cyber threats n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Cyber Threats PowerPoint Presentation
Download Presentation
Cyber Threats

Loading in 2 Seconds...

play fullscreen
1 / 86

Cyber Threats - PowerPoint PPT Presentation


  • 154 Views
  • Uploaded on

Cyber Threats. Ibrahim Salim Dept. of Computer Applications, MES College Marampally. Why we about study Cyber Crime. Everybody is using COMPUTERS .. From White Collar Criminals to Terrorist Organizations and from Teenagers to Adults New generation is growing up with computers

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Cyber Threats' - morag


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
cyber threats

Cyber Threats

Ibrahim Salim

Dept. of Computer Applications, MES College Marampally

why we about study cyber crime
Why we about study Cyber Crime
  • Everybody is using COMPUTERS..
  • From White Collar Criminals to Terrorist Organizations and from Teenagers to Adults
  • New generation is growing up with computers
  • Monetary transactions are moving on to the INTERNET
what is cyber crime
What is cyber crime?
  • All crimes performed or resorted to by abuse of electronic media or otherwise, with the purpose of influencing the functioning of computer or computer system.
  • COMPUTER CRIME is any crime where
    • Computer is a target.
    • Computer is a tool of crime
    • Computer is incidental to crime

Computer crime can be defined as crime against an organization or an individual in which the perpetrator of the crime uses a computer or computer enabled technology for all or part of the crime

cyber crime
Cyber crime
  • Computer evidence can also be found in computer non-essential crime like murder, fraud, theft, forgery, rape etc.
  • Computer System can be a victim , tool or a witness in the crime
  • Interpol has broadly divided the computer crime in to different categories
interpol grouping
Interpol grouping
  • Category I : Unauthorized access Interception
    • Hacking
    • Interception
    • Time theft
  • Category II : Alteration of Computer Data
    • Logic Bomb
    • Trojan horse
    • Virus
    • Worm
    • Data diddling
    • Salami technique
    • Trap doors
    • Data Leakage
slide6

Category III : Computer Related Frauds

    • Cash Dispensers
    • Computer Forgery
    • Program Manipulation
    • Program piracy
    • Fraud at Payment Points
  • Category IV : Unauthorized reproduction
    • Software Piracy
  • Category V : Computer Sabotage
    • Hardware sabotage
    • Software sabotage
slide7

Category VI : Miscellaneous Computer Crimes

    • Theft of Trade secrets
    • Distribution of anti social material
    • Evades dropping and spying
    • Masquerading
    • Piggybacking and Tail gating
    • Scavenging and reuse
    • Scanning
    • Asynchronous attacks
    • Computer component thefts
proof
Proof
  • Computer generated document is also be considered as original.
    • Electronic record is also physical evidence that can be collected ,seized and analyzed using special tools called forensic tools comprising Hardware and Software
  • With forensic tool it is possible that no data is added or deleted from the suspect storage media during the forensic analysis.
  • It is possible to retrieve the electronic records though they are deleted using operating system.
crime
Crime…..
  • Crime itself has some essential elements to bring within the framework of crime.
  • Actus Reus
  • Mens Rea
  • In cyber crime it is easier to identify that the crime has been committed but difficult to prove it.

There should be an act which is a result of human conduct. It is the result that the law tries to prevent

