meraj

Module 1A:-Introduction Of Cybercrime

cyber crime
Cyber crime encompasses any criminal act dealing
withcomputers and networks (called hacking). Additionally, cyber crime also includes traditional
crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet
fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the
illegal activities are committed through the use of a computer and the Internet.

Cybercrime: The facts

Cybercrime has now surpassed illegal drug trafficking as a criminal moneymaker

Somebodys identity is stolen every 3 seconds as a result of cybercrime

Without a sophisticated security package, your unprotected PC can become infected

within four minutes of connecting to the Internet.

Theft of personal data

Copyright infringement

Fraud

Child pornography

Cyberstalking

Bullying

Type 1 cybercrime

Usually a single event from the perspective of the victim. An example would be where
the victim unknowingly downloads a Trojan horse virus, which installs a keystroke logger on
his or her machine. The keystroke logger allows the hacker to steal private data such as
internet banking and email passwords.

Another common form of Type 1 cybercrime is phishing. This is where the victim
receives a supposedly legitimate email (quite often claiming to be a bank or credit card
company) with a link that leads to a hostile website. Once the link is clicked, the PC can
then be infected with a virus.

Hackers often carry out Type 1 cybercrime by taking advantage of flaws in a web
browser to place a Trojan horse virus onto the unprotected victims computer

Any cybercrime that relates to theft or manipulation of data or services via hacking or
viruses, identity theft, and bank or e-commerce fraud.

Type 2 cybercrime

Type 2 cybercrime tends to be much more serious and covers things such as
cyberstalking and harassment, child predation, extortion, blackmail, stock market
manipulation, complex corporate espionage, and planning or carrying out terrorist activities.

It is generally an on-going series of events, involving repeated interactions with the

target. For example, the target is contacted in a chat room by someone who, over time,
attempts to establish a relationship. Eventually, the criminal exploits the relationship to

meraj
commit a crime. Or, members of a terrorist cell or criminal organisation may use hidden
messages to communicate in a public forum to plan activities or discuss money laundering
locations, for example.

More often than not, it is facilitated by programs that do not fit under the classification
crimeware. For example, conversations may take place using IM (instant messaging) clients
or files may be transferred using FTP.

Forgery
Forgery is the faking of a signature without permission, making a false document
or changing an existing document without authorization. The most common form of
forgery is signing someone else's name to a check, but objects, data and
documents can also be forged. Legal contracts, historical papers, art objects,
diplomas, licenses, certificates and identification cards can be forged.
example, works of arts can be copied or replicated and no crime be committed
unless someone attempted to sell or represent the copies as originals. Then the
copies would become illegal forgeries.

Hacker
In computer networking, hacking is any technical effort to manipulate the normal
behavior of network connections and connected systems. A hacker is any person
engaged in hacking. The term "hacking" historically referred to constructive, clever
technical work that was not necessarily related to computer systems. Today,
however, hacking and hackers are most commonly associated with malicious
programming attacks on the Internet and other networks.
Example. M.I.T. engineers in the 1950s and 1960s first popularized the term and
concept of hacking.

Hacking vs. Cracking

Malicious attacks on computer networks are officially known as cracking,
while hacking truly applies only to activities having good intentions. Most nontechnical people fail to make this distinction, however. Outside of academia, its
extremely common to see the term "hack" misused and be applied to cracks as
well.

meraj
Common Network Hacking Techniques
Hacking on computer networks is often done through scripts or other network
programming. These programs generally manipulate data passing through a
network connection in ways designed to obtain more information about how the
target system works. Many such pre-packaged scripts are posted on the Internet
for anyone, typically entry-level hackers, to use. More advanced hackers may study
and modify these scripts to develop new methods. A few highly skilled hackers work
for commercial firms with the job to protect that company's software and data from
outside hacking.

software piracy
The unauthorized copying of software. Most retail programs arelicensed for use at just
one computer site or for use by only oneuser at any time. By buying the software, you become
a licensed user rather than an owner (see EULA). You are allowed to make copies of the
program for backuppurposes, but it is against the law to give copies to friends and colleagues.
Software piracy is all but impossible to stop, although software companies are launching more
and more lawsuits against major infractors. Originally, software companies tried to stop software
piracy by copy-protectingtheir software. This strategy failed, however, because it was
inconvenient for users and was not 100 percent foolproof. Most software now requires some
sort of registration, which may discourage would-be pirates, but doesn't really stop software
piracy.
Some common types of software piracy include counterfeit software, OEM
unbundling, softlifting, hard disk loading, corporate software piracy, and Internet software piracy.

