CYBER

SECURITY
MODULE -2
A cybercriminal is a person who uses his skills in technology to do malicious acts and illegal activities
known as cybercrimes. They can be individuals or teams.
Different reasons for the big increase in cybercrimes:

- Vulnerable devices:
The lack of efficient security measures and solutions introduces a wide range of vulnerable devices
which is an easy target for cybercriminals.

- Personal motivation:
Cybercriminals sometimes commit cybercrimes as a kind of revenge against someone they hate or have
any problem with.

- Financial motivation:
The most common motivation of cybercriminals and hacker groups, most attacks nowadays are
committed to profit from it.
Two Main Types of Cyber Crimes
- Targeting computers
This type of cybercrimes includes every possible way that can lead to harm to computer devices for
example malware or denial of service attacks.
- Using computers
This type includes the usage of computers to do all the classifications of computer crimes.
Classifications of Cybercrimes
Cybercrimes in general can be classified into four categories:

1. Individual Cyber Crimes:

This type is targeting individuals. It includes phishing, spoofing, spam, cyberstalking, and more.

2. Organisation Cyber Crimes:

The main target here is organizations. Usually, this type of crime is done by teams of criminals including malware
attacks and denial of service attacks.

3. Property Cybercrimes:
This type targets property like credit cards or even intellectual property rights.

4. Society Cybercrimes:
This is the most dangerous form of cybercrime as it includes cyber-terrorism.
TYPE 1- Where computer is the target of Criminal Activity A.
A. unauthorized access (hacking)
Unauthorized access is when someone gains access to a website, program, server, service, or other system using
someone else's account or other methods. For example, if someone kept guessing a password or username for an
account that was not theirs until they gained access, it is considered unauthorized access.

Unauthorized access could also occur if a user attempts to access an area of a system they should not be
accessing. When attempting to access that area, they would be denied access and possibly see an unauthorized
access message.

Some system administrators set up alerts to let them know when there is an unauthorized access attempt, so that
they may investigate the reason. These alerts help stop hackers from gaining access to a secure or confidential
system. Many secure systems may also lock an account with too many failed login attempts.
B. Malicious Code
A malicious code attack refers to the deployment of harmful software or scripts designed to cause unwanted
outcomes, compromise security, or inflict damage on a system. This broad category encompasses various cyber
threats such as viruses, worms, Trojans, backdoors, and malicious active content.

1.Virus
A computer virus is a type of malicious software, or malware, that spreads between computers and causes damage
to data and software.
Computer viruses aim to disrupt systems, cause major operational issues, and result in data loss and leakage. A key
thing to know about computer viruses is that they are designed to spread across programs and systems. Computer
viruses typically attach to an executable host file, which results in their viral codes executing when a file is opened. The
code then spreads from the document or software it is attached to via networks, drives, file-sharing programs, or
infected email attachments.
Common Signs of Computer Viruses
Speed of System
A computer system running slower than usual is one of the most common signs that the device has a virus. This
includes the system itself running slowly, as well as applications and internet speed suffering. If a computer does not
have powerful applications or programs installed and is running slowly, then it may be a sign it is infected with a
virus.

Pop-up Windows
Unwanted pop-up windows appearing on a computer or in a web browser are a telltale sign of a computer virus.
Unwanted pop-ups are a sign of malware, viruses, or spyware affecting a device.

Programs Self-executing
If computer programs unexpectedly close by themselves, then it is highly likely that the software has been infected
with some form of virus or malware. Another indicator of a virus is when applications fail to load when selected from
the Start menu or their desktop icon. Every time that happens, your next step should be to perform a virus scan and
remove any files on programs that might not be safe to use.

.
Accounts Being Logged Out
Some viruses are designed to affect specific applications, which will either cause them to crash or force the user to
automatically log out of the service.

Crashing of the Device

System crashes and the computer itself unexpectedly closing down are common indicators of a virus. Computer
viruses cause computers to act in a variety of strange ways, which may include opening files by themselves, displaying
unusual error messages, or clicking keys at random.

Mass Emails Being Sent from Your Email Account

Computer viruses are commonly spread via email. Hackers can use other people's email accounts to spread malware
and carry out wider cyberattacks. Therefore, if an email account has sent emails in the outbox that a user did not send,
then this could be a sign of a computer virus
Changes to Your Homepage
Any unexpected changes to a computer—such as your system’s homepage being amended or any browser settings
being updated—are signs that a computer virus may be present on the device

2. Trojan
A Trojan horse is a type of program that pretends to be something it is not to get onto a device and infect it with malware.
Therefore, a Trojan horse virus is a virus disguised to look like something it is not. For example, viruses can be hidden
within unofficial games, applications, file-sharing sites, and bootlegged movies.
3. Logic bombs

Logic bombs are malicious code segments embedded within legitimate software that activate under specific
conditions, such as a certain date or event. Once triggered, logic bombs can cause significant damage, including
data corruption, system crashes, or the deletion of crucial files.
For example, a programmer may hide a piece of code that starts deleting files (such as a salary database
trigger), should they ever be terminated from the company.

