CYBERCRIME


    Cybercrime refers
to illegal activities that are committed using the internet or other forms of
digital communication. Examples of cybercrime include hacking, identity theft,
phishing, cyberbullying, and the distribution of illegal or inappropriate content.
Cybercriminals use a variety of techniques to gain access to sensitive
information, steal personal identities, and disrupt online services. These
crimes can cause significant financial losses, harm to reputations, and
disruption of daily life. Cybercrime is a growing concern and requires constant
vigilance and updated security measures to protect against it.


Cybercrime


    If
we define the definition of cybercrime, it may be “unlawful acts where
the computer is either a tool or target or both
“. The computer may be
used as a tool in various kinds of activities: financial crimes, the sale of
illegal articles, online gambling, intellectual property crime, e-mail
spoofing, forgery, cyber defamation, and cyberstalking. In various cases, the computer
may be a target for the wrong purposes, like anonymous access to a computer
system or network theft of the information contained in the system,
  data
diddling,
 e-mail
bombing, salami attacks, logic bombs, Trojan attacks, Internet time thefts, Web
jacking, theft of computer system and physically damaging the computer system.
 

Reasons
for Cyber Crime


   A. The
computer has the unique characteristic of storing data in a very small space.
This makes removing or deriving information either through physical or virtual
mediums much easier.
  

   B.
Easy to the access-line problem encountered in guarding a computer system
against unauthorized access is that there is every possibility of breach not
due to human error but due to the complex technology. By secretly implanting
logic bombs, key loggers can steal access codes,
 retina imagers, voice recorders,
etc. which can confuse biometric systems and bypass the firewalls that can be
utilized to get access to a
 security system.

  C.
Complex, Computers work on operating systems and these operating systems, in
turn, are composed of millions of codes. The human mind is fallible and there
can be a fault definitely. Cybercriminals take advantage of these
vulnerabilities and enter the computer system without the permission of the
owner.
 
   D.
Negligence is very closely connected with human conduct. It is, therefore,
probable that while protecting the computer system there might be any
negligence, which is 1m can provide a cybercriminal to gain access and control
over the computer system.

   E.
Loss of evidence is a very common and obvious problem as all tine data are
routinely destroyed. Also, the data that are collected outside the territorial
system are also called hacking.


 

There are several reasons why cybercrime
occurs, including:

1.      Financial
gain: Many cybercriminals engage in activities such as hacking, identity theft,
and phishing to steal money or personal information for financial gain.

2.      Revenge
or personal motivation: Some cybercriminals may commit cybercrime as a form of
revenge or personal vendetta against a specific individual or organization.

3.      Political
or ideological motives: Cybercriminals may also commit cybercrime for political
or ideological reasons, such as attacking government or political organizations
to make a statement or disrupt their operations.

4.      Lack
of awareness: Some people may commit cybercrime unknowingly, not realizing the
consequences of their actions, such as inadvertently sharing personal
information online.

5.      Professional
curiosity: Hackers who are still new to the field may be doing so out of
curiosity or to test their own abilities and knowledge

6.      Lack
of legal consequences: Some cybercriminals may engage in illegal activities
because they believe they can do so with little chance of getting caught or
facing legal consequences.

7.      Organized
crime: Cybercrime is becoming more prevalent with the growing sophistication of
organized crime groups who are looking to use the internet as a means of making
money, by stealing personal information and data, or by creating and
distributing malware.

 

 

 

Mode
and Manner of Committing
 Cyber Crime




1.
 Unauthorized
access to a computer system or network/hacking-
Unauthorized
access to a computer system or network, also known as hacking, is the process
of gaining access to a computer system or network without permission from the
owner. Hackers use various techniques to gain access to a system, such as
exploiting vulnerabilities in software, guessing or stealing login credentials,
and using malware or social engineering tactics.

Hacking can have serious consequences, as it can lead to
the theft of sensitive information, the disruption of business operations, and
damage to reputations. It can also lead to security risks, as hackers may use
the access they gain to launch further attacks or to plant malware on the
system.

