8 Online sale of illegal Articles: Where sale Generally, conventional laws apply in
of narcotics, drugs weapons and wildlife is these cases.
facilitated by the Internet
9 Cyber Pornography: Among the Sections 67, 67A and 67B of the IT Act.
Largest businesses on Internet.
Pornography may not be illegal
in many countries, but child
Pornography is prohibited at large.
10 Phishing and Email Scams : Section 66, 66A and 66D of IT Act and
Phishing involves fraudulently Section 420 of IPC
acquiring sensitive information
through masquerading a site as
a trusted entity. (E.g. Passwords,
credit card information)
11 Theft of Confidential Information : Sections 43, 66, 66B of IT Act and Section
Many business organizations store their 426 of Indian Penal Code.
confidential information in computer
systems. This information is targeted by
rivals, criminals and disgruntled
employees.
12 Source Code Theft: A Source code Sections 43, 66, 66B of IT Act and Section
generally is the most coveted and 63 of Copyright Act.
important “crown jewel” asset of
a company.
13 Tax Evasion and Money Income Tax Act and Prevention of Money
Laundering: Money launderers and people Laundering Act. IT Act may apply case-
doing illegal business activities hide their wise.
information in virtual as well as physical
activities.
14 Online Share Trading Fraud : It It has Sections 43, 66, 66C, 66D of IT Act
becomes mandatory for investors and Section 420 of Indian Penal Code.
to have their demat accounts
linked with their online banking
accounts which are generally
accessed unauthorized, thereby
leading to share trading frauds.

87
5.10 CYBER LAW (IT LAW) IN INDIA
5.10.1 Introduction
Cyber Law took birth in order to take control over the crimes committed through the internet or
the cyberspace or through the uses of computer resources. Description of the lawful issues that are
related to the uses of communication or computer technology can be termed as Cyber Law.
Cyber Law of India: The Information Technology Act, 2000 (IT Act 2000) still governs the cyber
law of India and related issues. IT Act, 2000 has become an redundant and draconian law that
needs to be repealed. The telegraph and cyber law of India remained outdated, colonial and
draconian in the year 2014 as well.
India must ensure techno legal measures to regulate Indian cyberspace. Similarly, regulations and
guidelines for effective investigation of cyber crimes in India is also need of the hour. The Indian
Government has assured in the year 2014 that the IT Act, 2000 could be amended to accommodate
e-commerce concerns. The technological development has given rise to a cyber-world constituting
cyber space. Cyber space is witnessing considerable advancement with the rapid increase in the
information technology. It is always hard to determine or predict something in the future in an
accurate manner.
There is a possibility to consolidate the technological advancements in the past. The internet users
are increasing tremendously every year and at the same time, there is rise in the number of people
using mobiles and smart phones.
5.10.2 What is the importance of Cyber Law?
Cyber law plays a very important role in this new epoch of technology. It is important as it is
concerned to almost all aspects of activities and transactions that take place either on the internet
or on other communication devices. Whether we are aware of it or not, but each action and each
reaction in Cyberspace has some legal and Cyber legal views.
5.11 THE INFORMATION TECHNOLOGY ACT OF INDIA, 2000
The Information Technology Act,2000 (also known as ITA-2000, or the IT Act) is an act of the
Indian Parliament (no 21 of 2000), it was notified on 17th October 2000. It is the most important
law in India that deals with the digital crimes or cybercrimes and electronic commerce. It is based
on the United Nations Model Law on Electronic Commerce 1996 (UNCITRAL Model)
recommended by the General Assembly of United Nations by a resolution dated 30 January 1997”.
5.11.1 Some key points of the Information Technology (IT) Act 2000 are as follows:
● E-mail is now considered as a valid and legal form of communication.
● Digital signatures are given legal validity within the Act.

88
 ● Act has given birth to new business to companies to issue digital certificates by becoming
the Certifying Authorities.
● This Act allows the government to issue notices on internet through e-governance.
● The communication between the companies or between the company and the government
can be done through internet.
● Addressing the issue of security is the most important feature of this Act. It introduced the
construct of digital signatures that verifies the identity of an individual on internet.
● In case of any harm or loss done to the company by criminals, the Act provides a remedy
in the form of money to the company.

