CYBER CRIME AND CYBER
SECURITY
Abstract
The term computer security is used frequently, but
the content of a computer is vulnerable to few risks
unless the computer is connected to other computers
on a network. As the use of computer networks,
especially the Internet, has become pervasive, the
concept of computer security has expanded to denote
issues pertaining to the networked use of computers
and their resources. The major technical areas of
computer security are usually represented by the
initials CIA: confidentiality, integrity, and
authentication or availability. Confidentiality means
that information cannot be access by unauthorized
parties. Confidentiality is also known as secrecy or
privacy; breaches of confidentiality range from the
embarrassing to the disastrous. Integrity means that
information is protected against unauthorized
changes that are not detectable to authorized users;
many incidents of hacking compromise the integrity
of databases and other resources. Authentication
means that users are who they claim to be.
INTRODUCTION
While computers and the Internet have made our
lives easier in many ways, it is unfortunate that
people also use these technologies to take advantage
of others.
When the individual is the main target of
Cybercrime, the computer can be considered as the
tool rather than the target. Human weaknesses are
generally exploited. The damage dealt is largely
psychological and intangible, making legal action
against the variants more difficult. These are the
crimes which have existed for centuries in the offline.
These crimes are committed by a selected group of
criminals These crimes are relatively new, having
been in existence for only as long as computers have
- which explains how unprepared society and the
world in general is towards combating these crimes.
This is where the role of Computer Security comes
in.
Computer security is a branch of technology known
as information security as applied to computers and
networks. The objective of computer security
includes protection of information and property from
theft, corruption, or natural disaster, while allowing
the information and property to remain accessible and
productive to its intended users.
While Network security consists of the provisions
made in an underlying computer network
infrastructure, policies adopted by the network
administrator to protect the network and the networkaccessible resources from unauthorized access, and
consistent and continuous monitoring and
measurement of its effectiveness (or lack) combined
together.
Cybercrime is defined as crimes committed on the
internet using the computer as either a tool or a
targeted victim. Cybercrime is criminal activity done
using computers and the Internet. This includes
anything from downloading illegal music files to
stealing millions of dollars from online bank
accounts. Cybercrime also includes non-monetary
offenses, such as creating and distributing viruses on
other computers or posting confidential business
information on the Internet.
HISTORY OF CYBER CRIME
Cybercrime has had a short but highly eventful
history. Apart from being an interesting study by
itself, observing the history of cybercrime would also
give the individual and society the opportunity to
avoid the mistakes made in the past.

1988

Here are the highlights to how this cyber termite has
engulfed our cyber world.

1971



John Draper discovers the give-away whistle
in Cap'n Crunch cereal boxes reproduces a
2600Hz tone. Draper builds a ‘blue box’
that, when used with the whistle and
sounded into a phone receiver, allows
phreaks to make free calls. Esquire
publishes "Secrets of the Little Blue Box"
with instructions for making one. Wire fraud
in the US escalates.
A rogue program called the Creeper spreads
through early Bulletin Board networks

Kevin Mitnick secretly monitors the e-mail
of MCI and DEC security officials. He is
convicted and sentenced to a year in jail.
Kevin Poulsen is indicted on phonetampering charges. He goes on the run and
avoids capture for 17 months.
First National Bank of Chicago is the victim
of $70-million computer theft.
Robert T. Morris, Jr., graduate student at
Cornell University and son of a chief
scientist at the NSA, launches a selfreplicating worm (the Morris Worm) on the
government's Arpanet (precursor to the
Internet). The worm gets out of hand and
spreads to over 6000 networked computers,
clogging government and university
systems. Morris is dismissed from Cornell,
sentenced to three years' probation, and
fined $10K.
1991
1972

After many break-ins into govt. and
corporate computers, Congress passes the
Computer Fraud and Abuse Act,
The Internetworking Working Group is
founded to govern the standards of the
Internet. Vinton Cerf is the chairman and is
known as a "Father of the Internet”.

1992

1982

Elk Cloner, an AppleII boot virus, is written.

Hacker magazine 2600 begins publication
(still in print; see Captain Crunch for the
derivation of the name).
Kevin Poulsen is captured and indicted for
selling military secrets.
Dark Avenger releases 1st polymorphic
virus.
1993

1985

Online
hacking
established.
magazine
Phrack
2007
1986


During radio station call-in contests, hackerfugitive Kevin Poulsen and friends rig the
stations' phone systems to let only their calls
through. They win two Porsches, vacation
trips and $20,000.
First DefCon hacker conference held in
Vegas.
Pakistani Brain, the oldest virus created
under unauthorized circumstances, infects
IBM computers.

