Web Content Display Web Content Display

Options

Presentation Presentation

Options

 

 
 
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Authors

 

 

Priyanka Bindal         Rachna Sharma       Anjali Aggarwal

 

C.S.E (sem. 4)                       C.S.E (sem.4)                       C.S.E(sem.4)

 

Dronacharya group of            Dronacharya group of       Dronacharya group of

Institution                                 Institution                             Institution

Greater  Noida                          Greater Noida                      Greater Noida

 

pbindal59@gmail.com           rachnasharma12345@      angii301093@gmail.com

                                                 live.com

 

 

 

 

 

 

 

 

 

 


 

 

Abstract

 

As we all know that Cyber-crime has been one of the common practices made by the computer expert. In this paper we have mentioned some of the impact of the cyber-crime. Cyber-crime refers to the activities made by the people for destroying organization network, stealing others valuable data, documents, hacking bank account and transferring money to their own and so on. Our paper gives detailed information regarding cyber-crime, its types, modes of cybercrime and security measures including prevention to deal effectively with cybercrime...Finally I will go for the research on  the crime made by the misuse of cybercrime in some of the field and areas like in Email spoofing, Email bombing, Denial of Service attack, Salami attacks, Virus / worm attacks, Web jacking, Data diddling etc. and  also try to find which type of cybercrime is most practice in the world and  finally I will get  the main objective of my term paper.

 

 

 

 

 

 

 

 

Table of Contents

 

1. Introduction

    1.1. Purpose

2. Understanding the cybercrime

     2.1. Definition

3. History of cyber-crime

4. Cyber-crime techniques

5. Cyber-crime Risks

6. World ailing with Cyber-crime

7. Cyber security         

   7.1. Preventions

   7.2. Detection

   7.3. Recovery

8. Legal responses/Laws

9. Result/Discussion

 

 

 

 

 

Introduction

 

Purpose

 

As the internet world is becoming as populated as the physical one, the legal system has struggled to govern cyberspace as adequately as the real world. Some of the biggest cybercrime threats both in this country and internationally deal with the issues of e-commerce and intellectual property. By studying this e-commerce and intellectual property and the cyber threats they face, we can begin to analyse the current problems in our legal system related to cybercrime. We believe that doing so will help to modernize cyber law and better help govern our society's online activities.

 

 

 

 

 

 

Understanding Cyber-crime

 

Definition-:      Cyber-crime is a criminal activity done using computer and internet. It includes anything from downloading illegal music files to stealing millions of dollars from online bank accounts. Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the internet.

Cyber-crime is most commonly understood as involving an attack on the confidentiality, integrity and accessibility of an entity's online/computer presence or networks.

 

The IOSCO Research Department tentatively defines 'Cyber-Crime' as: a harmful activity, executed by one group (including both grassroots groups or nationally coordinated groups) through computers, IT systems and/or the internet and targeting the computers, IT infrastructure and internet presence of another entity. An instance of cyber-crime can be referred to as a cyber-attack.

 

New crimes that have emerged due to the unique opportunities presented by the internet e.g. denial of service, hacking;

 

 

 

 

History of

 

Cyber-crime

 

The first recorded cyber-crime took place in the year 1820! That is not surprising considering the fact that the abacus, which is thought to be the earliest form of ac computer, has been around since 3500 B.C. in India, Japan and China. The era of modern computers, however, began with the analytical engine of Charles Babbage.

In 1820, Joseph-Marie Jacquard, a textile manufacture in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber-crime!

Today computers have come a long way, neural networks and Nano-computing promising to turn every atom in a glass of water into a computer capable of performing a Billion operations per second.

Cyber-crime is an evil having its origin in the growing dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to nuclear power plants is being run on computers, cyber-crime has assumed rather sinister implications. Major cyber-crimes in the recent past include the Citibank rip off. US $ 10 million were fraudulently transferred out of the bank and into a bank account in Switzerland. A Russian hacker group led by Vladimir Kevin, a renowned hacker, perpetrated the attack. The group compromised the bank's security systems. Vladimir was allegedly using his office computer at AO Saturn, a computer firm in St. Petersburg, Russia, to break into Citibank computers. He was finally arrested on Heathrow airport on his way to Switzerland

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cyber-attack techniques

 

 

 

The following table lists and categorizes some common types of cyber-attack techniques:

 

Table 1 Technique

 

Description

 

Information Security Issue

……………………………

  1. Cracking

…………………………….

Cracking involves gaining access to a computer system i.e. through cracking a password.

…………………………….

