Beruflich Dokumente
Kultur Dokumente
TIRUCHENGODE
PRESENTED BY:
SAI SIVA KUMAR.D
SRIHARI.G
EMAIL ID:
saicsedon@gmail.com
srihari8@gmail.com
CONTACT NO:
9789261553
9600692334
CYBER CRIME AND SECURITY
Abstract:
With the rapid growth of Information Technology, organizations are taking extra precautions when
it comes to protecting information. In the complex interconnected business world, the common
practice of deploying company-wide security solutions (e.g., anti-virus software and firewalls) is
only the very first step of cyber security management. Adding to this first layer of security
defence, two business-oriented security solutions are included in this paper: global partnership
and proactive participation. In addition, an evolutionary process of learning to enhance the three
layers of cyber security management is recommended to be done continuously. In order to
manage these three layers of cyber security economically and effectively, an intranet-based
framework of cyber security knowledge repositories based on the 80/20 rule is also proposed
Introduction:
Net extortion, credit card fraud, hacking, virus dissemination, harassment via email - all this was unheard of a
few years ago but now have become common names in the area of cyber crime.
The nature of cyber crimes that have been reported lately have left us shocked. The recently reported crime
being the transfer of 1.5 crore from the bank account of a US client by a BPO employee.
Internet is being used as a medium by many people to make fast money or to indulge in criminal acts. There is
no limit to the way a human mind can think but it is in our hands to take precautions to prevent falling prey to
such insidious acts. In this article, we have defined what cyber crime is, offences under the Information
Technology (IT) act, 2000 and precautions that one can take from being a victim of cyber crime.
What is cyber crime?
“Cyber” refers to imaginary space, which is created when the electronic devices communicate, like network of
computers.
Cyber crime refers to anything done in the cyber space with a criminal intent. These could be either the criminal
activities in the conventional sense or could be activities, newly evolved with the growth of the new medium.
Cyber crime includes acts such as hacking, uploading obscene content on the Internet, sending obscene e-mails
and hacking into a person's e-banking account to withdraw money.
Hacking:
Hacking means an illegal intrusion into a computer system and/network. Using one's own programming
abilities as also various programmes with malicious intent to gain unauthorized access to a computer or
network are very serious crimes. Similarly, the creation and dissemination of harmful computer programs
which do irreparable damage to computer systems is another kind of cyber crime. There is an equvalent
term to hacking i.e. cracking, but the Indian law does not distinguish between the two.
Cyber Stalking:
Cyber Stalking can be defined as the repeated acts of harassment or threatening behavior of the cyber
criminal towards the victim by using internet services. It includes following the victim, making harassing
phone calls, killing the victims pet, vandalizing victims property, leaving written messages or objects. Stalking
may be followed by serious violent acts such as physical harm to the victim and the same has to be treated
and viewed seriously. It all depends on the course of conduct of the stalker.
Denial of service attack:
Denial of service attack is an act by the criminal, who floods the bandwidth of the victim’s network or fills his
e-mail box with spam mail depriving him of the services he is entitled to access.
Virus Dissemination:
Malicious software that attaches itself to other software. (Virus, worms, Trojan Horse, Time bomb, Logic
Bomb, Rabbit and Bacterium are examples of malicious software that destroys
Data diddling:
This kind of an attack involves altering raw data just before it is processed by a computer and then changing
it back after the processing is completed. Electricity boards in India have been victims to data diddling
programs inserted when private parties were computerizing their systems.
Salami attacks:
These attacks are used for the commission of financial crimes. The key here is to make the alteration so
insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a program,
into the bank’s servers, that deducts a small amount of money (say Rs. 5 a month) from the account of every
customer. No account holder will probably notice this unauthorized debit, but the bank employee will make a
sizeable amount of money every month.
Software Piracy:
Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of
products intended to pass for the original.
Phishing:
The act of sending an e-mail to a user falsely claiming to be an established for identity theft. The e-mail
directs the user to visit a website where they are asked to update personal information, such as passwords
and credit card, social security, and bank account numbers that the legitimate organization already has.
Attack techniques
Email bombing:
Email bombing refers to sending a large number of emails to the victim resulting in the victim’s email account
(in case of an individual) or mail servers (in case of a company or an email service provider) crashing.
Predicting the future of cyber crime and security
We have divided them into five groups:
Mobile devices:
1. Laptop encryption:
Laptop encryption will be made mandatory at many government agencies and other organizations that store
customer/patient data and will be pre-installed on new equipment. Senior executives, concerned about potential
public ridicule, will demand that sensitive mobile data be protected.