Retailer TJMaxx (Winners, Homesense)
notifies consumers that server breaches
between July 2005 and January 2007 had
exposed personal data (45M+ debit and
credit cards, $180M direct cost so far) (Jan).















Payment services firm MoneyGram notifies
consumers that server breaches exposed
personal data (80K) (Jan).
Nokia Canada Web Site defaced using an
XSS attack (Jan).
A priority code used to get a free platinum
pass to MacWorld was validated on the
client, enabling anyone get free passes (Jan)
(A similar hack works in 2008).
Online payment services firm E-Gold
charged with money-laundering (Apr)
(convicted in 2008)
AG’s from several US States demand that
NewsCorp’s
social
networking
site
MySpace provide list of sex offenders who
have registered at the site (May).
The Chinese government and military are
accused of hacking other nations’ networks,
including US pentagon networks, and
German and UK government computers.
DoS attacks are launched against various
government websites in Estonia, including
the country’s police, Min. of Finance and
parliament (May).
Oracle files lawsuit against SAP, charging
that
the
company's
TomorrowNow
subsidiary had inappropriately downloaded
software patches and documents from
Oracle's online support service (Mar).
Monster.com and other job sites are hacked
and resume information stolen (Aug).
Hackers post sensitive information on 1.2K
e-Bay users to forum for preventing fraud on
the auction site (Sep)
TD Ameritrade announces that a
compromised company computer had leaked
the e-mail addresses of all its 6.3M
customers from July 2006 (used for pump
and dump spam). E*Trade suffers from
similar attack (Sep).
US Secret Service arrest security consultant
Max Ray Butler (‘Max Vision’) for
managing an identity theft ring on the online
credit-counterfeiting forum, CardersMarket
(Sep)
A known vulnerability in the helpdesk
software used by hosting provider Layered
Technologies results in information leakage,
including names, addresses, phone numbers
and email addresses of up to 6,000 of the
company's clients (Sep).
A hacker exploits a leftover admin function
on eBay to block users and close sales (Oct).
The Storm Worm (a bot program first
spotted in Jan), continues to spread spam,





promote pump&dump schemes; hides bot
computers with DNS fluxing, launches DoS
attacks against machines probing its bots.
Russian Business Network (RBN) offers
bulletproof hosting, allowing sites which
host illegal content to stay online despite
legal takedown attempts. Sept’s attack on
Bank of India, various MPack attacks use
RBN services. (Oct)
A flaw
in
Passport
Canada's
website allows access to the personal
information - social insurance numbers,
dates of birth and driver's licence numbers of other people applying for new passports
(Nov).
Infamous Russian malware gang RBN use
SQL injection to penetrate US government
sites (Nov).
A vulnerability in Word Press allows
spammers to penetrate Al Gore’s web site,
modify pages, and post spam comments
(Nov)
John Schiefer (LA) admits to using botnets
to illegally install software on at least 250K
machines and steal the online banking
identities of Windows users. (Dec)
2008







FTC settles with “Life is Good”
(www.lifeisgood.com),
which exposed
credit card information due to SQL Injection
flaw (Jan)
Login page of Italian bank (Banca
Fideuram) replaced using XSS (Jan)
RIAA website DoS’ed, then defaced, using
SQL Injection&XSS (Jan)
CSRF used to hack a Korean e-commerce
site (Auction.co.kr) and steal information on
18M users (Feb)
MySpace and FaceBook private pictures
exposed on-line using URL manipulation
(Jan & Mar)
Hackers steal 4.2M card numbers of
Hannaford shoppers, resulting in over 2000
fraud cases (Mar)
SQL and iFrame Injection are used to add
JavaScript code to websites which then
download viruses and other malware from
hacker sites when browsed. Search Engine
Optimization (SEO) techniques result in
infected pages being placed high on
Google’s’ search results. Affected sites
number in excess of 200K. (Mar)