Software Piracy
Software piracy is the stealing of legally protected software. Under copyright law, software
piracy occurs when copyright protected software is copied, distributed, modified or sold.
Software piracy is considered direct copyright infringement when it denies copyright holders due
compensation for use of their creative works.

Computer Network Intrusions

meraj
A strong firewall should help you keep an eye on attempts to contact your computer. It should
also alert you if an application on your machine is attempting to contact another computer. Keep
a close eye on these messages. Some are harmless or even beneficial -- you wouldn't want to
block your anti-virus program from downloading the latest updates. But others can be signs that
someone is trying to access your information or control your machine from a remote location.
Most Web browsers have security settings that can help you keep your network safe. Several
will warn you if you are about to visit a site known to host malware. You can also adjust settings
such as whether or not your browser will accept cookies or run Java applications.
Disabling cookies, Java and other options will help keep your network safe but it will also affect
your browsing experience. You may not be able to interact with sites the way the webmaster
intended if you turn off these options.
Administrators of commercial computer networks sometimes rely on special software and
hardware called intrusion detection systems (IDS). These systems monitor data traffic across
host computers and networks. A good IDS can compare this data against known malware
patterns and alert the administrator if there's a problem. But that's a solution for a much larger
computer network than your typical home network.
Most anti-virus software won't detect an intruder. But you might discover a malware application
that makes intrusions possible. Run anti-virus software frequently to make sure your system is
safe. You should also be sure to install updates and patches for your operating system as they
become available. These patches may help seal up vulnerabilities on your computer.

Module 1B:-Category Of Cybercrime

Categories of Cybercrime:
Cybercrime could be committed against persons, property, and government. Here we will reveal
about three major categories of Cybercrime.

1. Against Person
Cybercrime done against person includes harassment by sending emails, cyber stalking, cyber
bullying, child soliciting and abuse, and sharing, trafficking, posting of obscene material. Such
cybercrime influence younger generation psychology in an awful manner and threaten them with
weakening their growth. Cybercrime breaks user privacy and leave irreparable scars on users if
not controlled.

2. Against Property

meraj
Cybercrime against property includes cybercrime vandalism that can be done by
spreading harmful programs to steal database of other organizations with the help
of corporate cyber spy. Theft of persons details, misuse credit card, running a fraud to
take away money from users is some instances of cybercrime against property.
3. Against Government

When cyber attacker cracks government website, military website, then such type of crimes
come under Against Government class of cybercrime. Even such crime happens by circulating
false information with a reason to spread terror among people of that particular country.

Criminal Hackers Planning Cyber Attacks

Cyber-criminals are planning their "hits" more carefully and the attacks are lasting
longer than ever - and many New Zealanders are leaving themselves exposed to
cyber threats on their computers, mobiles and social networks.
An internet security report, released last night, by software company Symantec into
cyber attacks has revealed the lengths some people go to to evade security to
obtain personal information and devise new ways of breaching privacy.

Some of those impacts are:

IT resources: Internal IT departments must devote time and resources to respond to the
attacks, prevent further attacks, and help to address concerns from internal sources,
business partners and customers. Such incidents also may require substantial capital
expenditures to protect against future incidents, e.g., upgrades and patch management.
Transaction reconciliation: Resources must be assigned to reconcile business
activities that occurred during the attack, such as those involving online transactions.
Lost business/customers: Present customers may cease transacting business with the
DDoS target because of the incident and attendant inconvenience, at least until they are
reassured about the safety and integrity of the system.
Loss of potential business: This is largely unknowable, but potential customers may
take business elsewhere as a result of the attack, perceived ineffective response to the
attack, and/or resulting negative publicity.
Reputational damage: There may be a reputational impact with the public, regulators
and customers.
Extraordinary expenses: Internal costs, as well as fees and expenses of outside
professionals and contractors retained to assist in responding to the attack and its
aftermath.

meraj
Passive Attack
A passive attack, in computing security, is an attack characterized by the attacker listening in on
communication. In such an attack, the intruder/hacker does not attempt to break into the system
or otherwise change data.

active attack
In computer security, persistent attempt to introduce invalid data into a system,
and/or to damage or destroy data already stored in it. In many countries, it is
a criminal offense to attempt any such action. See also denial of service
attack and passive attack.

