CYBER CRIME AND CYBER SECURITY

INTERNAL ASSESSMENT REPORT

EC-8006

SUBMITTED BY: GUIDED BY:

MANMEET CHUGGA
MONALIKA SINGH RATHORE MR. KUSH SONI
PRACHI BHAWNANI ASSISTANT PROFESSOR
SAMIKSHA SHARMA
SHRUTI PANWAR

ELECTRONICS AND COMMUNICATION DEPARTMENT

MEDICAPS INSTITUTE OF SCIENCE AND TECHNOLOGY

INDORE-453331

2018-2019
CYBER CRIME:

It is a crime that involves a computer and network. Offences that are committed against
individuals or groups of individuals with a criminal motive to intentionally harm the
reputation of the victim or cause physical or mental harm, or loss, to the victim directly or
indirectly, using modern telecommunication networks such as Internet (networks including
chat rooms, emails, notice boards and groups) and mobile phones (Bluetooth/SMS/MMS).

CLASSIFICATION OF CYBERCRIME:

1. Crimes against individuals – These are committed against individuals or their

properties. Some examples are:

 Email harassment

 Cyber-stalking

 Spreading obscene material

 Unauthorized access or control over the computer system

 Indecent exposure

 Spoofing via email

 Fraud and also cheating

 Further, crimes against individual property like computer vandalism and

transmitting a virus. Also, trespassing online and intellectual property-related
crimes. Further, internet time thefts are also included.

2. Crimes against organizations – Some examples of cyber crimes against organization

are:

 Possessing unauthorized information

 Cyber terrorism against a government organization

 Distributing pirated software

3. Crimes against society – Some examples of crimes against society are:

 Polluting the youth through indecent exposure

  Trafficking

 Financial crimes

 Selling illegal articles

 Online Gambling

 Forgery

CYBERSECURITY:

Cybersecurity refers to a set of techniques used to protect the integrity of networks,

programs and data from attack, damage or unauthorized access. According to Forbes, the
global cyber security market is expected to reach 170 billion by 2020.

BOTNET:

A botnet is a logical collection of internet-connected devices such as computers, smartphones

or IoT devices whose security has been breached and control ceded to a third party. Each
such compromised device, known as a "bot", is created when a device is penetrated by
software from a malware (malicious software) distribution. The controller of a botnet is able
to direct the activities of these compromised computers through communication channels
formed by standards-based network protocols such as IRC and Hypertext Transfer Protocol .

DDoS:

A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the
bandwidth or resources of a targeted system, usually one or more web servers.[9] Such an
attack is often the result of multiple compromised systems (for example, a botnet) flooding
the targeted system with traffic. A botnet is a network of zombie computers programmed to
receive commands without the owners' knowledge.[33] When a server is overloaded with
connections, new connections can no longer be accepted. The major advantages to an attacker
of using a distributed denial-of-service attack are that multiple machines can generate more
attack traffic than one machine, multiple attack machines are harder to turn off than one
attack machine, and that the behavior of each attack machine can be stealthier, making it
harder to track and shut down. These attacker advantages cause challenges for defense
mechanisms.

How Do We Know That An Attack Is Happening:

• Unusually slow network performance.

• Unavailability of a particular website.

• Inability to access any website.

• Dramatic increase in the amount of spam you receive in your account.

Solutions to Avoid DDoS:

• Install and maintain anti-virus.

• Install a firewall.

• Configure the firewall to restrict incomming and outgoing traffic.

• Follow good security practices for distributing your email address.

 • Applying email filters may help you manage unwanted traffic.

Malware:

Malware is a malicious software that gets installed in your device and performs unwanted
tasks. Mainly designed to transmit information about your web browsing habits to the third
party

Types of Malware:

□ Viruses

□ Trojan Horse

□ Spyware

□ Adware

□ Worms

Virus:

Software that replicates itself and spreads by damaging and deleting the files.Virus enters
your device via attached i audio/video files , downloads etc.

Spyware:

Spyware is a program that gets installed without the user’s permission. It monitors the user’s
activities on the internet and transmits that information to the third party.

Adware:

Software where advertising banners are displayed while any program is running.It
automatically downloads to your device while browsing any website.It is used by companies
for marketing purposes.

Worms:

Malicious program that make copies of itself on local device, network shares etc. They
make the working of your device slower.

Trojan Horse:

A Trojan Horse is a program containing or harmful code. Entering a computer, it performs

various tasks like corrupting files and sending out personal information.