Preventing unauthorized access to a computer system or
network requires implementing strict security measures, such as using strong
passwords, keeping software and operating systems up to date, and using
firewalls and intrusion detection systems. Additionally, individuals and
organizations should be vigilant in monitoring their computer systems and
networks for signs of unauthorized access and should regularly backup important
files and data.

It’s also important to be aware of the common tactics
used by hackers, such as phishing scams and social engineering techniques, and
to be cautious when sharing personal information online. Additionally, it’s
important to educate employees on how to be safe online and how to identify
suspicious activities.

2. Theft
of information contained in electronic or digital form-
 the theft of information contained in electronic or digital form
refers to the unauthorized access, use, or disclosure of sensitive information
that is stored in electronic or digital form. This type of theft can occur when
a hacker gains access to a computer or network, steals personal or financial
information, or intercepts sensitive data being transmitted over the internet.

Examples of information that can be stolen
in this way include personal identification numbers, credit card numbers, bank
account information, and confidential business information.

This type of theft can result in
significant financial losses for individuals and organizations, as well as
damage to reputations and legal penalties. It can also lead to security risks,
as the stolen information can be used to launch further attacks or commit
identity theft.

Preventing the theft of information
contained in electronic or digital forms requires implementing strict security
measures, such as using strong passwords, encrypting sensitive information, and
keeping the software and operating systems up to date. Additionally, individuals
and organizations should be vigilant in monitoring their computer systems and
networks for signs of unauthorized access, and should regularly back up important files and data.

It’s also important to be cautious when
sharing personal information online and to be aware of phishing scams, which
are commonly used to trick individuals into revealing sensitive information.


3. E-mail bombing Email bombing is a form
of cybercrime in which a large number of emails are sent to a specific email
address or group of addresses in a short period of time, with the intent of
overwhelming the recipient’s email system and causing it to crash or become
inoperable. The emails may contain malware, viruses, or other malicious content
that can damage the recipient’s computer or steal personal information. The
emails may also contain links or attachments that, when clicked, will
automatically download malware onto the recipient’s computer. Email bombing is
often carried out using automated scripts or bots, making it difficult to trace
the origin of the attack. It’s considered a Denial of Service attack on the
targeted email server.


4. Data
diddling
Data diddling
is a type of cybercrime in which an attacker alters or manipulates data before
it is entered into a computer system, with the intent of causing errors or
inaccuracies in the system’s output. The attacker may tamper with data input
devices such as keyboards or scanners or may use software to alter data as it
is being entered into the system.

Data diddling can have serious
consequences, as it can lead to inaccuracies in financial records, inventory
control systems, and other important business operations. In some cases, it can
also cause systems to fail or crash, resulting in significant losses and
disruptions.

Data diddling can be done by an insider,
such as an employee with access to the system, or by an outsider who has found
a way to gain unauthorized access to the system. This type of attack is
difficult to detect, as the data manipulation often takes place before the data
is stored in the system, and it can also be difficult to trace the source of
the attack.

To prevent data diddling, organizations
should implement strict security measures, such as access controls, data
encryption, and monitoring systems to detect and prevent unauthorized access to
their systems. Regular backups of important data also help to minimize the
potential damage caused by data diddling.

 

 

5. Salami
attacks

Salami attacks are a type of cybercrime in which an attacker
alters small amounts of financial data in a way that goes unnoticed but
cumulatively results in a large amount of financial gain for the attacker. The
term “Salami” refers to the way the attacker “slices” small
amounts of money from many different accounts, much like slicing a salami.

For example, an attacker may alter the
decimal point in a financial transaction by a small amount, such as moving it from one place to the right, resulting in a small increase in the amount
transferred. This small alteration may go unnoticed, but if the attacker
repeats the process multiple times, they can accumulate a significant amount of
money.

Salami attacks can also occur in other
areas of cybercrime, such as stealing small amounts of data from many different
sources and then aggregating them together to gain a significant amount of
sensitive information.

Salami attacks are difficult to detect, as
the small amounts of data or money being stolen go unnoticed, and it is only
when the attacker has accumulated a large amount that the attack is discovered.
To prevent Salami attacks, organizations should implement strict security
measures, such as monitoring systems to detect unusual financial transactions and regular audits of financial records.