Just before the Pennsylvania Democratic
Primary, XSS is used to redirect users of
Barack Obama’s website to Hillary
Clinton’s (Apr)
US Federal prosecutors charge parent who
allegedly badgered a girl to suicide on
MySpace with three counts of computer
crime (conspiracy and hacking) (May)
Radio Free Europe hit by DoS attack (May)
Online payment service E-Gold pleads
guilty to money laundering (Jul)
Canadian Teachers Federation proposes
adding Cyber-Bullying to Canadian
Criminal Code (Jul)
Canadian porn site Slick Cash pays $500K
to Facebook after it tried to gain
unauthorized access to Facebook’s friendfinder functionality back in June 2007 (Jul)
Terry Childs, San Francisco City network
admin, refuses to give out passwords,
locking other admins out of network (Jul).
HACKERS VS CRACKERS
1. White Hat: - A white hat hacker breaks security
for non-malicious reasons, for instance testing their
own security system. This type of hacker enjoys
learning and working with computer systems
2. Grey Hat: - A grey hat hacker is a hacker of
ambiguous ethics and/or borderline legality, often
frankly admitted.
3.Black Hat:- A black hat hacker is someone who
breaks computer security without authorization or
uses technology (usually a computer, phone system
or network) for vandalism, credit card fraud, identity
theft, piracy, or other types of illegal activity. Still
there are some other types of crackers as well they
include following categories
4. Script kiddies: - A script kiddie is a non-expert
who uses tools written by others, usually with little
understanding.
5. Hacktivist: - A hacktivist is a hacker whouses
technology to announce social or religious matter.
These are also known as cyber terrorists. In modern
era both of these people have major role in internet
security.
NEED OF
INDIA
From many years there has been a misconception
about hackers. The very basic definition of hacker is
“someone involved in Computer security”. Hackers
mainly have good knowledge about the programming
as well as security in servers. Hackers penetrate the
security of servers by using programming skills as
well as different hacking tools, but all this security
penetration is legal and authenticated as they have
legal permission from admnis and they are especially
appointed to find loop holes in the system.Crack3rs
are actually having same knowledge as that of
hackers but they do not care about any ethics or rule
and have their own manifesto. In other sense Hackers
are good people and crackers are computer criminals
or terrorists. Hackers are categorized on the basis of
their hat types and those types are
SECURITY
IN
China's intensified cyber warfare against India is
becoming a serious threat to national security. The
desire to possess 'electronic dominance' over India
has compelled Chinese hackers to attack many
crucial Indian websites and over the past one and a
half years, they have mounted almost daily attacks on
Indian computer networks - both government and
private.
In October 2007, for example, Chinese hackers
defaced over 143 Indian websites. In April 2008,
Indian intelligence agencies detected Chinese hackers
breaking into the computer network of the Ministry
of External Affairs forcing the government to think
about devising a new strategy to fortify the system.
Though the intelligence agencies failed to get the
identity of the hackers, the IP addresses left behind
suggested
Chinese
hands.
While hacking is a normal practice around the world,
the cyber warfare threat from China has serious
implications. At the core of the assault is the fact that
the Chinese are constantly scanning and mapping
India's official networks. According to India's CERTIn, in the year 2006, a total of 5,211 Indian websites
were defaced, on an average of about 14 websites per
day. Of the total number of sites that were hacked
and defaced, an overwhelming majority were in the
.com domain (90 cases) followed by 26 in the .in
domain. As many as 11 defacement incidents were
also
recorded
in
the
.org
domain.
Of all hacking incidents in October, about 61 per cent
related to phishing, 27 per cent to unauthorized
scanning and 8 per cent to viruses/worms under the
malicious code category. India, like the western
countries, has been witnessing a massive rise in
phishing attacks with incidents in 2006 180 per cent
higher than in 2005, and the trend carrying through
into 2007.Though the maximum defacements have
been recorded during August, in 2007, February and
March recorded the highest such cases with 858 and
738 websites defaced respectively. August, by
contrast, saw only 345 websites defaced. While other
countries treat Chinese cyber attacks as security
breaches, India considers these intrusions as the
equivalent of Internet-based terrorist attacks. An
Indian Army commanders' conference held in New
Delhi on 26 April, voiced concern over mounting
attacks on the country's networks. In the US, in June
2007, the Pentagon's computers were shut down for a
week
as
a
result
of
hacking.
At the frequency and aggressiveness of cyber attacks
President Bush, without referring directly to Beijing,
had said last year that "a lot of our systems are
vulnerable to attack." The Chinese military hacked
into the US Defence Secretary's computer system in
June 2007 and regularly penetrated computers in at
least ten of the UK's Whitehall departments,
accessing also military files. German Chancellor,
Angela Merkel, too has complained to Chinese
