Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Cyber Crime
2022-03-12 15:21:41

Cyber Crime

Cybercrime is a crime related to the internet, computer, or any other technology recognized by the Information Technology Act. The word cyber-crime means internet crime started with the evolution of computer systems. This crime is playing a devastating role in digital and Modern India. In the past few years, India has converted to a new digital India where government, non-government, official, and non-official working has moved to the online platform. Online platform refers to the platform where working takes place on a computer system with the help of internet communication.

It decreases the user's paperwork, time, and effort, but it has various disadvantages with advantages. All the data went on online platforms, and theft by the cyber criminals illegally caused enormous loss to society and the government.

“Cyber-crime referred to the illegal activities purposely initiated by cyber criminals by using computer or internet as a target or a tool or both.”

“Cyber-crime is a hindrance in the independency of using computer and other technology in daily life.”

India is a democratic country with an illiterate percentage of people acting as the main target of cybercriminals. Cybercrime came into existence due to less awareness of exact, proper, and smart use of the computer and internet. We cannot categorize cybercriminals as they can be:-

  • The black hat hackers
  • Unauthorized accesses
  • Educated persons(men, women, children, etc.)
  • Smart thieves
  • Computer geniuses (shifted to illegal works) etc.

Nowadays, various crimes are identified (commercial or non-commercial) such as:-

  • Cyber terrorism: As terrorist does terrorist attack on a human, cyber-terrorists does attack human via using a computer and the internet. These are unlawful, illegal, and threatening attacks against computers and networks to fetch the stored information.
  • Email spoofing is a technique used to trap users by fabricating an email header "From" address. Email is sent from a legitimate email address (not the spammer's address). Email is sent from the forged address but doesn't seem to be a fraud one.
  • Email bombing is the bombarding of the massive number of emails on a particular address to overflow the mailbox. It is a denial of service attack where the server denies the email services due to many emails received in an inbox at the same time.
  • Cyber pornography: Cyber pornography is the major problem nowadays, due to which the government has banned 827 websites containing pornographic content following the order of the Uttarakhand high court. Cyber pornography creates, designs, publishes, and distributes porn (sexual) content using cyberspace. It contains articles, videos, images, and exhibitions of seductive content (sexually explicit acts) that the public considers indecent.

There is no particular definition of pornography because it depends on the vision and thinking of person to person. For some people, it is illegal and abusive, and for some, it is part of the enjoyment.

With the upliftment of technology, hardcopy pornography is digitized and reachable to everyone effortlessly. Cyberspace is used to display, create, publish obscene import material. India has faced lots of negative effects of cyber pornography as people have made it their business and, for more money, ruined the lives of innocent and minor children. The temptation of money raised the level of illegal activities.

  • Cyber defamation: Cyber defamation means defaming a person by using cyberspace. It is most common in today's digital world where an individual's wordings, saying, and videos are altered by unfair means and presented incorrectly to harm the other person's reputation in front of the whole world or others.
  • Cyberstalking is the method of the following someone by using cyberspace or digital means. Cybercriminal harasses and stalks a victim by instant messaging emails, posting messaging in public groups, following social media, etc. Cyberstalking is an offensive crime, and the government has made certain rules for it. Users can complain about it to cyber cell or police. Cyberstalking can be prevented by taking some preventive measures in using social platforms.
  • Other conventional crimes (via internet and computer as a medium for a crime)

Therefore,

“Cyber-crime is the abusive use of the computer technology or Information communication technology and recording of illegal, unauthorized or unethical behaviour regarding the transmission and processing of the data.”

“It is an observed and purposed accident created to trap the people and snatch their personal and professional information or data.”

Some of the examples of cyber are:-

  • Sending and selling of illegal items online
  • Online stealing and intercepting of data
  • Playing illegal games (gambling)
  • Capturing biometric information (fingerprint and face detection)
  • Interfering in the operating system by compromising the network security
  • Producing, processing, and soliciting child pornography
  • Malware, worms, and virus attacks
  • Illegal accessing of the login information

Evolution and history of cybercrime

Cybercrime hasn't come into existence with the development of the first computer as it was large in size and unmanageable. But when IBM launched 'personal computer', which was cheap and affordable for quick data access and manipulation created a way to crime.

After starting the internet by the US department of defense after World War II, the internet became a rage worldwide. India started the internet in 1995, and in 1998 government has opened the market for private operators. After China, India is the world's second-largest user of the internet. First, cyber-crime was noticed in 1820, when Joseph-Marie (textile manufacturer) produced the loom. They record the repetition of a series of steps in weaving special fabric.

Further in the 1980s, when businesses became more dependent upon computers, they faced computer crime violations. In this 21st century, cybercriminals are educated and well-trained in technology that easily encrypts the data. In our day-to-day life entire population uses computer technology today and serves as a wonderful experience. Small and large businesses, shop owners, vendors, etc., use the online payment system to boost their business. Computer technology eases life and opens the doors of conveniences and new doors to cyber-crimes and criminals.

Characteristics of cybercrime

Cybercrime is not marked as a traditional crime where the probability of catching the thief is more than in technology-based crimes. So to deal with and detect cybercriminals or cyber-crime, one should keep these points in mind:-

People have specialized knowledge.