Act should be accompanied with a state of guilty mind

it act
IT Act
  • The Information Technology Act 2000 (ITA-2000)(IT ACT) is an Act of the Indian Parliament (No 21 of 2000) notified on October 17, 2000.
  • The UN General Assembly has adopted the Model Law on Electronic Commerce on 30 January
  • Following the UN Resolution India passed the Information Technology Act 2000 in May 2000 and notified it for effectiveness on October 17, 2000.
  • The Information technology Act 2000 has been substantially amended through the Information Technology Amendment Act 2008 which was passed by the two houses of the Indian Parliament on December 23, and 24, 2008.
  • Information technology Act 2000 consisted of 94 sections segregated into 13 chapters. Four schedules form part of the Act.
  • In the 2008 version of the Act, there are 124 sections (excluding 5 sections that have been omitted from the earlier version) and 14 chapters. Schedule I and II have been replaced. Schedules III and IV are deleted.
it act1
IT ACT..
  • ITAA 2008 (Information Technology Amendment Act 2008) as the new version of Information Technology Act 2000 is often referred has provided additional focus on Information Security. It has added several new sections on offences including Cyber Terrorism and Data Protection.
  • A set of Rules relating to Sensitive Personal Information and Reasonable Security Practices (mentioned in section 43A of the ITAA, 2008) was released in April 2011
criticism
Criticism
  • The amendment was passed in an eventful Parliamentary session on 23rd of December 2008 with no discussion in the House.
  • Some of the cyber law observers have criticized the amendments on the ground of lack of legal and procedural safeguards to prevent violation of civil liberties of Indians.
  • There have also been appreciation about the amendments from many observers because it addresses the issue of Cyber Security.
  • Section 69 empowers the Central Government/State Government/ its authorized agency to intercept, monitor or decrypt any information generated, transmitted, received or stored in any computer resource if it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence or for investigation of any offence.
  • They can also secure assistance from computer personnel in decrypting data (see mandatory decryption), under penalty of imprisonment
penalty for damage
Penalty for damage
  • Section 43 deals with the penalties for damage done to a computer ,computer system or Computer Network or Computer Recourses(from now onwards Cyber Commodities)
  • If any person does not take permission from the owner or a person in charge of a computer and accesses or secure accesses to cyber commodities
  • If a person disrupts or causes disruption of any cyber commodities or if he denies or causes the denial of access to a cyber commodities by any means.
  • He may also try to provide any assistance to any person to facilitate access to any cyber commodities.
  • If he charges the service availed of by a person to the account of another person by tampering with or manipulating any cyber commodities.
slide15

If he destroys deletes or alters any information in the computer resource or diminishes its value or utility or affects it injuriously by any means like steeling , concealing, destroying or altering or causes any person to steal.,.,..any computer source code used for a computer resource with an intention to cause damage.

  • Under all the above mentioned circumstances the person has to pay for the damage to the affected person by way of a compensation not exceeding one crore rupees
tampering with source code sec 65
Tampering with Source code : Sec 65
  • “Computer Source Code" means the listing of programmes, computer commands, design and layout
  • Most important asset of software companies
  • Efforts or actions or commands given to a computer to alter /destroy in such a way that they cannot be used by the owner.
  • Whether intentional or mischievous act but punishable
  • The organizations should register its Source Code else it becomes difficult to prove the particular source code was their property.
hacking sec 66
Hacking : Sec 66
  • Hacking in simple terms means illegal intrusion into a computer system without the permission of the computer owner/user.
  • Latest development Hacking Wi-Fi
  • When a person dishonestly or frequently acts according to the act referred in Section 43 of this Act , he shall be liable for punishment
hacking
Hacking..
  • Section 66(A) prescribes punishment for sending offensive messages through computer resources or any communication device
  • Mens Rea :- with an ill intention of causing annoyance ,inconvenience danger obstruction ,insult , injury, criminal intimidation ,enmity , hatred and ill will.
section 66 b c
Section 66(B) && (C)
  • Person who knowingly receives or retains stolen computer resource or communication device.
  • When a person fraudulently and dishonestly uses another person’s unique identification features like electronic signature or password he attracts punishment.
section 66 d e
Section 66(D) && (E)
  • 66 D :- Impersonating somebody else if a person cheats via a computer
  • 66 E :- describes punishment for violating the privacy of a person by intentionally or knowingly capturing ,publishing or transmitting the image of a private area of any person without his/her consent.
section 66 f cyber terrorism
Section 66 F Cyber Terrorism
  • Who ever ,-
    • With intent to threat the unity ,integrity , security or sovereignty of India or to strike terror in the people or any section of the people by-
      • Denying or cause denial of access to any person authorized to access the computer resource or
      • Attempting penetrate or access a computer recourse without authorization
      • Introducing or causing to introduce any computer contaminant.
section 66 f cyber terrorism1
Section 66 F Cyber Terrorism
    • Knowingly or intentionally penetrates or access computer resource and by means obtain access to data that is restricted for reasons of the security of the state or foreign relations or cause injury to public order decency or morality in relation contempt of court etc.
  • Who ever commits or conspires to cyber terrorism shall be punishable.
section 67 describes
Section 67 describes
  • punishment for a person publishes or transmits material that contain sexually explicit act or conduct in electronic form.
  • To prevent child pornography Act has given a separate section.
  • Section 67(B) deals with the punishment for publishing or transmitting of material depicting children in sexually explicit act in electronic form.
computer related offences
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
computer related offences1
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
slide26

Modifier is not entitled to do so or doesn’t have the consent of any person who can be entitled for it.

computer related offences2
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
slide28

Virus is a self replicating program which spreads throughout a computer system, attaching copies of itself to ordinary programs.