5.12 CYBER LAW AND PUNISHMENT IN INDIA

Following are the sections under IT Act, 2000
1. Section 65- Temping with the computers source documents
Whoever intentionally or knowingly destroy, conceal or change any computer’s source code that
is used for a computer, computer program, and computer system or computer network.
Punishment:
Any person who involves in such crimes could be sentenced upto 3 years imprisonment or with a
fine of Rs.2 lakhs or with both.
2. Section 66- Hacking with computer system, data alteration etc
Whoever with the purpose or intention to cause any loss, damage or to destroy, delete or to alter
any information that resides in a public or any person’s computer. Diminish its utility, values or
affects it injuriously by any means, commits hacking
Punishment:
Any person who involves in such crimes could be sentenced up to 3 years imprisonment, or with
a fine that may extend up to 2 lakhs rupees, or both .
3. Section 66A- Sending offensive messages through any communication services
● Any information or message sent through any communication services this is offensive or
has threatening characters.
● Any information that is not true or is not valid and is sent with the end goal of annoying,
inconvenience, danger, insult, obstruction, injury, criminal intention, enmity, hatred or ill
will.

89
 ● Any electronic mail or email sent with the end goal of causing anger, difficulty or mislead
or to deceive the address about the origin of the messages.
Punishment:
Any individual found to commit such crimes under this section could be sentenced up to 3years of
imprisonment along with a fine.
4. Section 66B- Receiving stolen computer’s resources or communication devices dishonestly
Receiving or retaining any stolen computer, computer’s resources or any communication devices
knowingly or having the reason to believe the same.
Punishment:
Any person who involves in such crimes could be sentenced either description for a term that may
extend upto 3 years of imprisonment or with a fine of rupee 1 lakh or both.
5. Section 66C- Identify theft Using of one’s digital or electronic signature or one’s password or
any other unique identification of any person is a crime.
Punishment:
Any person who involve in such crimes could be sentenced either with a description for a term
which may extend upto 3 years of imprisonment along with a fine that may extend upto rupee 1
lakh.
6. Section 66D- Cheating by personation by the use of computer’s resources. Whoever tries to
cheats someone by personating through any communication devices or computer resources shall
be sentenced either with a description for a term that may extend up to 3 years of imprisonment
along with a fine that may extend up to rupee 1 lakh.
7. Section 66E- Privacy or violation
Whoever knowingly or with an intention of publishing, transmitting or capturing images of private
areas or private parts of any individual without his/her consent, that violets the privacy of the
individual shall be sentenced to 3 years of imprisonment or with a fine not exceeding more than 2
lakhs rupees or both.
8. Section 66F- Cyber terrorism
A. Whoever intentionally threatened the integrity, unity, sovereignty or security or strike terror
among the people or among any group of people by-
I. Deny to any people to access computer’s resources.
II. Attempting to break in or access a computer resource without any authorization or to exceed
authorized access.

90
By intention or by knowingly tries to go through or tries to gain access to computer’s resources
without the authorization or exceeding authorized access, and by such conducts obtains access to
the data, information or computer’s database which is limited or restricted for certain reason
because of the security of the state or foreign relations, or any restricted database, data or any
information with the reason to believe that those data or information or the computer’s database
obtained may use to cause or probably use to cause injury to the interest of the independence and
integrity of our country India.
Punishment:
Whoever conspires or commits such cybercrime or cyber terrorism shall be sentenced to life time
imprisonment.
9. Section 67- Transmitting or publishing obscene materials in electronic form
Whoever transmits, publishes, or cause to publish any obscene materials in electronics form. Any
material that is vulgar or appeal to be lubricious or if its effect is for instance to tends to corrupt
any individual who are likely to have regard to all relevant circumstances to read or to see or to
hear the matter that contained in it, shall be sentenced on the first convict with either description
for a term that may extend up to five years of imprisonment along with a fine which may extend
up to 1 lakh rupee and in the second or subsequent convict it can be sentenced either description
for a term that may extend up to ten years along with a fine that may perhaps extend to two lakhs
rupees.
10. Section 67A- Transmitting or publishing of materials that contains sexually explicit contents,
acts etc in electronics form
Whoever transmits or publishes materials that contains sexually explicit contents or acts shall be
sentences for either description for a term, which may extend up to 5 years or imprisonment along
with a fine that could extend to 10 lakhs rupees in the first convict. In the event of the second
convict criminal could be sentenced for either description for a term that could extend up to 7 years
of imprisonment along with a fine that may extend up to 20 lakhs rupees.
11. Section 67B- Transmitting or publishing of materials that depicts children in sexually explicit
act etc in electronics form
Whoever transmits or publishes any materials that depict children in sexually explicit act or
conduct in any electronics form shall be sentenced for either description for a term which may
extend to 5 years of imprisonment with a fine that could extend to rupees 10 lakhs on the first
conviction. In the event of second conviction, criminals could be sentenced for either description
for a term that could extend to 7 years along with a fine that could extend to rupees 10 lakhs.
12. Section 67C- Retention and preservation of information by intermediaries

