Information Security and Cyber Crimes The objective of this presentation is to educate and create awareness amongst the student community on use of Technology, Internet media and its implications on possible cyber crimes. Some of the possible preventive measures, one can take to avoid getting victimized for a cyber crime.
Introduction Internet and smart Gadgets are now integral part of our lives.
Cyber Laws Cyber crime is a generic term that refers to all criminal activities done using the medium of computers, the internet, cyber space and the worldwide web. "-..CY.Åg.LSgg.udg.f...-means protecting information, equipment, devices, computer, computer resource, communication device and information stored therein from unauthorized access, use, disclosure, disruption, modification or destruction. Cyber law is a term used to describe the legal issues related to use of communications technology, particularly "cyberspace", i.e. the Intemet. Cyber Law is represented by Indian IT ACT 2008.
Cyber Crime - Motivation • Money • Curiosity • Revenge • Fun • Praise seekers.
cyber Crime — Upwar d Trends • Huge increase in the use of Internet and smart phones • Individuals share personal and work related information on Internet •Critical and sensitive information are shared on Internet • Financial transactions take place on Internet • Security controls are never 100% and adequate.
Graphical user interface, text, application, email Description automatically generated.
Cyber Crime — Awareness for Students Curiosity and Revenge may be primary reasons for a student to get motivated for a cyber crime. Most of the times, students are not aware about the implications of a cyber crime Girls are the rnost found victims of a cyber crime.
Common Scenarios - Identity Theft Identity theft is a term used to refer to fraud that involves stealing money or getting other benefits by pretending to be sorneone else. Section 66C Punishment for identity theft. Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh. Section 66D Punishment for cheating by personation by using computer resource Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees..
Common Scenarios Illustrations : - - Identity Theft 1. An American national named Ken Haywood, whose most likely fault was, that his Wi- Fi intemet connection was hacked, and under the scanner for involvement in the Ahmadabad terrorist attacks. 2. The biggest case of identity theft ever seen, took place in August of Eleven people, including a US secret service informant, had been charged in connection with the hacking of nine major retailers and the theft and sale of more than 41 million credit and debit card numbers. This data breach is believed to be the largest hacking and identity theft case ever prosecuted by the US Department of Justice. 3. Kingfisher Airlines was duped of Rs 17 crore caused by an online ticket booking fraud, caused by credit card bookings. These credit card details were obtained by the thieves from various places like shopping mall, restaurant and petrol-pump employees who swipe these cards, felt the officers working on this case..
Common Scenarios - Email Spoofing A spoofed email is one that appears to originate from one source but actually has been sent from another source Forgery of electronic records, Email Under ITA Section 66A, 66C. • 66A Punishment for sending offensive messages through communication service, etc. • 66C Punishment for identity theft Whæver, fraudulently or dishonestly use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh.
Common Scenarios - Email Spoofing Illustrations : - 1. In an American case, a teenager made millions of dollars by spreading false information about certain companies whose shares he had short sold. This misinformation was spread by sending spoofed emails, purportedly from news agencies like Reuters, to share brokers and investors who were informed that the companies were doing very badly. Even after the truth came out the values of the shares did not go back to the earlier levels and thousands of investors lost a lot of money. 2. A branch of the erstwhile Global Trust Bank in India experienced a run on the bank. Numerous customers decided to withdraw all their money and close their accounts. An investigation revealed that someone had sent out spoofed emails to many of the bank's customers stating that the bank was in very bad shape financially and could close operations at any time. The spoofed email appeared to have originated from the bank itself..
Common Scenarios - Cyber Defamation It occurs when defamation takes place with the help of computers and / or the Internet. Any person who sends, by means of a computer resource or a communication device,- a) any information that is grossly offensive or has menacing character; or b) any information which he knows to be false, but for the purpose of causing defamation c) any electronic mail or electronic mail message for the purpose of causing annoyance or or to deceive or to mislead the addressee or recipient about the origin of such messages Punishment for creating Cyber Defamation extends to 2-3 years with fine Rumoræs go 88ipiog intent thte CYBE heah Words.