 



6. Denial
of service attack
A Denial of Service (DoS) attack is a type
of cybercrime in which an attacker floods a network or server with a large
amount of traffic or requests, with the intent of overwhelming the system and
causing it to become unavailable or unresponsive.

A Distributed Denial of Service (DDoS) attack is a
variation of a DoS attack, in which the attacker uses multiple compromised
devices, often called as botnets, to flood the targeted server or network with
traffic. This type of attack is more powerful than a traditional DoS attack as
it uses multiple devices to generate a large amount of traffic.

The goal of a DoS or DDoS attack is to make a website,
application, or network resource unavailable to legitimate users. This can
cause significant losses for businesses, as it can disrupt operations and
damage reputations.

DoS and DDoS attacks can be launched using various
techniques, such as flooding a network with traffic, sending large numbers of
requests to a server, or exploiting vulnerabilities in a system.

Preventing a DoS or DDoS attack can be challenging, but
there are some measures that can be taken to mitigate the risk, such as using
firewalls and intrusion detection systems and implementing load-balancing
techniques to distribute traffic across multiple servers. Additionally,
organizations can also use specialized DDoS protection services, which can
detect and filter out malicious traffic before it reaches the targeted system.


7. Virus
or worm attack
A virus or worm attack is a type of
cybercrime in which malicious software, known as a virus or worm, is used to
infect a computer or network and cause harm.

A virus is a type of malware that attaches itself to a
legitimate program or file and replicates itself when the infected file is
opened or executed. A worm, on the other hand, is a type of malware that
replicates itself and spreads to other computers or networks without the need
for a host file.

Both viruses and worms can cause a wide range of
problems, such as slowing down or crashing a computer, stealing personal
information, or causing damage to a network. They can also be used to launch
further attacks, such as a Denial of Service (DoS) attack or a Distributed
Denial of Service (DDoS) attack.

Viruses and worms can be spread through various means,
such as email attachments, infected software downloads, or infected removable
media. They can also be spread through infected websites or through social
engineering tactics, such as phishing emails.

Preventing a virus or worm attack requires constant
vigilance and updated security measures. This includes keeping the software and
operating systems up to date, using anti-virus and anti-malware software, and
being cautious when opening emails or clicking on links from unknown sources.
Additionally, organizations should also have a disaster recovery plan in place
to mitigate the damage caused by a virus or worm attack.

8. Logic
bombs
A Logic bomb is a type of malware that is designed to
trigger a specific action or event at a certain time or under certain
conditions. It is a type of malicious code that is implanted into a system, and
it will wait until a specific trigger is activated, then it will execute a
predefined set of instructions or actions.

For example, a Logic bomb could be designed to delete
all the files on a computer after a specific date or to send a message to an
unauthorized recipient when a certain event takes place. They can also be used
to launch further attacks, such as a Denial of Service (DoS) attack or a
Distributed Denial of Service (DDoS) attack.

Logic bombs are typically planted by insiders, such as
disgruntled employees or contractors, with the intention of causing harm to the
organization or individual. They are often difficult to detect, as they remain
dormant until the trigger is activated.

Preventing Logic bomb attacks requires implementing
strict security measures, such as access controls and monitoring systems to
detect unusual activities, and regular audits of system logs. Additionally,
organizations should also have a disaster recovery plan in place to mitigate
the damage caused by a Logic bomb attack. It’s also important to keep an eye
out for any suspicious behavior from employees, contractors, or third-party
vendors, as they may be the ones who plant the logic bomb.

 


9.
 Trojan
attacks
A Trojan attack is a form of cybercrime in
which a hacker uses a Trojan horse program to gain unauthorized access to a
computer or network. A Trojan horse is a type of malware that disguises itself
as a legitimate program or file, but once executed, it allows the attacker to
gain access to the infected computer and steal sensitive information, install
additional malware, or use the infected computer as a part of a botnet to
launch further attacks.