Cybercriminals attempt cyber-crime with the involvement of technology; therefore, an illiterate person cannot do this. Therefore, cyber-crime requires a skilled person who very well knows the functioning of the computer and the internet. In cyber-crime, committing a crime is not enough; instead of it, how to protect themselves from capturing needs special skills.

The virtual world

All the cyber activity is committed in cyberspace, a virtual space of the computer world. Cyber-criminal does not present physically there; it conducts the task inside cyberspace by sitting outside (anywhere around the world).

About geographical changes

For attempting cyber-crime, the geographical boundaries have been reduced to zero. Cyber-criminal can commit crimes from any corner of the world and attack any person, organization, company, or government worldwide. Criminals need technical knowledge, a computer, and the internet.

The magnitude of the crime is unimaginable.

The loss that occurs form cyber-crime is unbearable, uncountable, and beyond the imagination of humans. Loss includes injury, financial loss, and loss of life. Cybercrime has a wide range of destruction. Therefore, it can destroy websites and steal data of the organizations or companies within seconds. Crimes like child pornography and cyber terrorism spread virtually and physically throughout the world, resulting in unimaginable destructions.

Collection of evidence

Yet cyber-crime is conducted in cyberspace. That's why it does not leave any evidence to find the culprit. It is difficult to find a piece of evidence against any cybercrime because, with one click, illegal hackers can destroy the whole system and steal confidential information. Cyber-criminal can easily relocate their single within seconds and deviate from the cops.

Classification/ Types of cybercrime

With the tremendous growth in cyber-crime, it falls under two categories:

  1. Cybercriminals that performs target based activity
  2. Cybercriminals that commit a crime by using computers and technology

These are the common types of cyber-crime evolving around us:-

Internet and Email fraud

These are the most common cybercrime everyone faces being a user of the internet. Illegal, spam, and fraud emails are easily sent to the users, and with one click, criminals can access their information and take their details.

Cyber extortion

The main purpose of this cyber-crime is money. Here users, the government, or an organization are threatened to prevent themselves from cyber-attack by giving demanded money.

Crypto-jacking

In this type of crime, hackers mine cryptocurrency using unknown resources.

Cyber espionage

In this type of crime, hackers illegally access and authorize government or company data.

Financial fraud

Most companies and organizations feed wrong information (online) to save their taxes, which is also a financial fraud. This is the basic reason for cyber-crime, where the hackers hack bank accounts by keeping an eye on the user's login credentials. Hackers ask permission from the user by various means, and once they hold it, they swipe all the money.

Identity fraud

As we know, all human personal information is stored on government sites (online platforms). This is the easiest medium for hackers to hack the website, steal personal identity information, and use it illegally.

Methods of protection against cybercrime

The operating system must be updated with a regular interval of time

The user operating system must be updated at regular intervals to ensure the benefit of the latest security patches to protect the computer.

Use of the best antivirus software

Antivirus is the necessity to provide cyber security to the system. It scans, detects, and removes threats from the system before raising a problem. Antivirus warns about the threat with a pop-up notification; therefore, it should be updated to achieve the best level of protection. There are various antivirus available in the market (paid or unpaid) such as Avast, Norton, Kaspersky Total security, etc.

Strong and unidentified passwords

Most confidential information is stolen by hacking users' passwords and login credentials. So to avoid this, the user must use a strong and unidentified password, i.e., difficult to crack.

Email protection

Google provides email protection features. Mails are a basic necessity for working officially, and they hold the user's personal information. Hackers send fraud or spam emails; by clicking on them, they can access the user's email account, called phishing.

Stop unauthorized access

Don't disclose your access information to anyone else or keep an eye on your mail, phone number, and bank accounts.

Not to reveal personal information unless secure.

One shouldn’t reveal or share personal information with anyone, even with family members (unless required).

Not to click on untrusted links and websites.

Not every pop-up link on the website is worth it or useful. Some links are knowingly created to fetch the data. So one must read and understand the wording of the link. If you don’t trust then don’t click it.

Before accessing, read the instruction carefully.

When we use some websites or work on the internet, we must read all the given information and then say yes to anything.

Instantly raise a complaint against any suspicious message or alerts form the company or outside the company.

You must know which organization and company have your information and must keep tracking your records. Users must pay attention to each message and alert sent from the company, and if something is found suspicious, immediately respond to it. They must consult the bank so that bank can investigate whether they are fraudulent.

Continuous checking and updation of the bank account

Customer must not share their credit card or debit card details with anyone. The Card number, ATM PIN and CCV should be protected by unfair means.

Keep a mindful eye on the website URL you visit.

The URL you are visiting must be secure as hackers had made various duplicate sites the same as the original one (especially bank sites).

Not to reveal OTP and bank details to random callers

This is one of the most common attacks to clear the bank balance. Attackers call the user on their mobile number on behalf of the bank and ask for their bank credentials. Moreover, they send a one-time password to the mobile number and ask the customer to click. Once customer Shares their OTP, they clear their bank balances (in one swipe or installments).

Not to open attachments and links in spam emails.

The most common cyber-attack is the malware attack, where a virus is sent via email attachments in spam emails. So there is no need to open such an attachment from an unauthorized or unknown sender.