  • Popular computer viruses
  • Adware
  • Spyware
  • Denial of service
  • Spam mails
  • Botnet
  • Fast flux
virus
Virus
  • Malicious software that attaches itself to

other software..

    • Virus,
    • worms
    • Trojan Horse
    • Time bomb
    • Logic Bomb
    • Rabbit
    • Bacterium
computer related offences3
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
slide31

A male doctor took out naked videos during massage session and while conducting various beauty therapies , after that he showed the clipping to her and black mailed for have sex with him.

  • During this time too he took the video and then started distributing CDs for money.
denial of service attack
DENIAL OF SERVICE ATTACK
  • This is an act by the criminal who floods the bandwidth of the victim’s network or fill's his e-mail box with spam mail depriving him of the services he is entitled
computer related offences4
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
slide37

In forgery and counter feting of data the best example to cite will be when a person learns of a computer software and later detaches himself from organization to make copies of this popular package ,dressing them up to look like original and selling them.

computer related offences5
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
pornography
Pornography
  • Pornography is the first consistently successful ecommerce product.
  • The IT Act (Amendment) 2008,comes heavily on pornography via computer or electronic form.
  • When people who see or hear the matter contained and embodied in an electronic medium are exposed to any material which is lascivious and has its effect on them so that it depraves or corrupts the minds of the persons, such publisher of such material is liable for punishment under section 67.
predation
Predation
  • The likelihood of a young person being harmed by an online stranger in this way is quite rare, and most sexual solicitations are from peers.
  • The overwhelming majority of crimes against youth continue to take place in the “real world,” mostly by adults known to the children.
  • Just as in the real world, it’s neither possible nor desirable to completely isolate young people from adults, so the best protection against this type of manipulation and exploitation is critical thinking

Sex offenders who use the Internet to seek underage victims

have been widely characterized as “online predators.”

computer related offences6
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
computer related offences7
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
computer related offences8
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
computer related offences9
Computer related offences
  • Unauthorized modification of data
  • Computer viruses
  • Blackmail
  • Forgery
  • Pornography
  • Threatening emails
  • Identity theft
  • Suppression of data
  • Program frauds
  • Fake profile
  • Bank fraud
slide45

Lots of financial frauds has been committed with the help of identity theft.

  • Here the hacker comes to know the personal details of the victim an places himself in place and performs all the fraudulent activities.
  • One person modified the Kerala PSC admit card.
  • Installing key logging software in cyber cafes: avoid usage of transaction accounts at public place
slide46

Nigerian fraud

  • Program frauds
  • Fake profile :- creating of fake addresses with fake name so as to mislead the victim and at the same time being successful in fraudulent activities.
  • Bank Fraud:- problems with private banks
  • ATMs doesn’t have CCTV
slide55

India has the fastest growing telecom network in the world with its high population and development potential. Airtel , Idea, Reliance, BSNL, Aircel , Tata Indicom, Vodafone, MTNL, and Loop Mobile are other major operators in India. However, rural India still lacks strong infrastructure. India's public sector telecom company BSNL is the 7th largest telecom company in world.

  • The total number of telephone subscribers in the country waThe total number of telephones in the country stands at 885.99 million, while the overall tele-density has increased to 73.97% as of June 30, 2011. and the total numbers of mobile phone subscribers have reached 851.70 million as of June 2011.
  • The mobile tele-density has increased to 71.11 % in June 2011.
  •  In the wireless segment, 11.41 million subscribers were added in June 2011.
  • The wire line segment subscriber base stood at 34.29 million
mobile as evidence
Mobile as evidence
  • Locating a person or tracking person’s movements.
  • Fixing a particular person to a particular location at a particular point of time.
  • Providing contacts and activities of criminals by analyzing call records.
  • E mail list in case phone has Wi-Fi or GPRS
  • Check deleted messages, MMS
  • Videos , Images
  • SIM cards used in that mobile
technology
Technology
  • Mobile phones in India are using basically two main technologies.
    • GSM
    • CDMA
  • It can be a hard choice to choose between CDMA vs. GSM, as both have their own advantages
global system for mobiles
Global system for mobiles
  • An international standard, it is better suited for international roaming.
  • Offers EDGE, allowing for a maximum download speed of 384kbps (around 140kbps in practice). More technologies are being developed on top of EDGE such as HSDPA to boost the transfer rate to over 384kbps in practice.
  • Account information along with contact list and other personal data are stored on a SIM card (Subscriber Identity Module).
  • SIM is a small chip freely remove from the phone.
slide59

Every GSM phone contains a unique identifier (different from the phone number), called the International Mobile Equipment Identity (IMEI).This can be found by dialling *#06#.