RANSOMEWARE:

Ransomware is a type of malicious software from cryptovirology that threatens to publish the
victim's data or perpetually block access to it unless a ransom is paid. While some simple
ransomware may lock the system in a way which is not difficult for a knowledgeable person
to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it
encrypts the victim's files, making them inaccessible, and demands a ransom payment to
decrypt them.In a properly implemented cryptoviral extortion attack, recovering the files
without the decryption key is an intractable problem – and difficult to trace digital currencies
such as Ukash and crypto currency are used for the ransoms, making tracing and prosecuting
the perpetrators difficult. Ransomware attacks are typically carried out using a Trojan that is
disguised as a legitimate file that the user is tricked into downloading or opening when it
arrives as an email attachment. The concept of file encrypting ransomware was invented and
implemented by Young and Yung at Columbia University and was presented at the 1996
IEEE Security & Privacy conference. It is called cryptoviral extortion and it was inspired by
the fictional facehugger in the movie Alien. Cryptoviral extortion is the following three-
round protocol carried out between the attacker and the victim.

1. [attacker→victim] The attacker generates a key pair and places the corresponding
public key in the malware. The malware is released.
2. [victim→attacker] To carry out the crypto viral extortion attack, the malware
generates a random symmetric key and encrypts the victim's data with it. It uses the
public key in the malware to encrypt the symmetric key. This is known as hybrid
encryption and it results in a small asymmetric cipher text as well as the symmetric
cipher text of the victim's data. It zeroizes the symmetric key and the original
plaintext data to prevent recovery. It puts up a message to the user that includes the
asymmetric cipher text and how to pay the ransom. The victim sends the asymmetric
ciphertext and e-money to the attacker.
3. [attacker→victim] The attacker receives the payment, deciphers the asymmetric
ciphertext with the attacker's private key, and sends the symmetric key to the victim.
The victim deciphers the encrypted data with the needed symmetric key thereby
completing the crypto virology attack.
CBERSTALKING:

Cyberstalking is the use of the Internet or other electronic means to stalk or harass an
individual, group, or organization.[1] It may include false accusations, defamation,
slander and libel. It may also include monitoring, identity theft, threats, vandalism,
solicitation for sex, or gathering information that may be used to threaten, embarrass or
harass. Cyberstalking is often accompanied by realtime or offline stalking.[2] In many
jurisdictions, such as California, both are criminal offenses.[3] Both are motivated by a
desire to control, intimidate or influence a victim.[4] A stalker may be an online stranger
or a person whom the target knows. They may be anonymous and solicit involvement of
other people online who do not even know the target. Cyberstalking is a criminal offense
under various state anti-stalking, slander and harassment laws. A conviction can result in
a restraining order, probation, or criminal penalties against the assailant, including jail.
Who are the most likely victims and offenders of cyberstalking. A number of key factors
have been identified in cyberstalking:

False accusations: Many cyberstalkers try to damage the reputation of their victim and
turn other people against them. They post false information about them on websites. They
may set up their own websites, blogs or user pages for this purpose. They post allegations
about the victim to newsgroups, chat rooms, or other sites that allow public contributions
such as Wikipedia or Amazon.com.

Attempts to gather information about the victim: Cyberstalkers may approach their
victim's friends, family and work colleagues to obtain personal information. They may
advertise for information on the Internet, or hire a private detective.Monitoring their
target's online activities and attempting to trace their IP address in an effort to gather
more information about their victims.

Encouraging others to harass the victim: Many cyberstalkers try to involve third parties in
the harassment. They may claim the victim has harmed the stalker or his/her family in
some way, or may post the victim's name and telephone number in order to encourage
others to join the pursuit.

False victimization: The cyberstalker will claim that the victim is harassing him or her.
Bocij writes that this phenomenon has been noted in a number of well-known cases.
Attacks on data and equipment: They may try to damage the victim's computer by
sending viruses.

Ordering goods and services: They order items or subscribe to magazines in the victim's
name. These often involve subscriptions to pornography or ordering sex toys then having
them delivered to the victim's workplace.

Arranging to meet: Young people face a particularly high risk of having cyberstalkers try
to set up meetings between them.

The posting of defamatory or derogatory statements: Using web pages and message
boards to incite some response or reaction from their victim.

Types:

Stalking by strangers

According to Joey Rushing, a District Attorney of Franklin County, Alabama, there isn't a
single definition of a cyberstalker - they can be either strangers to the victim or have a
former/present relationship. "[Cyberstalkers] come in all shapes, sizes, ages and
backgrounds. They patrol Web sites looking for an opportunity to take advantage of
people."