Confidentiality

 

  1. Key logging

 

 

Device or software that records keystrokes made by the authorized user.

 

Confidentiality

 

  1. Electronic funds transfer fraud

 

Infiltrating the transfer of funds over the internet through diverting them, stealing credit card information etc.

 

Integrity, Confidentiality

 

  1. Denial of Service Attacks (DNoS)

 

Flooding the bandwidth of a website or network with an unmanageable number of information requests, preventing other uses from accessing it or bringing down the server.

 

Accessibility

  1.  

 

 

  1. Botnet attacks

Compromising of a group of computers by a ‘hacker', who then uses the computers to carry out a range of attacks over the internet – spam messages, viruses, DnoS. The authorized user of the computer usually does not know they are part of a botnet.

Confidentiality, Accessibility, Integrity

  1.  

 

 

 

  1. Hoax email

 

Phony emails containing an ‘alert' about an upcoming threat e.g. a virus, that is quickly passed through a user group by well-meaning individuals and clog up a system.

 

Integrity, Confidentiality

 

  1. Malware

 

Computer code designed with malicious intentions. This can include virus, worm, trojan horse, rootkit, ransom ware, scare ware, spyware. The most common vessels of infection are through email attachment or the downloading of infected files or application content from websites.

A virus is a program that attaches to a host files and replicates itself quickly through the system, modifying, deleting or stealing files or causing system crash. A worm is similar to a virus but does not require a host file to activate – it will usually spread by sending itself via email to all email contacts. A trojan horse appears as a useful or harmless program but provides ‘back door' access to your computer. A root kit allows a cyber-criminal to gain access to your system without being detected and install access points in your system that they can be used later.

Ransomwareis similar to a ‘worm' – It often restricts access to a computer system and then demands ransom be paid if it is to be removed. Scare ware is ‘scam software', utilising social engineering to convince users into downloading malicious software e.g. convincing a user that a virus has infected their computer and suggesting the download of (fake) antivirus software. Spyware sends personal information from your computer to a third party without your knowledge or consent.

 

Confidentiality, Accessibility, Integrity

 

  1. XXS and CSRF attacks

 

A web application present on a trusted site is presented via hyperlink to an unsuspecting user. Clicking on the hyperlink will download malicious content. CSRF is similar, except a cyber-criminal imitates a trusted user of a site instead.

 

Confidentiality, Integrity

 

  1. Pharming

 

Redirecting users from legitimate websites to fraudulent websites. These fraudulent sites are almost identical to the real ones, however any personal information entered into the forms (password, credit card number etc.) is sent to the cyber-criminal. An attacker can achieve this through Domain Name

System poisoning.

 

Confidentiality, Accessibility, Integrity

 

 

 

 

 

  1. Phishing, smishing and vishing

,

 

Similar to Pharming Phishing also use fraudulent websites to collect confidential information. However a user is first directed to the website through an email appearing to come from a legitimate provider e.g. their bank, urging them to check/confirm their information. The user is than directed to a fraudulent site. Smishingis a more sophisticated form of phishing and uses phone text messages to bait victims. Vishing aims at tricking a user into making a phone call – either through calling the user or sending them an email. For example, a user may be told that their credit card has been breached ant that they need to call a number to change it. The user rings up the number and enters the credit card number through keystrokes on the phone, which can then be recorded by the cyber-criminal.

 

 

  Confidentiality, Accessibility, Integrity

 

 

 

 

 

 

 

 

 

       

     

 

 

 

 

 

 

 

 

 

 

 

 

 

Cyber-crime

Risks

 

 

 

 
  1. Cyber-crime covers a broad range of attacks –some more harmful than others and some more criminal than others. Motives, capabilities and vulnerabilities can quickly change as cyber-criminals of all stripes, rapidly innovate. Thus, it is worth defining whether and under what circumstances cyber-crime in securities markets could pose a systemic risk. To guide such an analysis, the following ‘systemic risk impact factors' are proposed:

 

 

  1. Size of the threat
  2. Complexity
  3. Incentive structure
  4. Effect on market integrity and efficiency
  5. Infiltration of non-substitutable and/or interconnected services
  6. Transparency and awareness
  7. Level of cyber-security and cyber-resilience
  8. Effectiveness of existing regulation

 

 

 

Size of the threat

Analysis of how widespread and common cyber-crime is (for example frequency of attacks and number of targets) can assist in identifying growth trends and in pinpointing particularly vulnerable points - those sections or types of actors in securities markets, which are most targeted.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Complexity

When assessing the risk posed by cyber-crime, it is important to distinguish between simple and complex attacks. The complexity of attacks can provide information about the resources of cyber-criminals and depth of attacks. Simple attacks are more likely to be detected quickly with impacts mitigated. More complex attacks may take longer to detect, with longer-term impacts – and may imply quite sophisticated capabilities on the side of the cyber-criminal. Thus, in securities markets, potential indicators should also track:

  • The complexity of techniques used, especially those used most commonly;
  • The percentage of attacks utilizing social engineering;
  • Average detection times for complex attacks.