Active vs. Passive Attacks

A passive attack is one in which the intruder eavesdrops but does not modify the
message stream in any way. An active attack is one in which the intruder may transmit
messages, replay old messages, modify messages in transit, or delete selected
messages from the wire. A typical active attack is one in which an intruder impersonates
one end of the conversation, or acts as a man-in-the-middle

Cyberstalking
Cyberstalking is a criminal practice where an individual uses the Internet to systematically
harass or threaten someone. This crime can be perpetrated through email, social media, chat
rooms, instant messaging clients and any other online medium. Cyberstalking can also occur in
conjunction with the more traditional form of stalking, where the offender harasses the victim
offline. There is no unified legal approach to cyberstalking, but many governments have moved
toward making these practices punishable by law.

Module 3:-Tools and Methods used in cyber crime

proxy server
A proxy server, also known as a "proxy" or "application-level gateway", is a
computer that acts as a gateway between a local network (e.g., all the computers at one
company or in one building) and a larger-scale network such as the Internet. Proxy
servers provide increased performance and security. In some cases, they monitor
employees' use of outside resources.

meraj
A proxy server works by intercepting connections between sender and receiver. All
incoming data enters through one port and is forwarded to the rest of the network via
another port. By blocking direct access between two networks, proxy servers make it
much more difficult for hackers to get internal addresses and details of a private
network.
Some proxy servers are a group of applications or servers that block common Internet
services. For example, an HTTP proxy intercepts web access, and an SMTP proxy
intercepts email. A proxy server uses a network addressing scheme to present one
organization-wide IP address to the Internet. The server funnels all user requests to the
Internet and returns responses to the appropriate users. In addition to restricting access
from outside, this mechanism can prevent inside users from reaching specific Internet
resources (e.g., certain web sites). A proxy server can also be one of the components of
a firewall.
Proxies may also cache web pages. Each time an internal user requests a URL from
outside, a temporary copy is stored locally. The next time an internal user requests the
same URL, the proxy can serve the local copy instead of retrieving the original across
the network, improving performance.

Pasword cheaking
is a measure of the effectiveness of a password in resisting guessing and brute-force
attacks. In its usual form, it estimates how many trials an attacker who does not have direct
access to the password would need, on average, to guess it correctly. The strength of a
password is a function of length, complexity, and unpredictabilityUsing strong passwords lowers
overall risk of a security breach, but strong passwords do not replace the need for other
effective security controls.
Trojan horse :_ A Trojan horse, or Trojan, in computing is a generally non-self-replicating type
of malware program containing malicious code that, when executed, carries out actions
determined by the nature of the Trojan, typically causing loss or theft of data, and possible
system harm. The term is derived from the story of the wooden horse used to trick defenders of
Troy into taking concealed warriors into their city in ancientAnatolia, because computer Trojans
often employ a form of social engineering, presenting themselves as routine, useful, or
interesting in order to persuade victims to install them on their computers.

Purpose and use

A Trojan may give a hacker remote access to a targeted computer system. Operations that
could be performed by a hacker, or be caused unintentionally by program operation, on a
targeted computer system include:

meraj

Crashing the computer, e.g. with "blue screen of death" (BSOD)

Data corruption

Formatting disks, destroying all contents

Use of the machine as part of a botnet (e.g. to perform automated spamming or

to distribute Denial-of-service attacks)

Electronic money theft

Infects entire Network banking information and other connected devices

Data theft, including confidential files, sometimes for industrial espionage, and
information with financial implications such as passwords and payment card information

Modification or deletion of files

Downloading or uploading of files for various purposes

Downloading and installing software, including third-party malware and ransomware

Keystroke logging

Watching the user's screen

Viewing the user's webcam

Controlling the computer system remotely

Encrypting files; a ransom payment may be demanded for decryption, as with

the CryptoLocker ransomware

Modifications of registry

Using computer resources for mining cryptocurrency

Linking computer to Botnet

Using infected computer as proxy for illegal activities and attacks on other computers.