Gender-based stalking

Harassment and stalking because of gender online is common, and can include rape
threats and other threats of violence, as well as the posting of the victim's personal
information] It is blamed for limiting victims' activities online or driving them offline
entirely, thereby impeding their participation in online life and undermining their
autonomy, dignity, identity, and opportunities.

Of intimate partners

Cyberstalking of intimate partners is the online harassment of a current or former

romantic partner. It is a form of domestic violence, and experts say its purpose is to
control the victim in order to encourage social isolation and create dependency. Harassers
may send repeated insulting or threatening e-mails to their victims, monitor or disrupt
their victims' e-mail use, and use the victim's account to send e-mails to others posing as
the victim or to purchase goods or services the victim does not want. They may also use
the Internet to research and compile personal information about the victim, to use in order
to harass him or her.

Of celebrities and public persons

Profiling of stalkers shows that almost always they stalk someone they know or, via
delusion, think they know, as is the case with stalkers of celebrities or public persons in
which the stalkers feel they know the celebrity even though the celebrity does not know
them.As part of the risk they take for being in the public eye, celebrities and public
figures are often targets of lies or made-up stories in tabloids as well as by stalkers, some
even seeming to be fans. In one noted case in 2011, actress Patricia Arquette quit
Facebook after alleged cyberstalking. In her last post, Arquette explained that her security
warned her Facebook friends to never accept friend requests from people they do not
actually know. Arquette stressed that just because people seemed to be fans did not mean
they were safe. The media issued a statement that Arquette planned to communicate with
fans exclusively through her Twitter account in the future.

By anonymous online mobs

Web 2.0 technologies have enabled online groups of anonymous people to self-organize
to target individuals with online defamation, threats of violence and technology-based
attacks. These include publishing lies and doctored photographs, threats of rape and other
violence, posting sensitive personal information about victims, e-mailing damaging
statements about victims to their employers, and manipulating search engines to make
damaging material about the victim more prominent Victims frequently respond by
adopting pseudonyms or going offline entirely.

Experts attribute the destructive nature of anonymous online mobs to group dynamics,
saying that groups with homogeneous views tend to become more extreme. As members
reinforce each others' beliefs, they fail to see themselves as individuals and lose a sense of
personal responsibility for their destructive acts. In doing so they dehumanize their
victims, becoming more aggressive when they believe they are supported by authority
figures. Internet service providers and website owners are sometimes blamed for not
speaking out against this type of harassment.

A notable example of online mob harassment was the experience of American software
 developer and blogger Kathy Sierra. In 2007 a group of anonymous individuals attacked
Sierra, threatening her with rape and strangulation, publishing her home address and
Social Security number, and posting doctored photographs of her. Frightened, Sierra
cancelled her speaking engagements and shut down her blog, writing "I will never feel the
same. I will never be the same."

Corporate cyberstalking

Corporate cyberstalking is when a company harasses an individual online, or an

individual or group of individuals harasses an organization.Motives for corporate
cyberstalking are ideological, or include a desire for financial gain or revenge

SPAM:
Spam is an electronic junk mail or newsgroup postings.Some people define it a
unsolicited mail. However if a long last brother find your email address and sends you an
message this could be a spam.

Types of SPAM:

Email

Email spam, also known as unsolicited bulk email (UBE), or junk mail, is the practice of
sending unwanted email messages, frequently with commercial content, in large
quantities. Spam in email started to become a problem when the Internet was opened for
commercial use in the mid-1990s. It grew exponentially over the following years, and by
2007 it composed some 80 to 85 percent of all e-mail, by a conservative estimate.[19]
Pressure to make email spam illegal has resulted in legislation in some jurisdictions, but
less so in others. The efforts taken by governing bodies, security systems and email
service providers seem to be helping to reduce the volume of email spam. According to
"2014 Internet Security Threat Report, Volume 19" published by Symantec Corporation,
spam volume dropped to 66% of all email traffic.An industry of email address harvesting
is dedicated to collecting email addresses and selling compiled databases.[21] Some of
these address-harvesting approaches rely on users not reading the fine print of
agreements, resulting in their agreeing to send messages indiscriminately to their
contacts. This is a common approach in social networking spam such as that generated by
the social networking site Quechup.