 

Incentive structure

The probable motive of attacks (e.g. to disrupt, financial gain etc.) can shed light on expected impact. Attacks perpetrated for short-term financial gain are less likely to disrupt the functioning of the financial system than attacks crafted specifically with the intent to disrupt or destroy. It is difficult to monitor the types of actors and identify the motives involved, unless the cyber-criminals publically reveal themselves (which they sometimes do in the case of cyber-terrorism). As such indicators developed could attempt to categorise the types of impacts e.g. disruptive, financially motivated etc. and map the incentive structure for cyber-criminals e.g. development of a black market.

 

Effect on market integrity and efficiency; Infiltration of non-substitutable and/or interconnected services

Cyber-attacks in our complex, leveraged and interconnected financial system could be disruptive – potentially aiming to choke essential financial services; steal/damage/manipulate information, money supply and markets; 61 damage the capability of the private sector to ensure orderly functioning of the economy and delivery of services;  and severely damage investor confidence. One recent example involves an ATM heist,managed to accumulate US$45 million through tens of thousands of withdrawals from over 26 countries. The attack not only involved hacking accounts but removed limits on prepaid debt cards – essentially creating money.

 

Awareness and Transparency

An environment of low awareness and transparency (e.g. through lack of information sharing arrangements) could exacerbate the impact of cyber-attacks. A lack of awareness may mean that actors are more likely to be ‘blindsided' by a new attack and find themselves without the appropriate tools and protocols to mitigate damage.

 

Level of cyber security and

Robust cyber-security (detection and prevention) and cyber-resilience (ability to continue functions and/or bounce back quickly during and after an attack) are important factors in mitigating impacts from cyber-crime. Non-existent or ineffective cyber-security and cyber-resilience creates a tempting opening for ‘would-be' cyber-criminals and may mean that even relatively simplistic cyber-attacks can get in and cause damage. Potential indicators to consider include:

  • Presence of cyber-security and cyber-resilience across all securities market actors;
  • Perceptions of effectiveness of cyber-security and cyber-resilience measures;
  • Detection speeds;
  • Repeated staff training;
 

Cyber resilience

 

 

 

 

World ailing with cyber- crime

 

  • Attack on South Korea's banks and broadcasters, 2013. A suspected cyber-attack brought down systems and computers at some of South Korea's major banks and broadcasters. As a result, the local equity market declined 1.0%.

 

 

  • Operation High Roller. Orchestrated in 2012 the attack

 

 

Siphoned around $78 to $2.5 billion from bank accounts in Europe, the U.S. and Latin America. Targets were high-value commercial accounts, rich individuals, credit unions and large global banks and regional banks. The attack located a victim's highest value account and transferred money to a prepaid debit card (which can be cashed in anonymously). The target's bank statement was then altered to hide the theft.11

 

 

  • The Stuxnet attack on Iran's nuclear program, 2010. A sophisticated virus infiltrated the machine controlling gas centrifuges tasked with separating Uranium-235 isotopes from U-238 isotopes at the Natranz plant. As a result, the spin of the centrifuges were slowed, stalled and in some cases self-destructed. The perpetrator has still not been identified.

 

 

  • Cyber-attack against state-owned oil company Aramco. Over 30 000 computers at Saudi Arabian oil company Aramco were hit by a devastating virus in August 2012. The attack destroyed data and erased hard-drives of computers and is thought to have been aimed at stopping the production of oil.

 

  • The Flame virus, 2012. Thought to have been operating since 2010, the Flame virus was detected in 2012. The virus code is seen as some of the most sophisticated and largest malicious code to date. It infiltrated computers belonging to the Iranian Oil Ministry, the Iranian National Oil Company and other networks in Hungary, Lebanon, Austria, Russia, Hong Kong and the United Arab Emirates - stealing and deleting information from the systems. Part of the functionality of the virus including turning on microphones of computers to secretly record conversations, taking screen grabs of infected computers and stealing credentials of high-level and administrative users.