This development provides a reasonable safety blanket to protect against an epidemic of laptop and PDA theft.
Whether the data on the stolen (or lost) laptops is ever read, the mere theft makes the company and its
executives subject to security breach disclosure laws and public ridicule. If the data is encrypted, in most cases,
the loss does not have to be disclosed.
Attack targets:
Attack techniques:
6. Spy ware
Spy ware will continue to be a huge and growing issue. The spyware developers can make money so many
ways that development and distribution centres will be established throughout the world.
One of the more lucrative (for the criminals) types of spyware is keystroke loggers that wait for the victim to sign
on to a bank and capture the keystrokes for the user name and password. Banks tried to fight this with graphical
point and click password entry, but sophisticated keystroke loggers now also capture the images on which the
victim clicks.
Zero-day vulnerabilities will result in major outbreaks resulting in many thousands of PCs being infected
worldwide. Security vulnerability researchers often exploit the holes they discover before they sell them to
vendors or vulnerability buyers like 'TippingPoint'.
The ranks of security researchers is growing rapidly, in part because they can sell what they find to Verisign's
iDefense or 3Com's TippingPoint. Sadly by the time the researchers sell their discoveries, most have already
been used by someone as zero-day attacks breaking into high-value sites.
8. Rootkits:
The majority of bots will be bundled with rootkits. The rootkits will change the operating system to hide the
attack's presence and make uninstalling the malware almost impossible without reinstalling a clean operating
system.
Rootkit sophistication is soaring. Ed Skoudis, SANS Hacker Exploits course director, tells of a tool called the
Blue Pill that uses new virtualization features of recent AMD processors to create a practically undetectable
rootkit as a virtual machine hypervisor, subverting a system at an extremely deep level, far below the operating
system itself.
Government action:
Defensive strategies:
Over that time, the nature of the threats we face has changed, but the need for vigilance and strong protection in
both the software we use and the way we use it has always been of the utmost importance.
If you think of a cyber criminal, you might think of a hacker working alone, but organized crime has moved in and
runs much of the criminal activities on the Internet. The people working for those organised crime groups on the
Internet may not ever have met any of their fellow gang members; they may be spread across many countries.
It's a new type of crime gang. What's more, the Internet enables the gang bosses to base themselves in
countries where they are unlikely to be caught and prosecuted.
For example, a classic Internet crime happens when someone advertises something for sale on one of the online
sites; maybe they're selling a car. The seller receives an email offering a good price for the car, conditional on
them accepting more money than they advertised the car for, and passing on the extra to a third party. I owe
someone in the UK £500.
If I send you a cheque for £500 more than you want for the car, can you transfer the £500 for me? The seller
waits for the cheque to clear, passes the money on, and a couple of weeks later the bank discovers that the
cheque was stolen. It’s a relatively small amount of money, it won't make the front page of a national newspaper,
but the thieves are £500 closer to their next million in profit from cyber crime.
So many people rely on Microsoft software to run their computers, to write their emails, to browse the Internet,
and we know we have to ensure our software is secure. For example, our Hotmail servers are filtering out 3.4
billion spam emails a day. We're spending billions on research to ensure our software is secure. However,
the criminals never stop trying.
They'll attack any organization; they'll attack government departments The fact is that every company has some
data that can be bought and sold.
Address books, for example, that you may not perceive as particularly valuable - provide valid email addresses for sp
target, and every PC is likely to contain at least one address Book. One question that is always asked is who
responsible for tackling the problems? The answer lies in the collaboration between many parties. Law enforcemen
governments and those in the industry all play their part. Microsoft has brought a number of civil actions to pu
criminals, and we're part of various industry consortiums, because this is an industry-wide problem, and we all have to
It's been built into the technology as part of our Trustworthy Computing initiative. This is a long-term,
collaborative effort to provide more secure, private, and reliable computing experiences for everyone.
Trustworthy Computing is built on four pillars: Security, Privacy, and Reliability in our software, services, and
products; and integrity in our Business Practices.
Analysts estimate that spam (unwanted e-mails) accounts for anywhere from 50 to 70 percent of all e-mail traffic.
In addition to e-mail threats, an evolving ecosystem of viruses, worms, and blended threats are finding new ways
to propagate inside corporate networks - including Web portals and instant messaging applications.