91
I. Intermediaries shall retain and preserve such information that might specify for such period and
in such a format and manner that the Central Government may prescribe.
II. Any intermediaries knowingly or intentionally contravene the provision of the sub-section.
Punishment:
Whoever commits such crimes shall be sentenced for a period that may extend upto 3 years of
imprisonment and liable to fine.
13. Section 69- Power to issue direction for monitor, decryption or interception of any information
through computer’s resources
I. Where the Central government’s or State government’s authorized officers, as the case may be
in this behalf, if fulfilled that it is required or expedient to do in the interest of the integrity or the
sovereignty, the security defense of our country India, state’s security, friendly relations with the
foreign states for preventing any incident to the commission of any cognizable offences that is
related to above or investigation of any offences that is subjected to the provision of sub-section
(II). For reasons to be recorded writing, direct any agency of the appropriate government, by order,
decrypt or monitor or cause to be intercept any information that is generated or received or
transmitted or is stored in any computer’s resources.
II. The safeguard and the procedure that is subjected to such decryption, monitoring or interception
may carried out, shall be such as may be prescribed.
III. The intermediaries, the subscribers or any individual who is in the charge of the computer’s
resources shall call upon by any agencies referred to the sub-section (I), extends all services and
technical assistances to:
a) Providing safe access or access to computer’s resources receiving, transmitting,
generating or to store such information or
b) Decrypting, intercepting or monitoring the information, as the case might be or
c) Providing information that is stored in computer.
IV. The intermediaries, the subscribes or any individual who fails to help the agency referred in
the sub-section (III), shall be sentenced for a term that could extend to 7 years of imprisonment
and also could be legally responsible to fine .
5.13 CYBER CRIME PREVENTION GUIDE TO USERS
Rightly said prevention is better than cure therefore, it is suggested that the government should
issue cybercrime prevention guidelines to citizens at large so that users can follow guidelines in
protecting themselves from the Cyber Crimes.
Best practice to prevent Cyber Crime should include following directions to users:

92
 ● Updating the Computer System Regularly
● Selecting strong passwords, which cannot be guessed. One should avoid using passwords
like date of birth, date of marriage anniversary and alike
● Keep changing the passwords regularly
● Protecting Computers with security Software’s and Physical Firewalls
● Protecting one’s personal information
● Keeping an eye on phony email messages
● Regular signing out of online accounts and transactions
● Avoid sharing credit card and debit card details
● Stop responding to emails and messages asking for personal information
● Pay attention to privacy policies
● Guarding one’s email addresses
● Regularly reviewing bank and credit card statements

5.14 REGULATORY AUTHORITIES

1) Department of Electronics and Information Technology
The functions of the Department of Electronics and Information Technology, Ministry of
Communications & Information Technology, Government of India are as follows –
● Policy matters relating to Information Technology, Electronics and Internet.
● Initiatives for development of Hardware / Software industry including knowledge based
enterprises, measures for promoting Information Technology exports and competitiveness
of the industry.
● Promotion of Information Technology and Information Technology enabled services and
Internet.
● Assistance to other departments in the promotion of E-Governance, E-Infrastructure, E-
Medicine, E-Commerce, etc.
● Promotion of Information Technology education and Information Technology-based
education.
● Matters relating to Cyber Laws, administration of the Information Technology Act. 2000
(21 of 2000) and other Information Technology related laws.