 

 

 

  • Red October cyber-attack, 2013. Targeting governmental and diplomatic organisations. The Red October attack was discovered in January of this year, but is believed to have been operating undetected for a number of years. The attack effectively stole confidential and encrypted documents

(Including deleted ones) from embassies, nuclear research centres and oil and gas companies. Information targeted included geopolitically sensitive data and credentials to access protected computer systems. The malicious code was also able to detect when a USB stick was inserted into a networked computer and undelete and steal any files on the stick.12 the cyber-crime racket behind the attacks shut-down their operations after the attacks were made public and documented.

 

  • The MiniDuke Cyber-attack on EU governmental organizations and operators of critical infrastructure.13 The MiniDuke Cyber-attack exploited a flaw in Adobe's Acrobat reader to enter computer networks and gather information.

 

  • First attack on a U.S. election, 2012. A grand jury report15 on the primary elections in Florida, U.S., in 2012, identified a cyber-attack against the electronic election system, where around 2500 fraudulent internet technology
 
  • Requests for absentee ballots were lodged. The computers involved in the attack had overseas IP addresses.

 

And companies such as Google.

 

 

 

 

 

 

  • Cyber-attacks on media – censoring the press, 2012. A recent spate of cyber-attacks targeting content on high-profile media outlets such as the New York Times, Wall Street Journal and Washington Post and social networking sites such as Twitter. Traditional anti-virus software and firewall proved ineffective in these attacks. The growth of ‘mobile applications' is also providing entry for would-be hackers.

 

 

 

 

 

 

 

 

 

 

 

 Cyber-       security

 

 

Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets. Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cyber security strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment money supply and the real economy.

 

 

 

 

 

The general security objectives comprise the following:

 

 

 

 

 

 

 

·         Availability

·         Integrity, which may include authenticity and non-repudiation

·         Confidentiality

 

 

 

 

 

 

 

 

 

 

 

 

Preventions

 

 

  • Firewalls and antivirus

 

 

 

Firewalls monitor open connections including attachments in an email, block unauthorized/unwanted inbound and outbound internet traffic or connections and disable internet add-ons such as cookies, pop-ups etc.

Antivirus software scans any file or data package in your system for viruses (derived from a virus database). They can clean, quarantine and delete any infected files.

 

 

  • Anti-DNoS and Anti-bot detection systems

Software that detects bots and Distributed Denial of Service (DDNoS) attacks and blocks communications.

 

  • Intrusion Prevention Systems (IPS)

 

Software aimed at identifying, logging, reporting and blocking any malicious activity on computer systems. Actions can include e.g. sounding the alarm, resetting connections and blocking traffic from malicious IPs.

 

 

 

 

  • Data encryption

 

Conversion of plaintext and information into ‘cyphertext', which unreadable by anyone else but the intended (who holds a key to decipher it).

 

 

 

  • Counter attacks

 

Retributive or mitigate counter strike against cyber-criminal (through hacking back) – to punish for damage or mitigate damage to systems.

 

 

 

 

 
 
 

 

 

 
  • Clean Pipe solutions

End-point security

 

Anti-virus software tailored to protect and protect from portable information devices such as USB sticks, smartphones etc. Viruses and malicious content can be transmitted from portable device to computer network and vice versa.

  • Terminal safety controls

 

Protection of terminals (e.g. computers) from unauthorized and inappropriate usage. This includes limitation on administrative access, robust authentication systems, centralized logging systems; web browsing and application download controls.

  • Penetration Testing, Ethical hacking and simulations. Regular training exercises on social engineering techniques.

Simulation of an attack on a computer system, to test for vulnerabilities.

  • Vulnerability assessment

 

Identification, quantification and prioritisation of vulnerabilities. All potential hazards are assessed and all assets, equipment and infrastructure are catalogued in order to guide prioritization of threats.

  • Internal and external audits

 

Continual checks of security controls and systems to ensure they are up-to-date and implemented effectively.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

.

Detection

 

 

  • Intrusion Detection Systems (IDS) (often combined as Intrusion Detection and Prevention systems).

 

 

Detect hacker attempts and anomalous behaviour e.g. a file integrity checker which detects when a system file has been altered.

 

 

  • Automated Monitoring Systems and outsousrcing monitoring (e.g. to CERT specialists)

Automated defence system that allows rapid detection of cyber-attacks and blocking of any follow-up attempts.

 

 

  • Security Incident and Event Management (SIEM) systems for all devices

A ‘one stop shop' - Real-time monitoring and analysis of potential security breaches, alerts or unusual activity for all devices (e.g. computers, Smartphone). Also reports log data to assist in compliance. Can be used to manage user privileges.