Security products, or the security technologies built into our software are just one part of the overall security
picture. Equally important is the need for all of us to know what threats exist and how we should behave to
minimise them. The threats to the users of your networks are becoming more prevalent, because in many cases
they are the easiest point to attack.
Security tips:
Remember, when you keep your laptop with you.
feature is active, anyone using your computer will have access to your account information. So clear the
passwords & web address.
While accessing social networking, here are tips for helping your kids use social networking sites safely:
2. Explain that kids should post only information that you - and they - are comfortable with others seeing.
3. Realized your kids that once they post information online, they can't take it ack.
Visit only known trading websites & keep your online accounts and personal information secure from online
frauds.
The problem with uncontrolled use of iPods, USB sticks and flash drives on your network
Introduction:
Increased portability, ease of use, stylish looks and a good dose of marketing hype are the perfect cocktail to
entice the population at large! As the popularity of iPods continues to grow, an alarming army of white earphones
is slowly taking over the workplace. But what is so alarming about having iPods and MP3 players at work?
iPod is just one example of such portable contraptions that boasts up to 60 GB of portable storage space;
practically large enough to store all the data found in a typical workstation.
This means that a malicious insider can use an iPod to covertly take out (i.e. 'steal') proprietary data and
millions of financial, consumer or otherwise sensitive corporate records at one go!
This software application runs directly from an iPod and when connected to a computer it can slurp (copy) large
volumes of corporate data on to an iPod within minutes. What's more is that all portable storage devices can be
used to slurp information.
A misconception shared by many organizations is that security threats mostly originate from outside the
corporation. However statistics show that internal security breaches are growing faster than external attacks and
at least half of security breaches originate from behind the corporate firewall.
The term 'identity theft' refers to crimes in which someone obtains and uses the personal details of another
person to commit criminal acts, usually for financial gain. To date it is the fastest growing crime in the United
States. It was estimated that identity theft victims amounted to around nine million adults in the U.S. in 2005
(Johannes, 2006).
The ideal way to ensure complete control over portable storage devices is by introducing technological barriers
such as GFI Endpoint Security. GFI Endpoint Security is a software solution that allows total control over data
transfers, to and from portable storage devices on a user by user basis throughout the network. To read more
and download a trial version, visit
The Conficker worm, also known as Downup, Downadup or Kido, is floating around since October 2008. Security
firms know it pretty well, and in the past days the malware has become known as much well to users too having
infected a significant amount of machines all over the world. We have returned to the “good” old times of Sasser,
Blaster and Mydoom outbreaks, and the already worrisome proliferation of the worm threatens to get even worse
because of some conditions that increasingly support its spreading.
As I have previously highlighted, Conficker first of all exploits a bug in the Windows Server service, probing LAN
networks and casual targets on the Internet in search for unprotected machines. Once identified the next victim
the worm makes use of the bug to execute code remotely, copying itself on the client and inevitably gaining
control over the system. The Microsoft security bulletin containing the fix for the bug is available since October
23, 2008, but notwithstanding this the malware spreading hasn’t done anything but growing reaching the levels
of a true outbreak less than three months after the flaw disclosure.
The Conficker outbreak is what can be defined as a perfect storm, because aside from being able to exploit a
manifold number of vectors the infection takes advantage of a series of situations, coincidences and steady
habits that enormously increase its proliferation capability and, accordingly, its destructive potential. The third
infection mechanism exploited by Conficker is to get the user accounts list of all the machines connected in a
network, using a simple yet surprisingly effective brute-force attack based on a dictionary with a hundred words
to “guess” the access password.
If the attack is successful, the worm deploys a copy of itself in the System32 folder of the involved account,
simultaneously creating a scheduled job to make sure to execute the code on the targeted machine. In this case
Conficker profits by the wicked, atavic habit of users and administrators to use mean passwords, very simple to
recall (”root”, “123456″, “admin” and so on) yet as much simple to bypass for a malicious code.
So the poor security policies are one of the triggering elements of the perfect storm that feeds the Conficker
outbreak, an element heavily blamed by the security enterprise Trend Micro that together with many others ha
given and continues to give full coverage to the problem. And here we aren’t only talking about useless
passwords but also about the guilty delay in deploying the MS08-067 fix released by Microsoft, despite the news
about working exploits had started to spread almost immediately. Once gained control of a system, in that
regard, the worm itself closes the hole to cut off the eventual competition from other malicious codes.