Premier, Wen Jiabao, over suspected hacks of its
government
systems.
Although Beijing vehemently denies all allegations
of state-controlled cyber snooping and hacking, the
Chinese government as well as its society hails the
practice of hacking for the national cause. The
formation of Honker Union in China in 1999, in
retaliation to the US bombing of the Chinese
embassy in Belgrade, was aimed at widespread
hacking under the guise of patriotism and
nationalism, mostly of government-related websites
around
the
world.
Unless India takes adequate steps to protect itself
from external cyber threats, the world famous IT
giant could be facing a grim situation. Cyber attacks
are dangerous for India because of the growing
reliance on networks and technology to control
critical systems that run power plants and
transportation systems. Cyber attacks on banks, stock
markets and other financial institutions could
likewise have a devastating effect on a nation's
economy.
As a countermeasure, the Indian armed forces are
trying to enhance their C4ISR capabilities, so that the
country can launch its own cyber offensive if the
need arises. Given Chinese cyber attacks, there is
need for the army to fight digital battles as well.
According to Indian Army Chief, General Deepak
Kapoor, the army has already ramped up the security
of its information networks right down to the division
level, while the Army Cyber Security Establishment
has started conducting periodic cyber-security audits
as well. However, the question remains: is this
enough to stop Chinese cyber attacks?
TYPES OF ATTACKS
As hackers as well as crackers have tendency of
breaking into the computers they use many types of
attacks on their target to find loop holes in it or to
break the security. These types of attacks are either
developed by hacker itself or they can be some
standard one. We are going to explain few of those
famous attacks by crackers or hackers on systems.
1) Ip spoofing:-This is very basic type of attack. In
IP spoofing, the attacker gains an unauthorized
access to the computers and makes it appear that the
connection message has come from the trusted
computer and the true identity of the attacker is
hidden. Spoofing is the most common way to break
into the network.IP spoofing is the most common
forms of on line camouflage. IP spoofing was first
talked about in the early 1980’s. It wasn’t used in
practically unless Robert Morris discovered a
weakness in the TCP protocol known as sequence
prediction. It was again brought to the light when,
Kevin Metnick employed the technique of sequence
prediction and IP spoofing and made a program
called “Christmas Day” which cracked Tsutomu
Shimomura’s machine which was very famous for
the wrong reasons. Though we hear the usage of IP
spoofing to be used for the wrong purposes but still
we can use IP spoofing for the security reasons as
well. And it is needed to be addressed by security
administrators as well. To know exactly how the
spoofing works, we need to take a look upon the
TCP/IP protocol and IP headers.
IP is a protocol which resides at the third layer of OSI
model. Now as we know the basic protocol to send
data over the network is the IP protocol. Now the
important thing to notice from the view of attacker is
this protocol is a connectionless protocol, which
means that there is no record of the information of
the packets in the transition state which is used to
route the packets. And on the top of that, there is no
provision to check whether the packet has been
properly delivered to the destination or not. The basic
thing we can notice about the IP header is source
address and destination address. The attacker in this
case usually depends upon the source address. This is
because the attacker wants to send the spoofed
packets to the destination in such a way that the
source address would be fake or forged. Therefore
the attacker can make it appear to the destination that
the packets have come from the machine which it
knows.
Now we can clearly see the 4th and 5th layer. In these
layers we can clearly see the source and the
destination addresses. And we also know that the
attacker is normally interested in the source address.
As we already know that IP is a stateless
protocol, each data gram is sent independent
of the others. The attacker can attack these.
Addresses using some tools.
2) Port scanning:-port scanning can be done
by scanning each and every port on your
network system and then actually finding the
open ports. Mostly ports are of these types
1) Well known ports (0-1023)
2) Registered Ports (1024- 49151)
3) Private Ports
(49152-65135)
Hackers can use any of one of the above open port
and pinging there server to any other personal
computers.
2) DOS-denial of service
Denial of Service: Denial of service attack is the
most common and currently the most difficult to
defend against attack in the present. This attack is
usually used by crackers. Crackers don’t really worry
about the handshakes whether they have been
properly done or not. For them the only important
thing is consuming bandwidth and the resources in
order to crash the systems. We can say that Denial of
Service is an attack which sends maximum amount of
the packets in the minimum amount of time to the
victims and flood it up with them. In a result it ends
up crashing of the system and it is difficult to block
this attack. But how spoofing comes to play in this