 

 

  • Database activity monitoring

Database security application – monitors and analyses all activity to a database, controls and logs user access and works independent of native database functioning.

 

 

  • Security Operation Centres (SOC)

A centralized unit in an organization that monitors an organization's technological infrastructure and access to this infrastructure.

 

 

 

 

Disaster recovery

 

 

 

 

 

  • Back-up systems and data loss prevention software

 

 

Automatically detects and secures confidential and critical information and stores on separate systems. Information can be stored and allows restoration in the case of primary system failure.

 

 

  • Redundancy and disaster recovery sites

Storage facilities/data centres located in a separate physical location from the main network.

     
 
 
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Legal Response

 

 

Cybercrime Prevention Act of 2012

Cybercrime Prevention Act of 2012

An Act defining cybercrime, providing for the prevention, investigation, suppression and the imposition of penalties therefore and for other purposes

Citation

Republic Act No. 10175

Enacted by

15th Congress of the Philippines

Date signed

September 12, 2012

, officially recorded as Republic Act No. 10175, is a law in the Philippines approved on 12 September 2012. It aims to address legal issues concerning online interactions and The Cybercrime Prevention Act of 2012the Internet in the Philippines. Among the cybercrime offenses included in the bill    are cybersquattingcybersexchild pornographyidentity theft, illegal access to data and libel.

While hailed for penalizing illegal acts done via the internet that were not covered by old laws, the act has been criticized for its provision on criminalizing libel, which is perceived to be a curtailment in freedom of expression.

On October 9, 2012, the Supreme Court of the Philippines issued a temporary restraining order, stopping implementation of the Act for 120 days, and extended it on 5 February 2013 "until further orders from the court.

On May 24, 2013, The DOJ announced that provisions of the law have been dropped, namely, the contentious online libel provisions.

 

 

 

Petitions to the Supreme Court

Several petitions have been submitted to the Supreme Court questioning the constitutionality of the Act However, on October 2, the Supreme Court deferred on acting on the petitions, citing the absence of justices which prevented the Court from sitting en banc. The lack of a temporary restraining order meant that the law went into effect as scheduled on October 3. In protest, Filipino netizens reacted by blacking out their face book profile pictures.

 

 
 
 
 
 

 

 

 

.

 

 

 

 

Petitioner

Date of Filling

1

Sen. TeofistoGuingona III

 

2

Group of lawyers from the Ateneo School of Law

 

3

Journalists led by AlabngMamahayag (ALAM)

September 24, 2012

4

Kabataan party-list Rep. Raymond Palatino

 

5

National Artist BienvenidoLumbera et al.

 

6

Technology law experts led by UP Law professor JJ Disini

 

7

Louis Biraogo

September 25, 2012

 

 

 

 

8

National Union of Journalists of the Philippines and the Center for Media Freedom and Responsibility

 

9

Bloggers and Netizens for Democracy (BAND) led by Tonyo Cruz, "The Professional Heckler" and 18 more bloggers

October 4, 2012

10

Philippine Bar Association

 

11

Paul Cornelius Castillo and Ryan Andres

October 3, 2012

12

Bayan Muna. Rep. NeriColmenares

 

13

National Press Club

 

14

Philippine Internet Freedom Alliance

 

15

Harry Roque et al.

 

 

 

The Supreme Court has scheduled the same amount of time for oral arguments on Tuesday, 15 January 2013 by the petitioners and on 22 January by the Solicitor General.

On 5 February 2013, The Supreme Court extended the temporary restraining order on the law, "until further orders from the court.

 

Result

 It is rightly said that "bytes are replacing bullets in the crime world", the growth of cyber crime in India, as all over the world, is on the rise and to curb its scope and complexity is the pertinent need today. Cyber space offers opportunities for cyber criminals   to make a fast buck at the expense of unsuspecting citizens. India's profile and wealth have risen enormously in the world due to the constructive use of information technology. At the same time, India ranks fifth in the world for cyber crime, according to a report last year by the U.S.-based Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and the National White Collar Crime Centre. Even under the IT Act, investigations in India are not easy. This is mainly due to the lack of what is called "cyber forensics." We know that forensic evidence is important in normal criminal investigations. But the collection and presentation of electronic evidence to prove cyber crimes have posed a challenge to investigation and prosecution agencies and the judiciary.

To sum up, India needs a good combination of laws and technology, in harmony with the laws of other

Military matters.

 

Lack of common security standards can create

Havoc.