Common Scenarios - Cyber Defamation Illustration I Abhishek, a teenaged student was arrested by the Thane police in India following a girl's complaint about tarnishing her image in the social networking site Orkut. Abhishek had allegedly created a fake account in the name of the girl with her mobile number posted on the profile. The profile had been sketched in such a way that it drew lewd comments from many who visited her profile. The Thane Cyber Cell tracked down Abhishek from the false e-mail id that he had created to open up the account. Illustration 2 The Aurangabad bench of the Bombay high court issued a notice to Google.com following a public interest litigation initiated by a young lawyer. The lawyer took exception to a community called 'We hate India', owned by someone who identified himself as Miroslav Stankovic. The community featured a picture of the Indian flag being bumt. Illustration 3 Unidentified persons posted obscene photographs and contact details of a Delhi school girl. Girrs family started receiving defamatory calls.
Common Scenarios - Web Defacement Website defacement is usually the substitution of the original home page of a website with another page (some abusive page) by a hacker. DEFACEMENT! Whoever knowingly or intentionally, destroy or alter any computer source code, shall be punishable with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both..
Common Scenarios - Web Defacement Illustration I Mahesh Mhatre and Anand Khare (alias Dr Neukar) were arrested in 2002 for allegedly defacing the website of the Mumbai Cyber Crime Cell. They had allegedly used password cracking software to crack the FTP password for the police website. They then replaced the homepage of the website with pornographic content. The duo was also charged with credit card fraud for using 225 credit card numbers, mostly belonging to American citizens. Illustration 2 In 2001, over Indian websites were hacked into and defaced. The hackers put in words like bugz, death symbol, Paki-king and allahhuakbar..
Common Scenarios - Email Bombing Email bombing refers to sending a large number of emails to the victim resulting in the victim's email account or mail servers crashing. It is also a kind of Denial of Service (DOS) attack If found guilty, the punishment shall be extended till 3 years.
Common Scenarios - Email Bombing Illustration 1 A British teenager was found guilty of launching a denial-of service attack against his former employer. The teenager was accused of sending 5 million e-mail messages to his ex-employer that caused the company's email server to crash. Illustration 2 In one case, a foreigner who had been residing in Simla, India for almost 30 years wanted to avail of a scheme introduced by the Simla Housing Board to buy land at lower rates. When he made an application it was rejected on the grounds that the scheme was available only for citizens of India. He decided to take his revenge. Consequently, he sent thousands of mails to the Simla Housing Board and repeatedly kept sending e-mails till their servers crashed..
Common Scenarios - Spreading Virus/Malwares Computer viruses are small malicious software programs that are designed to spread from one computer to another and perform harmful activities There are multiple ways one can spread "010 Q 0010001101001010% 1010% 010 Q0010010t00100111t0010'0010 • Email messages • websites • Instant messaging • Networking protocols Open share machines If found guilty, then the punishment shall be two to three years. 1 0010 1000t 10010to 10091 1 101 000 00100040100101000fi010tM019f2.
Other Common Cyber Crimes Cyber crimes can be categorized and listed in multiple ways, however some of the other comrnon cyber crimes observed are as below but not limited to Cyber stalking • Cyber Bullying Installing Key loggers • Cyber Terrorism Email based Frauds • Web jacking • Online Gambling • DoS Attacks.
Text Description automatically generated.
Security Awareness - PASSWORD Passwords are the only and/OR the primary option to ensure privacy of your information • Ensure Passwords are complex in nature • • Not as complex that you tend to forget it • Include combination of upper & lower case, special chars and numbers • Not easy for others to guess (like your pet name, etc) • Sensitive passwords should be changed frequently Do not write passwords • • Be extra careful of your passwords when using shared machines (like cyber café) Avoid sharing your passwords to anyone •.
• • Security Awareness — Social Media Social Media (FB, twitter, etc) is now an integral part of our daily life Be sensitive in what you upload on your social networking account (status, pics, etc) Use security and privacy options provided by social media sites • SMS based second factor authentication • Access control (who can see what) • Browser /machine mapping to your social media profile • Block Keep your personal details, personal..
Graphical user interface, text, application, email Description automatically generated.
• • • • Security Awareness — Desktops/laptops Ensure your Antivirus is updated and scans are configured for a routine check Implernent personal firewall Keep your Operating system updated with latest patches Avoid installing cracked softwares Keep OS files and personal files in different HDD partition Factory Restore is the best option to clean your system.
• • • Security Awareness — Internet Internet use is a two edge sword. Be SMART on using Internet NEVER visit untrusted websites NEVER user referral links to visit a website. Instead type in the URL address in the browser Always download software from authorized / Trusted sources Use Browser addons to get protected from known BAD sites Do Not Connect to unknown or unprotected wifi zones Ensure no one is shoulder surfing your key strokes.