93
 ● Matters relating to promotion and manufacturing of Semiconductor Devices in the country.
● Interaction in Information Technology related matters with International agencies and
bodies.
● Initiative on bridging the Digital Divide, Matters relating to Media Lab Asia.
● Promotion of Standardization, Testing and Quality of Information
● Technology and standardization of procedure for Information Technology application and
Tasks.
● Electronics Export and Computer Software Promotion Council (ESC).
● National Informatics Centre (NIC)
● All matters relating to personnel under the control of the Department.
2) Controller of Certifying Authorities (CCA)
The IT Act provides for the Controller of Certifying Authorities (CCA) to license and regulate the
working of Certifying Authorities. The Certifying Authorities (CAs) issue digital signature
certificates for electronic authentication of users. The CCA certifies the public keys of CAs using
its own private key, which enables users in the cyberspace to verify that a licensed CA issues a
given certificate. For this purpose it operates, the Root Certifying Authority of India (RCAI).
3) Cyber Appellate Tribunal
Cyber Appellate Tribunal has been established under the IT Act under the aegis of Controller of
Certifying Authorities (CCA). A Cyber Appellate Tribunal consists of one Presiding Officer who
is qualified to be a Judge of a High Court or is or has been a member of the Indian Legal Service
and is holding or has justice and, subject to the other provisions of this Act and of any rules. The
Cyber Appellate Tribunal has powers to regulate its own procedure including the place at which it
has its sittings.
Every proceeding before the Cyber Appellate Tribunal shall be deemed to be a judicial proceeding
within the meaning of sections 193 and 228, and for the purposes of section 196 of the Indian Penal
Code and the Cyber Appellate Tribunal shall be deemed to be a civil court for the purposes of
section 195 and Chapter XXVI of the Code of Criminal Procedure, 1973.
The composition of the Cyber Appellate Tribunal is provided for under section 49 of the
Information Technology Act, 2000. Initially the Tribunal consisted of only one person who was
referred to as the Presiding Officer who was to be appointed by way of notification by the Central
Government. Thereafter the Act was amended in the year 2008 by which section 49 which provides
for the composition of the Cyber Appellate Tribunal has been changed. As per the amended section
the Tribunal shall consist of a Chairperson and such number of other Members as the Central
Government may by notification in the Official Gazette appoint. The selection of the Chairperson

94
and Members of the Tribunal is made by the Central Government in consultation with the Chief
Justice of India. The Presiding Officer of the Tribunal is now known as the Chairperson.
4) Indian Computer Emergency Response Team (ICERT)
The mission of ICERT is to enhance the security of India's Communications and Information
Infrastructure through proactive action and effective collaboration. Its constituency is the Indian
Cyber-community.
The purpose of the ICERT is, to become the nation's most trusted referral agency of the Indian
Community for responding to computer security incidents as and when they occur; the ICERT will
also assist members of the Indian Community in implementing proactive measures to reduce the
risks of computer security incidents. It provides technical advice to system administrators and
users to respond to computer security incidents. It also identifies trends in intruder activity, works
with other similar institutions and organizations to resolve major security issues and disseminates
information to the Indian cyber community.
It functions under the Department of Information Technology, Ministry of Communications &
Information Technology, Government of India held a post in Grade I of that service for at least
three years supported by other official under him/her.
The Cyber Appellate Tribunal has, for the purposes of discharging its functions under the IT Act,
the same powers as are vested in a civil court under the Code of Civil Procedure, 1908. However,
is not bound by the procedure laid down by the Code of Civil Procedure, 1908 but is guided by the
principles of natural.

95
 A HANDBOOK ON CYBER SECURITY

ABBREVIATIONS

S.No Abbreviation Full -Form

1. IT Information Technology
2. DoS Denial of Service
3. ISP Internet Service Provider
4. DDoS Distributed Denial of Service
5. PC Personal Computer
6. ATM Automated Teller Machine
7. CNN Cable News Network
8. POCSO Protection of Children from Sexual Offences Act
9. IPC The Indian Penal Code
10. UI User Interface
11. DNS Domain Name System
12. SNMP Simple Network Management Protocol
13. IDS Intrusion Detection System
14. https Hypertext transfer protocol secure
15. DA Dearness Allowance
16. SQL Structured Query Language
17. XML Extensible Markup Language
18. http Hypertext transfer Protocol
19. IPC Indian Penal Code
20. Wifi Wireless Fidelity
21. BYOD Bring Your own Device
22. IMEI International Mobile Equipment Identity
23. SD Secure Digital
24. SIM Subscriber Identity Module
25. IOT Internet of Things

96
26. EDI Electronic Data Interchange
27. SSRF Server-Side Request Forgery
28. SSL Secure Sockets Layer
29. XSS Cross Site Scripting
30. SMS Short Messaging Service
31. PCI-DSS Payment Card Industry – Data Security Standard
32. MPA Multi Factor Authentication
33. ZTNA Zero Trust Network Access
34. AAA Authorized and Authenticated
35. PoLP Principle of Least Principle
36. FOMO Fear of Missing Out
37. CPU Central Processing Unit
38. USB Universal Serial Bus
39. VPN Virtual Private Network
40. ACL Access Control List
41. TCP Transmission Control Protocol
42. UDP User Datagram Protocol
43. ICMP Internet Control Message Protocol
44. NAT Network Address Translator
45. NGFN Next Generation Translator
46. FTP File Transfer Protocol
47. NIC Network Interface Card
48. EU European Union
49. Wi-Fi Wireless Fidelity
50. IP Internet Protocol
51. DoT Department of Telecommunication
52. SFIO Serious Fraud Investigation Office
53. SEBI Securities and Exchange Board of India
54. ISPs Internet Service Providers