4. computer worm
A computer worm is a subset of the Trojan horse malware that can propagate or self-replicate from
one computer to another without human activation after breaching a system. Typically, a worm
spreads across a network through your Internet or LAN (Local Area Network) connection.
The malware is known as "Android Worm" enters users' phone as a message and then infects their
contact list without them knowing anything about it. WhatsApp is often used by cybercriminals to send
infected messages to users and get access to their sensitive information or disable their account
completely
Cybercriminals frequently use Facebook and Facebook Messenger to spread viruses, worms, and other
malware. Most popularly, they hijack user accounts and spam their friends list with links leading to malicious
domains
How does a computer worm spread?
Phishing: Fraudulent emails that look authentic can carry worms in corrupt attachments. Such emails may
also invite users to click malicious links or visit websites designed to infect users with worms.
Spear-Phishing: Targeted phishing attempts can carry dangerous malware like ransomware cryptoworms.
Networks: Worms can self-replicate across networks via shared access.
Security holes: Some worm variants can infiltrate a system by exploiting software vulnerabilities.
File sharing: P2P file networks can carry malware like worms.
Social networks: Social platforms like MySpace have been affected by certain types of worms.
Instant messengers (IMs): All types of malware, including worms, can spread through text messages and IM
platforms such as Internet Relay Chat (IRC).
C. Interrupting of Computer Services
1.disrupting computer service
Malicious software that is created and deployed with the intent of damaging and disrupting critical
business functions. The most frequent example, Ransomware, is used by cyber criminals to
cryptographically lock and hold files and/or access to computer resources for a monetary ransom.
Additional forms of disruptive malware include cryptojacking or using an unauthorized computer to mine
cryptocurrency, and any unauthorized software that enables unauthorized control, degradation, or loss of
service to a system or computing resource. Disruptive Malware can have a long and lasting effect on
business operations.
2. Denying of Computer Service
denial of service attack (DoS attack), type of cybercrime in which an Internet site is made unavailable,
typically by using multiple computers to repeatedly make requests that tie up the site and prevent it from
responding to requests from legitimate users.
Distributed DoS (DDoS) attacks are a special kind of hacking. A criminal salts an array of computers with
computer programs that can be triggered by an external computer user. These programs are known as
Trojan horses since they enter the unknowing users’ computers as something benign, such as a photo or
document attached to an e-mail. At a predesignated time, this Trojan horse program begins to send
messages to a predetermined site. If enough computers have been compromised, it is likely that the
selected site can be tied up so effectively that little if any legitimate traffic can reach it
D.Theft and Misuse of Services Most Common Cyber Crimes

1. Phishing and Scam:

Phishing is a type of social engineering attack that targets the user and tricks them by sending fake messages
and emails to get sensitive information about the user or trying to download malicious software and exploit it on
the target system.

2. Identity Theft
Identity theft occurs when a cybercriminal uses another person’s personal data like credit card numbers or
personal pictures without their permission to commit a fraud or a crime.

3. Ransomware Attack
Ransomware attacks are a very common type of cybercrime. It is a type of malware that has the capability to
prevent users from accessing all of their personal data on the system by encrypting them and then asking for a
ransom in order to give access to the encrypted data.

4. Hacking/Misusing Computer Networks

This term refers to the crime of unauthorized access to private computers or networks and misuse of it either by
shutting it down or tampering with the data stored or other illegal approaches.
5. Internet Fraud
Internet fraud is a type of cybercrimes that makes use of the internet and it can be considered a general term that
groups all of the crimes that happen over the internet like spam, banking frauds, theft of service, etc.

Type 2 Computer as Tool to commit crime

A. Content Violation
1. One of the most serious forms of pornography-related cybercrime is child pornography. The National
Center for Missing and Exploited Children (NCMEC) reports that the number of reports of suspected child
sexual abuse material online increased by 50% in 2022,
Another form of pornography-related cybercrime is revenge porn. This is when intimate photos or videos
are shared without the consent of the person in the photos or videos.
2. Hate Crimes
Most Internet users are familiar with trolling—aggressive, foul-mouthed posts designed to elicit angry
responses in a site’s comments. Less familiar but far more serious is the way some use networked
technologies to target real people, subjecting them, by name and address, to vicious, often terrifying,
online abuse.
3.Harmful Content
There has been significant attention to the role of certain large content-curators (Facebook, Twitter, YouTube, Tiktok) in
addressing hateful and other harmful speech online