Instant messaging

Instant messaging spam makes use of instant messaging systems. Although less prevalent
than its e-mail counterpart, according to a report from Ferris Research, 500 million spam
IMs were sent in 2003, twice the level of 2002.

Newsgroup and forum

Newsgroup spam is a type of spam where the targets are Usenet newsgroups. Spamming
of Usenet newsgroups actually pre-dates e-mail spam. Usenet convention defines
spamming as excessive multiple posting, that is, the repeated posting of a message (or
substantially similar messages). The prevalence of Usenet spam led to the development of
the Breidbart Index as an objective measure of a message's "spamminess".

Forum spam is the creation of advertising messages on Internet forums. It is generally

done by automated spambots. Most forum spam consists of links to external sites, with
the dual goals of increasing search engine visibility in highly competitive areas such as
weight loss, pharmaceuticals, gambling, pornography, real estate or loans, and generating
more traffic for these commercial websites. Some of these links contain code to track the
spambot's identity; if a sale goes through, the spammer behind the spambot earns a
commission.

Mobile phone

Mobile phone spam is directed at the text messaging service of a mobile phone. This can
be especially irritating to customers not only for the inconvenience, but also because of
the fee they may be charged per text message received in some markets. To comply with
CAN-SPAM regulations in the US, SMS messages now must provide options of HELP
and STOP, the latter to end communication with the advertiser via SMS altogether.
Despite the high number of phone users, there has not been so much phone spam, because
there is a charge for sending SMS. Recently, there are also observations of mobile phone
spam delivered via browser push notifications. These can be a result of allowing websites
which are malicious or delivering malicious ads to send a user notifications.

Social networking spam

Facebook and Twitter are not immune to messages containing spam links. Most
 insidiously, spammers hack into accounts and send false links under the guise of a user's
trusted contacts such as friends and family.As for Twitter, spammers gain credibility by
following verified accounts such as that of Lady Gaga; when that account owner follows
the spammer back, it legitimizes the spammer. Twitter has studied what interest structures
allow their users to receive interesting tweets and avoid spam, despite the site using the
broadcast model, in which all tweets from a user are broadcast to all followers of the
user.Spammers, out of malicious intent, post either unwanted (or irrelevant) information
or spread misinformation on social media platforms.

Social spam

Spreading beyond the centrally managed social networking platforms, user-generated

content increasingly appears on business, government, and nonprofit websites worldwide.
Fake accounts and comments planted by computers programmed to issue social spam can
infiltrate these websites.

Online game messaging

Many online games allow players to contact each other via player-to-player messaging,
chat rooms, or public discussion areas. What qualifies as spam varies from game to game,
but usually this term applies to all forms of message flooding, violating the terms of
service contract for the website. This is particularly common in MMORPGs where the
spammers are trying to sell game-related "items" for real-world money, chiefly among
them being in-game currency. In gameplay terms, spamming also refers to the repetitive
use of the same combat skills as a cheap tactic (e.g. "to defeat the blue dragon, just spam
fireballs").Blog spam is spamming on weblogs. In 2003, this type of spam took advantage
of the open nature of comments in the blogging software Movable Type by repeatedly
placing comments to various blog posts that provided nothing more than a link to the
spammer's commercial web site.Similar attacks are often performed against wikis and
guestbooks, both of which accept user contributions. Another possible form of spam in
blogs is the spamming of a certain tag on websites such as Tumblr.

PHISHING:

Phishing is a type of social engineering attack often used to steal user data, including
login credentials and credit card numbers. It occurs when an attacker, masquerading as
trusted entity, dupes a victim into opening an email, instant message, or text message. The
recipient is then tricked into clicking a malicious link, which can lead to the installation of
malware, the freezing of the system as A spoofed email ostensibly from myuniversity.edu is
mass-distributed to as many facultymembers as possible.The email claims that the user’s
password is about to expire. Instructions are given to go to myuniversity.edu/renewal to
renew their password within 24 hours.
PHISHING Protection:

□ TWO FACTOR AUTHENTICATION(2FA) is the most effective method for

countering phishing attacks, as it adds an extra verification layer when logging in to
sensitive applications. 2FA relies on users having two things: something they know,
such as a password and user name, and something they have, such as their smart
phones. Even when employees are compromised, 2FA prevents the use of their
compromised credentials, since these alone are insufficient to gain entry.

□ In addition to using 2FA, organizations should enforce strict password management

policies. For example, employees should be required to frequently change their
passwords and to not be allowed to reuse password for multiple applications.

□ Educational campaigns can also help diminish the threat.