97
55. ED Enforcement Directorate
56. TTL Tata Teleservices Limited
57. TRAI Telecommunication and Telecom Regulatory Authority of
India
58. WCCB Wildlife Crime Control Bureau
59. MLM Multi-Level Marketing
60. CCTNS Crime and Criminal Tracking Networks and Systems
61. ICANN Internet Corporation for Assigned Names and Numbers
62. ESC Electronics Export and Computer Software Promotion
Council
63. SLA Service Level Agreement
64. DDoS Distributed Denial of Service
65. UEBA User and Event Behavioral Analytics
66. API Application Programming Interface
67. CD ROM Compact Disk Read Only Memory
68. NIC National Informatics Centre
69. CCA Controller of Certifying Authorities
70. RCAI Root Certifying Authority of India
71. IT Act Information Technology Act
72. E-Commerce Electronic Commerce
73. E-Mails Electronic Mails
74. IPR Intellectual Property Rights
75. WWW World Wide Web
76. RAT Remote Access Trojan
77. UNCITRAL United Nations Commission on International Trade Law
78. E-Governance Electronic Governance
79. E-Infrastructure Electronic Infrastructure
80. E-Medicine Electronic Medicine
81. ICERT Indian Computer Emergency Response Team

98
Book Reference

1. Charles P Pfleeger and Shai Lawrence Pfleeger, “Security in Computing”, Fourth &
Third Edition, Prentice Hall, 2007 & 2011.
2. Ross J. Anderson and Ross Anderson, “Security Engineering: A guide to building
Dependable Distributed System”, Wiley,2009.
3. Thomas R. Peltier, Justin Peltier and John Bleckley, “Information Security
Fundamentals”,2nd Edition, Prentice Hall 1996.
4. Gettier, Urs E. “Information Security: Strategies for Understanding and Reducing
Risks” John Wiley & Sons, 2011.
5. Michael Whiteman and Herbert J. Mattord, “Principles of information security”.,2012.
6. Marie wright and John kakalik “Information security” ,2007.
7. Thomas R. Peltier, Justin Peltier and John Blackley, ”Information Security
Fundamentals”,2005.
8. Dhiren R. Patel “Information Security theory and practical” PHI publication, -2008.
9. Debby Russell and Sr.G.T. Gangemi,”Computer Security Basics”, 2nd edition, O’Reilly
Media, 2006.
10. Shon Harris and Fernando Maymi “CISSP All-in-One Exam Guide”, 7th Edition,
McGraw-Hill Education, 1 June 2016
11. 11. Harold F Tipton, Micki Krause “Information Security Management Handbook”,
6th Edition, , Auerbach Publications, 5 April 2012
12. “Cyber Crime Law and Practice”, the Institute Of Company Secretaries of India,
November 2016
13. Animesh Sarmah, Roshmi Sarmah , Amlan Jyoti Baruah “A brief study on Cyber Crime
and Cyber Laws of India”, Dept of CSE, Assam Kaziranga University.

99
Websites

1. https://www.britannica.com/topic/information-system
2. https://www.Study.com
3. https://www.vssut.ac.in
4. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-12r1.pdf
5. https://www.imperva.com/learn/data-security/information-security-infosec/
6. https://www.csoonline.com/article/3513899/what-is-information-security-definition-
principles-and-jobs.html
7. https://www.energy.gov/sites/prod/files/2014/06/f17/Information_System_Owner_Core_
Competency_Training_v01.pdf
8. https://www.ibm.com/services/security
9. https://intellipaat.com/blog/what-is-computer-security
10. https://www.xcitium.com/blog/pc-security/computer-security
11. http://deity.gov.in/ Department of Electronics and Information Technology Govt. of India
12. http://cybercellmumbai.gov.in/ - Cybercrime investigation cell
13. http://ncrb.gov.in/ - National Crime Records Bureau
14. http://catindia.gov.in/Default.aspx - Cyber Appellate Tribunal
15. http://www.cert-in.org.in/ - Indian Computer Emergency Response Team
16. http://cca.gov.in/rw/pages/index.en.do - Controller of Certifying Authorities
17. http://www.safescrypt.com - Safescrypt
18. http://www.nic.in – National Informatics Centre
19. https://www.kaspersky.com/resource-center/definitions/what-is-a-digital-footprint
20. https://geekflare.com/digital-footprint/

100