  • When a phone contacts the network, its IMEI may be checked against the Equipment Identity Register to locate stolen phones and facilitate monitoring.
  • The international mobile station equipment identity (IMEI) uniquely identifies a mobile station internationally. It is a kind of serial number.
  • The IMEI is allocated by the equipment manufacturer and registered by the network operator and registered by the network operator who stores it in the EIR. By means of IMEI one recognizes obsolete, stolen or non functional equipment.
international mobile station equipment identity imei
International Mobile Station Equipment Identity (IMEI)
  • Type Approval Code (TAC) : 6 decimal places, centrally assigned.
  • Final Assembly Code (FAC): 6 decimal places, assigned by the manufacturer.
  • Serial Number (SNR): 6 decimal places, assigned by the manufacturer.
  • Spare (SP): 1 decimal place.

IMEI = TAC + FAC + SNR + SP

  • It uniquely characterizes a mobile station and gives clues about the manufacturer and the date of manufacturing.
international mobile subscriber identity imsi
International Mobile Subscriber Identity ( IMSI)
  • Each registered user is uniquely identified by its international mobile subscriber identity (IMSI).
  • It is stored in the subscriber identity module (SIM)
  • A mobile station can only be operated if a SIM with a valid IMSI is inserted into equipment with a valid IMEI.
  • There are following parts of an IMSI:
    • Mobile Country Code (MCC): 3 decimal places, internationally standardized.
    • Mobile Network Code (MNC): 2 decimal places, for unique identification of mobile network within the country.
    • Mobile Subscriber Identification Number (MSIN): Maximum 10 decimal places, identification number of the subscriber in the home mobile network.
code division multiple access
Code Division Multiple Access
  • It is mostly used in America and some parts of Asia. It is currently making progress in other parts of the world, but the coverage is still limited compared to the GSM technology.
  • CDMA provides best data transfer technology by its EVDO technology.
    • Maximum download speed of about 2mb/s (about 700kbps in practice), which is similar to what a DSL line has to offer.
    • EVDO is not available everywhere yet and requires a cell phone that is EVDO ready.
  • Account information is programmed into your cellular phone. If you want to change your phone, you have to contact your carrier and have them reprogram your new phone.
cdmaone
cdmaOne
  • Interim Standard 95 (IS-95) is the first CDMA-based digital cellular standard by Qualcomm. The brand name for IS-95 is cdmaOne.
  • It is a 2G Mobile Telecommunications Standard that uses CDMA, a multiple access scheme for digital radio, to send voice, data and signalling data (such as a dialled telephone number) between mobile telephones and cell sites.
  • CDMA or "code division multiple access" is a digital radio system that transmits streams of bits .
  • CDMA permits several radios to share the same frequencies. Unlike TDMA "time division multiple access", a competing system used in 2G GSM, all radios can be active all the time, because network capacity does not directly limit the number of active radios.
  • Since larger numbers of phones can be served by smaller numbers of cell-sites, CDMA-based standards have a significant economic advantage over TDMA-based standards, or the oldest cellular standards that used frequency-division multiplexing.
cdma2000
CDMA2000
  • CDMA2000 (also known as IMT Multi‑Carrier (IMT‑MC)) is a family of 3G. mobile technology standards, which use CDMA channel access, to send voice, data, and signaling data between mobile phones and cell sites.
  • CDMA2000 has a relatively long technical history and is backward-compatible with its previous 2G iteration IS-95 (cdmaOne).
electronic serial numbers
Electronic serial numbers
  • Electronic serial numbers (ESNs) were created by the U.S. Federal Communications Commission (FCC) to uniquely identify mobile devices especially CDMA.
  • The first 8 bits of the ESN was originally the manufacturer code, leaving 24 bits for the manufacturer to assign up to 16,777,215 codes to mobiles.
mobile evidences
Mobile evidences
  • Evidence that can be potentially recovered by law enforcement agents from a mobile phone may come from several different sources, including SIM card, Handset and attached memory cards.
  • Traditionally mobile phone forensics has been associated with recovering SMS and MMS messaging, as well as call logs, contact lists and phone IMEI/ESN information.
  • Newer generations of smart phones also include wider varieties of information; from web browsing, Wireless network settings, e-mail and other forms of rich internet media, including important data now retained on smartphone 'apps'.
slide70

With the advent of Internet ,glob is now transformed in to a village.