The name “Trojan” refers to the Trojan horse
of Greek mythology, in which Greek soldiers hid inside a wooden horse to gain
access to the city of Troy. Similarly, Trojan malware disguises itself as a
legitimate and useful program but in reality, it is malicious software. The
Trojan horse can be delivered through various means such as email attachments,
infected software downloads, or infected removable media.

Users are often tricked into installing a Trojan horse
by following a link in a phishing email or by visiting a compromised website.
Once a Trojan horse is installed, it can be controlled remotely by the
attacker, allowing them to steal sensitive information, install additional
malware, or launch further attacks. As it disguises itself as a legitimate program,
it’s hard to detect such malware, making it even more dangerous.


10.
 Internet
time theft
Internet time
theft refers to the unauthorized use of an employer’s internet resources, such
as the company’s internet bandwidth, computers, and other devices. This can
happen when employees use company-provided internet resources for personal use,
such as browsing social media, online shopping, streaming videos, or playing
online games.

This type of theft can result in
significant financial losses for an organization, as it can slow down internet
speeds, decrease productivity, and waste valuable resources. It can also lead
to increased IT support costs, as well as security risks, as employees may
visit unsecured websites or download malicious software.

Internet time theft can be difficult to
detect, as it is often done during work hours and may be disguised as
work-related activities. Employers can prevent internet time theft by
implementing strict internet usage policies, using monitoring software to track
internet usage, and setting up firewalls to block access to certain websites or
online services.

Additionally, it’s important to educate
employees on the consequences of internet time theft and to encourage them to
use company internet resources responsibly. Employers can also provide
employees with guidelines and best practices for appropriate internet usage,
such as not visiting personal websites during working hours, and not sharing
sensitive information over the internet.


11. Web jackingWeb
jacking refers to the unauthorized takeover of a website by a hacker. This can
happen when a hacker gains access to a website’s server or hosting account and
alters the website’s content, redirects traffic to another website, or defaces
the website with offensive or malicious content.

Web jacking can result in significant losses for the
website owner, as it can damage the website’s reputation, disrupt business
operations, and lead to financial losses. It can also lead to security risks,
as the hacker may steal sensitive information or use the website to launch
further attacks.

Web jacking can be prevented by implementing strict
security measures, such as using strong passwords, keeping the software and
operating systems up to date, and using firewalls and intrusion detection
systems. Additionally, website owners should also regularly back up their
website’s files and databases, so they can easily restore the website if it is
compromised.

It’s important to note that Web jacking is not the same
as website defacement which is the unauthorized alteration of a website’s
content, web jacking refers to the unauthorized takeover of a website, and it
can lead to a complete shutdown of the website.



Prevention
of Cyber Crime




          Prevention
is always better than cure. It is always better to take protection while
surfing the net. You should keep the following things in mind before you use
the Internet,

i. To prevent cybercrime, avoid disclosing any information pertaining to
oneself. This is good because disclosing your identity to the public is not a
good thing.

ii. Always avoid sending any photographs online like on Whatsapp, Facebook,
etc., particularly to strangers, and chat only with friends you personally know
online and don’t share your personal data with friends also.

iii. Always use the latest and updated anti-virus software like [Kaspersky,
Quick-heal AVG, Avast, McCafe, etc(not promoting them)] to guard against virus
attacks. Always use the paid version of the anti-virus because in the paid
version you will get the latest update.

iv. We have to keep a backup of the storage devices so that whenever any virus
attacks we don’t have to lose our data completely.

v. Never send your credit or debit card number to any
site not secured, to guard against fraud. If the site starts with
“HTTPS;//” instead of just “HTTP://” then it is the first
sign that the website is secure. Always check which security system the website
is using.

vi. Always keep a watch on the sites that your children are accessing in order
to prevent any kind of harassment or deprivation in children.

vii. It is better to use a security program that gives control over the cookies
and sends information back to the site as leaving the cookies unguarded might
prove fatal.

viii. Website owners should watch traffic sources and
check for any vulnerabilities on the site. This is done by entering host-based
intrusion detection devices on servers.

ix. Use of firewalls may be beneficial.

x. Web servers that are running public sites must be physically separate and
protected from the internal network.


 

Leave a Reply

Your email address will not be published. Required fields are marked *