attack? Crackers even though they really don’t want
to make certain connection with the specific source
address, they spoof the source address and when
there is more than one attacker involved in one attack
with the spoofed IPs, it is very difficult to trace them
and block them to end an attack and save the system
from crashing.
Now we can say that motivation of this attack is not
to crash the system but the denial of service is an
attack which motivates to make system lame as it
cannot communicate with the other services as these
are simply denied. DOS makes the system
a) Crash the systems
b) Make the system down
3) Trojan horse- Its most widely tools used in the
world for cracking. Trojans are executable programs,
which mean that when you open the file, it will
perform some action(s). In Windows, executable
programs have file extensions like "exe", "vbs",
"com", "bat", etc. Some actual Trojan filenames
include: "dmsetup.exe" and "LOVE-LETTER-FORYOU.TXT.vbs" (when there are multiple extensions,
only the last one count, be sure to unhide your
extensions so that you see it). More information on
risky file extensions may be found at this Microsoft
document.
AS we can see above all red lines are spoof
packets on the personal computers causing it
to be hacked or it may cause system
corruption.
Distributed DOS:
This is a combined effort of many attackers which
combining try to make a victim down. Normally
there is a master attacker which launches the attack
first and then zombies soon attack. The figure below
shows the Distributed DOS attack:
Trojans can be spread in the guise of literally
ANYTHING people find desirable, such as a free
game, movie, song, etc. Victims typically
downloaded the Trojan from a WWW or FTP
archive, got it via peer-to-peer file exchange using
IRC/instant messaging/Kazaa etc., or just carelessly
opened some email attachment. Trojans usually do
their damage silently. The first sign of trouble is
often when others tell you that you are attacking them
or trying to infect them! It simply creats the system
back door causing theft of information from it.
4) Virus and worms:-virus and worms are both used
by crackers to crack the security. Computer viruses
are small software programs that are designed to
spread from one computer to another and to interfere
with computer operation. A virus might corrupt or
delete data on your computer, use your e-mail
program to spread itself to other computers, or even
erase everything on your hard disk. Viruses are often
spread by attachments in e-mail messages or instant
messaging messages. That is why it is essential that
you never open e-mail attachments unless you know
who it's from and you are expecting it. Viruses can be
disguised as attachments of funny images, greeting
cards, or audio and video files. Viruses also spread
through download on the Internet. They can be
hidden in illicit software or other files or programs
you might download. Worms are programs that
replicate themselves from system to system without
the use of a host file. This is in contrast to viruses,
which requires the spreading of an infected host file.
Although worms generally exist inside of other files,
often Word or Excel documents, there is a difference
between how worms and viruses use the host file.
Usually the worm will release a document that
already has the "worm" macro inside the document.
The entire document will travel from computer to
computer, so the entire document should be
considered the worm W32.Mydoom.AX@mm is an
example of a worm.
for type constraints. This could take place when a
numeric field is to be used in a SQL statement, but
the programmer makes no checks to validate that the
user supplied input is numeric. For example:
5) SQL injection- SQL injection is a code
injection technique
that
exploits
a security
vulnerability occurring in the database layer of
an application. The vulnerability is present when user
input is either incorrectly filtered for string
literal escape characters embedded in SQL statements
or user input is not strongly typed and thereby
unexpectedly executed. It is an instance of a more
general class of vulnerabilities that can occur
whenever one programming or scripting language is
embedded inside another.
Will drop (delete) the "users" table from the database,
since the SQL would be rendered as follows:
Incorrectly filtered escape characters
The following line of code illustrates
vulnerability:
this
statement = "SELECT * FROM users WHERE
name = '" + userName + "';"
This SQL code is designed to pull up the records of
the specified username from its table of users.
However, if the "userName" variable is crafted in a
specific way by a malicious user, the SQL statement
may do more than the code author intended. For
example, setting the "userName" variable as
a' or 't'='t
Incorrect type handling
This form of SQL injection occurs when a user
supplied field is not strongly typed or is not checked
statement := "SELECT * FROM data WHERE id = "
+ a_variable + ";"
It is clear from this statement that the author intended
a_variable to be a number correlating to the "id"
field. However, if it is in fact a string then the end
user may manipulate the statement as they choose,
thereby bypassing the need for escape characters. For
example, setting a_variable to
1; DROP TABLE users
SELECT * FROM DATA WHERE id=1; DROP
TABLE users;
Another form of SQL injection is BLIND SQL