And if the inability to protect network accounts isn’t a chance, the update Microsoft released on October 20, 2008
for its anti-copy technology Windows Geniune Advantage (WGA) was surely less predictable, a new version
designed to complicate the “pirates” life but that has incidentally brought many users of the most piracy-affected
countries to disable the operating system automatic updates. At least this is the assumption made by Symantec,
that in one of its articles devoted to investigate specific aspects of Conficker/Downadup compares the nations
with the biggest piracy rates and those most affected by the infection discovering highly suspicious similarities.
In this case Microsoft’s business policy has rebounded on the company, further concurring to the worm
proliferation with no practical results, what’s more, over those users accustomed to use copied software. In the
Conficker vicissitude Microsoft seems to be guilty for more than once, and the US-CERT is right in underlining
the release of improper information about disabling the Auto Run feature exploited by the malware. “Now we
have learned that the information from the source is not complete“, stated Andrew Storms from encircle Network
Security.
The perfect storm isn’t in any case solely based on chances, carelessness and incompetence of the companies
IT staff. At the heart of Conficker outbreak there’s much more, there is by people aware of what they were doing,
that has eventually been able to improve correcting the early deficiencies and anticipating the moves of security
firms analysts like so those of competitors in the huge business of cyber-crime.
A security is a fungible, negotiable instrument representing financial value. Securities are broadly categorized
into debt securities (such as banknotes, bonds and debentures), and equity
Securities, e.g., common stocks. The company or other entity issuing the security is called the issuer. What
specifically qualifies as a security is dependent on the regulatory structure in a country. For example, private
investment pools may have some features of securities, but they may not be registered or regulated as such if
they meet various restrictions.
Securities may be represented by a certificate or, more typically, by an electronic book entry. Certificates may be
bearer, meaning they entitle the holder to rights under the security merely by holding the security, or registered,
meaning they entitle the holder to rights only if he or she appears on a security register maintained by the issuer
or an intermediary. They include shares of corporate stock or mutual funds, bonds issued by corporations or
governmental agencies, stock options or other options, limited partnership units, and various other formal
investment instruments that are negotiable and fungible.
Cyber Security:
Today's government agencies face complex security risks and challenges. Relying on traditional firewalls,
intrusion detection systems, and encryption alone are not effective against the evolving threats. Limiting risk to
data before attacks occur is accomplished through risk assessment and management.
General precautions:
• Maintain computer security: Computer security helps you to stop unauthorized users (also known as
“intruders”) from accessing any part of your computer system. Detection helps you to determine whether
or not someone attempted to break into your system, if they were successful, and what they may have
done
• Do not operate your accounts from a cyber cafe: Do not give out the password and do not give your
phone numbers in the chat room
• Password: For each computer and service you use (e-mail, chatting, online purchasing, for example),
you should have a password
• Stay informed about the security related news
• Protect Your Personal Computer: Use the latest version of a good anti-virus software package which
allows updation from the Internet
• Do not disclose information: Do not give out identifying information such as name, home address,
school name or telephone number in a chat room
Solution:
We provide the following ProActive & ReActive techniqs : peventive safety measures to tackle cyber attacks,
setting up own CERT team, Computer Forensics, Social Engineering, identifying vulnerabilities and patching up,
investigating various Cyber Crimes, Penetration/VulnerabiliTesting, setting up PKI/VPN, MS Office, and other
crash courses.
Penetration/Vulnerability Testing
We provide the following : Internal/Exernal, with Variations (Black Box, White Box, Grey Box), for Computers,
Networks, Applications, etc.
Software Development
We develop the following : customized software/applications based on client's specific requirements, customized
software to protect private and confidential data from third parties.
Website Design/Hosting
We develop the following : professional web pages, customized web-related applications, assist in web hosting,
and other web-related solutions.
Network Setup/Configuration
We provide the following : RAID setup, VPN, wireless network, wired network, and all kinds of server setup.
Data Backup
We provide the following : BCP, DRP, Automation Backup, Data Backup/Recovery, e-mail Backup/Recovery,
RAID Backup, Full/Incremental/Differential Backups, On-The-Fly Backup, Storage Media Backup, etc. IT
Audit We conduct the following : IT audit, Internal Audit, (all types of Audit are accompanied by certified
auditors), providing certification of documents, etc.
Drafting IT Policies/Procedures
It is without doubt that the above solutions will facilitate to ensure that a firm is on the right track, but only up to a
certain extent; because we assume the member(s) of staff to be the weakest link in the entire network. To
prevent this assumption from becoming a reality, we proceed to provide our clients with the service of drafting IT
policies/procedures.