Upload
shumail-tariq
View
78
Download
2
Embed Size (px)
Citation preview
Comsat s institute of information technology
Cyber crime
introductionIn 1960s internet was developed for better communication and research. With advancement of technology and expansion ofinternet every area becomes easy to access but it also provides a pathway to commit crimes easily without any effort only sitting on a system.Some human minds of criminal nature use internet as a tool of crime which is now known as cyber crime committed in all countries first cyber crime reported in 1820
WHAT IS CRIME?
Crime is a social and economic phenomenon
“a legal wrong that can be followed by criminal proceedings which may result into punishment.”
definition : Crime is an intentional act of commission or omission in contravention to the law of the land and accordingly punishable when proved in judicial proceeding
CYBER CRIME
The term “cyber crime” was first coined by Barry Collins in 1980’s
“Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime”
A generalized definition of cyber crime may be “ unlawful acts wherein the computer is either a tool or target or both”
REASONS FOR CYBER CRIME:
Capacity to store data in comparatively small space
Easy to access Complex Negligence Loss of evidence Money Fun ego
CYBER CRIMINALS:
The cyber criminals constitute of various groups/ category. The following are the category of cyber criminals:
• Children and adolescents between the age group of 6 – 18 years
• Organised hackers• Professional hackers / crackers• Discontented employees
TYPES OF CRIME
Conventional and new forms of crime White collar crime Organized crime Victimless crime
Types of cyber crime
Hacking Theft of information Packet sniffing spyware Data diddling Virus / worm attacks Logic bombs
Contd.
Trojan attacks Internet time thefts Web jacking
Packet Sniffers — Software programs that monitor’s network traffic. Attackers use packet sniffers to capture and analyze data transmitted via a network. Specializedsniffers capture passwords as they cross a networkSpyware gathers information without theusers’ knowledge. Spyware is typically bundled covertlywith another program. The user does not know thatinstalling one also installs the other. Once installed, thespyware monitors user activity on the Internet andtransmits that information in the background to someone else
Virus program or piece of code that spreads from computer to computer without the users’ consent. They usually cause an unexpected and negative event when run by a computer. Viruses contaminate legitimate computerprograms Worms are wholly contained viruses
that travel through networks, automatically duplicate themselves and send themselves to other computers whose addresses are in the host computer.
Viruses are always embedded within another file or program. Worm: self-reproducing program which propagates via the network. Trojan horse: program which purports to do one thing, but secretly does something else; example: free screen saver installs with a backdoor
Data diddling: This is altering raw data just before a computer processes it and then changing it back after the processing is completed. Denial of Service attack: The computer is flooded with more requests than it can handle which cause it to crash. Distributed Denial of Service (DDOS) attack is a example.
Web jacking: This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the web site of another. Email bombing: It refers to sending large numbers of mail to the victim, which may be an individual or a company by ultimately resulting into crashing.
Hacking Intrusion into computer system without the permission of the computer owner/user.
. Identity Theft • A form of fraud in which a person pretends to be someone else by assuming the other person’s identity • Undertaken to access resources or obtain credit and other benefits in the victim’s name . E-mail spoofing • A technique used by hackers to send mails in which sender’s address and other parts of the email are altered. • This method is used to disguise the actual email address from which phishing and spam messages are sent • Motive: to trick users into providing personal and confidential information
SQL injection The ability to inject SQL commands into the database engine through an existing application
CATEGORIES OF CYBER CRIMES
Internal Computer crimes
Virus worms Trojan horses
Tele communication crimes
Phone breaking
Phone tapping Hacking
Computer Manipulation Crimes
Embezzlements
Frauds
Support of Criminal Enterprises
Data bases to support drug Distribution
Data bases to keep records of client transaction
Money laundering
Hardware and softwareTheft
Software piracy
Theft of computer and microchips
Theft of trade secrets
TYPES OF CYBER CRIME
Classification of cyber crime1. Against
Individuals a. their
person &b. their
property of an individual
2. Against Organization
a. Governmentc. Firm, Company,
Group of Individuals
3. Against Society at large
AGAINST INDIVIDUALS Harassment via e-mails. Cyber-stalking. Dissemination of obscene material. Defamation. Unauthorized control/access over computers Indecent exposure Email spoofing Cheating & Fraud
AGAINST INIDVIDUAL PROPERTY: Computer vandalism. Transmitting virus. Net trespass Unauthorized control/access over
computers Intellectual Property crimes Internet time thefts
AGAINST ORGANISATION
Cyber terrorism against the government organization.
Distribution of pirated software etc.
CYBER TERRORISM
Scientific war against Governments
CYBER TERRORISM
Cyber terrorism is the convergence of terrorism and cyberspace. It is generally understood to
mean unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.
WITH INCLUSION OF COMPUTER
LTTE AUM
Perpetrator Group/Individual Group/Individual
Place Sri Lanka/London/Australia
Japan/US/WorldwideWorldwide
Tool Threats/Violence/Recruitment/Education/Strategies
Violence/Recruitment/Education/Strategies
Target Government Officials/Recruits
Governments
Motivation Social/Political Change
World Domination
DEFENDING AGAINST CYBER TERRORISM
DETERRENCE CRIMINAL JUSTICE ENHANCED DEFENSE NEGOTIATIONS
AGAINST SOCIETY AT LARGE Pornography (basically child
pornography) Polluting the youth through
indecent exposure Trafficking Financial crimes Sale of illegal articles Online gambling Forgery
TOP 20 :
VARIOUS SECTIONS
Section 43
deals with the unauthorised access, unauthorised downloading, virus attacks or any contaminant, causes damage, disruption, denial of access, interference with the service availed by a person
Section 65 deals with ‘tampering with computer source documents’ and provides for imprisonment up to 3 years or fine
Section 66 deals with ‘hacking with computer system’ and provides for imprisonment up to 3 years or fine
section 67 deals with publication of obscene material and provides for imprisonment up to a term of 10 years
PREVENTIONS
.Use antivirus software’s
.Insert firewalls
.uninstall unnecessary software
.maintain backup
.check security settings
.Stay anonymous –
.choose a genderless screen name
.Never give your full name or address to strangers..
PREVENTION OF CYBER CRIME To prevent cyber stalking avoid disclosing any
information pertaining to oneself. This is as good as disclosing your identity to strangers in public place.
Always avoid sending any photograph online particularly to strangers and chat friends as there have been incidents of misuse of the photographs.
Always use latest and up date anti virus software to guard against virus attacks.
Always keep back up volumes so that one may not suffer data loss in case of virus contamination
Never send your credit card number to any site that is not secured, to guard against frauds.
CONTD. Always keep a watch on the sites that your
children are accessing to prevent any kind of harassment or depravation in children.
Web site owners should watch traffic and check any irregularity on the site. Putting host-based intrusion detection devices on servers may do this
Web servers running public sites must be physically separate protected from internal corporate network.
CONCLUSION History is the witness that no legislation has
succeeded in totally eliminating crime from the globe. The only possible step is to make people aware of
their rights and duties (to report crime as a collective duty towards the society) and further making the application of the laws more stringent to check crime.
Undoubtedly the IT Act is a historical step in the cyber world. Further I all together do not deny that there is a need to bring changes in the Information Technology Act to make it more effective to combat cyber crime.