  • No LAN connected in to the internet remains an individual network , no island remains an island.
  • The IT became profitable area for corporate and public sectors.
  • With the trend of industry shifting , the trend in the crime pattern is also shifting from the traditional crimes to Hi-Tech crimes involving hi end technology
  • As every crime inevitably leave evidence , so the crime committing using the networks or on the networks have to be processed properly.
sources of evidence
Sources of evidence
  • Network operating systems such as Windows NT,2000,2003 Server , XP Professional ,Windows 7,Data center UNIX , Linux generates different forms of log file and audit records.
  • In addition to this programs like web and e-mail servers generate their own application logs.
  • All these form the resource of evidence for the crime.
windows event logs
Windows event logs
  • In windows OS various events are logged
    • System events
    • Application events
    • Security events
  • Security logs contain information relating to log on ,log off events , file manipulation and other resource access events.
internet information server
Internet Information Server
  • MS’s IIS is widely used to provide information via HTTP and FTP.
  • Each time a file is accessed IIS records information such as time , file name and client IP address
email header
Email Header
  • Through email header we get information that every mail contains details about sender, rout and receiver.
  • But sender can partially fake these details
they are watching you
THEY ARE WATCHING YOU
  • Terrorists use websites to actively recruit members and publicize propaganda as well as to raise and transmit funds.
  • Their website also contain information to construct weapons , obtain false identification.
  • There are different departments in India to tackle and monitor the events in communication.
  • CBI started
    • Cyber Crimes Research and Development Unit,
    • Cyber Crime Investigation Cell,
    • Cyber Forensics Laboratory and Network Monitoring Center
  • National Technical research Organization under PMO monitors gathers intelligence and keeps a watch on emerging and imminent cyber threats
cyber terror in india
Cyber terror in India
  • In 26/11 Mumbai attack terrorists used Google Earth ,internet telephony , satellite phones and online data to execute the deadly attack.
  • They used USA virtual number and other five Australian direct Inward dialing with an Australia country code.
  • Terrorists attacked parliament on Dec 13 2001 also used Stegnography images for transmitting their mails in encrypt form over internet
  • Investigation of recent attack in Delhi High court is revolving around three emails send from Kashmir and Gujarat
why it is attractive
Why it is attractive
  • Cheaper then traditional terrorist methods.
    • All that the terrorist needs is a PC and online connection
    • They don’t need expensive weapons, create and deliver computer viruses through telephone line ,cable or wireless connection.
  • Anonymous than traditional terrorist methods.
    • Use online nicknames
    • Log on website as guest / unidentified user.
    • There is no physical barrier such as checkpoints to navigate, no borders to cross and no customs agents to outsmart in cyberspace
slide80

Variety and number of targets are enormous

    • The cyber terrorist could target the computers and computer networks of governments ,individuals, public utilities private airlines and so forth.
  • Attack from isolated portion
    • It requires less physical training, psychological investment ,risk of mortality, and travel than conventional forms of terrorism ,making it easy to terrorist organization to recruit and retain followers.
india s rank
India’s rank
  • The McAfee Report (global) on ‘confronting the cyber attacks”, has cited India where it found 60% of respondents having been made victims of extortion, reflecting more on costs and cyber attacks made on critical forms of infrastructure, involving losses during 2009 and 2010.
  • India ranked 4th in the matter of lowest levels of security adopted to check such mean attacks, after Brazil, France and Mexico.
  • Critical infrastructure relates to computers run on power grids, railways and nuclear energy plants that attract as strong target for criminal threats, industrial espionage, and politically motivated sabotage.
  • India is one of the global 14 countries covered by the survey.
slide82

Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. This is similar to Fishing, where the fisherman puts a bait at the hook, thus, pretending to be a genuine food for fish

  • E-mail spoofing is e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. Because core SMTP doesn't provide any authentication, it is easy to impersonate and forge emails.
how to protect your child from internet
How to protect your child from internet
  • Nishad abdulkareem
  • Call me in 8547443643
  • an.nishad@gmail.com
references
References
  • http://billmullins.wordpress.com/2008/01/01/how-to-protect-your-children-on-the-internet-20-tips/
  • TRENDS IN ARRESTS OF “ONLINE PREDATORS”-Research report conducted by CRIMES AGAINST RESEARCH CENTER USA
  • http://keralapolice.org/
  • http://www.tutorialspoint.com/gsm/gsm_addressing.htm