INJECTION- Blind SQL Injection is used when a
web application is vulnerable to SQL injection but
the results of the injection are not visible to the
attacker. The page with the vulnerability may not be
one that displays data but will display differently
depending on the results of a logical statement
injected into the legitimate SQL statement called for
that page. This type of attack can become timeintensive because a new statement must be crafted for
each bit recovered. There are several tools that can
automate these attacks once the location of the
vulnerability and the target information has been
established.[3]
[edit]Conditional responses
One type of blind SQL injection forces the database
to evaluate a logical statement on an ordinary
application screen.
SELECT booktitle FROM booklist WHERE bookId
= 'OOk14cd' AND 1=1;
will result in a normal page while
SELECT booktitle FROM booklist WHERE bookId
= 'OOk14cd' AND 1=2;
6) BRUTE FORCING-Its one of the oldest method
of cracking. Brute forcing softwares actually find
random combination of passwords and username and
compare them to get desired results. The time for
password guess depends upon the length of password
.If password is strong then it will even take few days
to get the password, but now days sites hacking anti
brute forcing filters so this methods are not sufficient
.
The above figure shows the diagram of one of brute
forcing software as we can clearly see it is guessing
the password
7)phishing attack- In the field of computer
security, phishing is
the criminally fraudulent process of attempting to
acquire
sensitive
information
such
as
usernames, passwords and credit card details by
masquerading as a trustworthy entity in an electronic
communication. It includes copying of source code of
web site to be hacked and then crackers create the
fake log in pages for it. These WebPages are
accessed by target when he clicks on anonymous
links and there he finds the login prompt of the site
which is actually made by the crackers to get victims
password and username. Victim gets caught and
crackers penetrate the security.
See this is the fake site of ICICI bank from
URL
https://infinity.icicibank.co.in/BANKAWA
Y?Action.
And
This one is the real ICICI bank site from
URL
https://infinity.icicibank.co.in/BANKAWA
Y?
Some other important cyber crimes are:Software piracy: The illegal distribution of
softwares, i.e without permission of author or illegal
distribution of media violating the rights is called as
piracy
Cyber Pornography: This would include
pornographic websites; pornographic magazines
produced using computer and the Internet (to down
load and transmit pornographic pictures, photos,
writings etc.)
Sale of illegal articles: This would include sale of
narcotics, weapons and wildlife etc., by posting
information on websites, bulletin boards or simply by
using e-mail communications.
Online gambling: There are millions of websites;
all hosted on servers abroad, that offer online
gambling. In fact, it is believed that many of these
websites are actually fronts for money laundering.
Intellectual Property Crimes: These include
software piracy, copyright infringement, trademarks
violations etc.
E-Mail spoofing: A spoofed email is one that
appears to originate from one source but actually has
been sent from another source. This can also be
termed as E-Mail forging.
Forgery: Counterfeit currency notes, postage and
revenue stamps, mark sheets etc., can be forged using
sophisticated computers, printers and scanners.
Cyber Defamation: This occurs when defamation
takes place with the help of computers and or the
Internet e.g. someone published defamatory matter
about someone on a websites or sends e-mail
containing defamatory information to all of that
person’s friends.
Cyber Stalking: Cyber stalking involves following a
person’s movements across the Internet by posting
messages on the bulletin boards frequented by the
victim, entering the chat-rooms frequented by the
victim.
E-Mail bombing: Email bombing refers to sending a
large amount of e-mails to the victim resulting in the
victims’ e-mail account or mail servers.
Data diddling: This kind of an attack involves
altering the raw data just before it is processed by a
computer and then changing it back after the
processing is completed.
Salami attacks: Those attacks are used for the
commission of financial crimes. The key here is to
make the alteration so insignificant that in a single
case it would go completely unnoticed e.g. A bank
employee inserts a program into bank’s servers, that
deducts a small amount from the account of every
customer.
Logic bombs: These are dependent programs. This
implies that these programs are created to do
something only when a certain event occurs, e.g.
some viruses may be termed logic bombs because
they lie dormant all through the year and become
active only on a particular date.
Internet Time Theft: This connotes the usage by
unauthorized persons of the Internet hours paid for by
another person.
Spyware: It is a type of malware that is installed on
computers and that collects information about users
without their knowledge. The presence of spyware is
typically hidden from the user. Typically, spyware is
secretly installed on the user's personal computer.
Sometimes, however, spywares such as keyloggers
are installed by the owner of a shared, corporate, or
public computer on purpose in order to secretly
monitor other users.
Adware: - advertising-supported software is any
software package which automatically plays,
displays, or downloads advertisements to a computer
after the software is installed on it or while the
application is being used. Some types of adware are
also spyware and can be classified as privacyinvasive software.
Botnet: - is a jargon term for a collection of software
robots, or bots, that run autonomously and
automatically. The term is often associated with
malicious software but it can also refer to the network
of computers using distributed computing software.
While botnets are often named after their malicious
software name, there are typically multiple botnets in
operation using the same malicious software families,
but operated by different criminal entities.
PREVENTION
PREVENTIVE STEPS FOR INDIVIDUALS
CHILDREN:
Children should not give out identifying information
such as Name, Home address, School Name or
Telephone Number in a chat room. They should not
give photographs to anyone on the Net without first
checking or informing parents guardians. They
should not respond to messages, which are
suggestive, obscene, belligerent or threatening, and
not to arrange a face-to –face meeting without telling
parents or guardians. They should remember that
people online might not be who they seem.
PARENTS:
Parent should use content filtering software on PC to
protect children from pornography, gambling, hate
speech, drugs and alcohol.
There is also software to establish time controls for
use of limpets (for example blocking usage after a
particulars time) and allowing parents to see which
site item children have visited. Use this software to
keep track of the type of activities of children.
PREVENTIVE STEPS FOR ORGANISATIONS
AND GOVERNMENT
PHYSICAL SECURITY: Physical security is most
sensitive component, as prevention from cyber crime
Computer network should be protected from the
access of unauthorized persons.
ACCESS CONTROL: Access Control system is
generally implemented using firewalls, which
provide a centralized point from which to permit or
allow access. Firewalls allow only authorized
communications between the internal and external
network.
PASSWORD: Proof of identity is an essential
component to identify intruder. The use of passwords
in the most common security for network system
including servers, routers and firewalls. Mostly all
the systems are programmed to ask for username and
password for access to computer system. This
provides the verification of user. Password should be
charged with regular interval of time and it should be
alpha numeric and should be difficult to judge.
FINDING THE HOLES IN NETWORK: System
managers should track down the holes before the
intruders do. Many networking product manufactures
are not particularly aware with the information about
security holes in their products. So organization
should work hard to discover security holes, bugs and
weaknesses and report their findings as they are
confirmed.
USING NETWORK SCANNING PROGRAMS:
There is a security administration’s tool called UNIX,
which is freely available on Internet. This utility
scans and gathers information about any host on a
network, regardless of which operating system or
services the hosts were running. It checks the known
vulnerabilities include bugs, security weakness,
inadequate password protection and so on. There is
another product available called COPS (Computer
Oracle and Password System). It scans for poor
passwords, dangerous file permissions, and dates of
key files compared to dates of CERT security
advisories.
USING INTRUSION ALERT PROGRAMS: As it
is important to identify and close existing security
holes, you also need to put some watchdogs into
service. There are some intrusion programs, which
identify suspicious activity and report so that
necessary action is taken. They need to be operating
constantly so that all unusual behavior on network is
caught immediately.
USING ENCRYPTION: - Encryption is able to
transform data into a form that makes it almost
impossible to read it without the right key. This key
is used to allow controlled access to the information
to selected people. The information can be passed on
to any one but only the people with the right key are
able to see the information. Encryption allows
sending confidential documents by E-mail or save
confidential information on laptop computers without
having to fear that if someone steals it the data will
become public. With the right encryption/decryption
software installed, it will hook up to mail program
and encrypt/decrypt messages automatically without
user interaction.
FIREWALL: It is a device or set of devices
configured to permit, deny, encrypt, decrypt, or proxy
all (in and out) computer traffic between different
security domains based upon a set of rules and other
criteria. Firewalls can be implemented in either
hardware or software, or a combination of both.
ANTI-VIRUS :- It is a software used to prevent,
detect, and remove malware, including computer
viruses, worms, and Trojan horses. Such programs
may also prevent and remove adware, spyware, and
other forms of malware.
ETHICAL HACKERS:-Some companies employ
ethical hackers. A white hat is the hero or good guy,
especially in computing slang, where it refers to an
ethical hacker or penetration tester who focuses on
securing and protecting IT systems by testing for
loop holes in the system and patching them.