4.Military Service
Stuxnet was a worm that attacked the Iranian nuclear program. It is among the most sophisticated cyber
attacks in history. The malware spread via infected Universal Serial Bus devices and targeted data acquisition
and supervisory control systems. According to most reports, the attack seriously damaged Iran’s ability to
manufacture nuclear weapons.
5.Copyright Infringement
Copyright infringement is the use or production of copyright-protected material without the permission of the
copyright holder. Copyright infringement means that the rights afforded to the copyright holder, such as the
exclusive use of a work for a set period of time, are being breached by a third party. Music and movies are two of
the most well-known forms of entertainment that suffer from significant amounts of copyright infringement.
6.Intellectual Copy Right
The IPR protects these works both in tangible and intangible form. Patent, Copyright, Trademarks,
Trade Secrets, Industrial and Layout Designs, Geographical Indications are intellectual property rights
for which legal remedies are available even for online infringements.
7. Counterfeiting and Forgery
Until recently, creating passable currency required a significant amount of skill and access to technologies
that individuals usually do not own, such as printing presses, engraving plates, and special inks. The advent
of inexpensive, high-quality colour copiers and printers has brought counterfeiting to the masses. Ink-jet
printers now account for a growing percentage of the counterfeit currency confiscated by the U.S. Secret
Service. In 1995 ink-jet currency accounted for 0.5 percent of counterfeit U.S. currency; in 1997 ink-jet
printers produced 19 percent of the illegal cash. By 2014 almost 60 percent of the counterfeit money
recovered in the U.S. came from ink-jet printers. The widespread development and use of computer
technology prompted the U.S. Treasury to redesign U.S. paper currency to include a variety of
anticounterfeiting technologies. The European Union currency, or euro, had security designed into it from the
start. Special features, such as embossed foil holograms and special ribbons and paper, were designed to
make counterfeiting difficult.
 B. Unauthorized alteration of data
1. Identity Theft
Identity theft is the crime of obtaining the personal or financial information of another person to use their
identity to commit fraud, such as making unauthorized transactions or purchases. Identity theft is
committed in many different ways and its victims are typically left with damage to their credit, finances, and
reputation.
2.cyber fraud
Cyber fraud, also known as online fraud or internet fraud is a crime in which someone uses the internet to
steal money. Fraudsters can target the individual and contact them via SMS, call, email, or other ways to get
personal information or send the malicious link to apps or websites to hack into the computer, mobile device,
or network to get sensitive information, such as bank account numbers, credit card details, social security
numbers, and personal information.

3.privacy in cyber security

Data privacy generally means the ability of a person to determine for themselves when, how, and to what
extent personal information about them is shared with or communicated to others. This personal
information can be one's name, location, contact information, or online or real-world behavior
4.sabotage in cyber crime
With regard to computers, sabotage is the deliberate damage to equipment. Infecting a website with malware
is an example of information sabotage. A more extreme example is causing the power grid in a nation to go
down
5.telemarketing fraud
Telemarketing fraud is a crime that occurs through the phone as a way to deceive a victim into believing they can
gain something by paying money. It’s carried out when the criminal manages to get the victim to provide their
most sensitive information such as their financial information or Social Security number.

6.Stock market manipulation is conduct or technique used by stock market entities to fool the
investors by artificially affecting the prices of securities. These entities undertake various measures to
falsely increase or decrease the demand for the securities to represent them as a profitable
investment even when they know securities to be fundamentally flawed. Almost all the entities indulge
in market manipulation for personal gains and exit their positions when their predetermined goals are
achieved.

C.Improper use of Communication

1.cyber harassment

Cyber harassment is a threat via the use of digital technologies. It can take place on social media, messaging
platforms and cell phones. It is a repeated behavior, aimed at threatening, scaring, shaming, and silencing
those who are targeted.
Type of cyber harassment

Cyber-intimidation and harassment fall into one or more of the following categories:

Harassment and stalking: repeatedly sending threats or hurtful messages via messaging platforms or phone
calls.Outing and trickery: engaging someone in instant messaging, tricking him or her into revealing personal and
sensitive information.
Denigration: sending or posting gossip or rumours about a person to damage his or her reputation, friendships or to
disadvantage his or her social inclusion.

In Cyber Stalking, a cyber criminal uses the internet to consistently threaten somebody. This crime is often
perpetrated through email, social media, and the other online medium

online money laundering

Money can be laundered through online auctions and sales, gambling websites, and even virtual gaming sites.
Ill-gotten money is converted into the currency that is used on these sites, then transferred back into real,
usable, and untraceable clean money
spamming
Spam is any kind of unwanted, unsolicited digital communication that gets sent out in bulk. Often spam is sent
via email, but it can also be distributed via text messages, phone calls, or social media. It is generally used by
advertisers because there are no operating costs beyond that of managing their mailing lists.
Cyber extortion occurs when cybercriminals threaten to disable the operations of a target business or
compromise its confidential data unless they receive a payment. The two most common types of cyber
extortion are ransomware and DDoS (Distributed Denial of Service) attacks
Drug Trafficking
the organized cybercrime trade was valued at several billion dollars, while the drug trafficking trade was
valued at around $1 trillion.
key reasons for trafficking
Greater anonymity: With the use of anonymising technologies, such as encryption, VPNs, proxies, etc.,
criminals evade lawful detection as it is difficult to trace and identify perpetrators.
Global outreach: The Internet allows criminals to increase their visibility and reach a wider customer
base. Furthermore, it facilitates anonymous communication between vendor and buyer, obviating the
need for face-to-face interaction.
Easily accessible forum for sharing knowledge and experience: The Internet contains a vast amount of
information about drugs. Harmful knowledge such as drug preparation manuals, methods for acquiring
illegal precursor chemicals, distribution services, money transfer services and concealment procedures
to avoid law enforcement detection is readily available
Social engineering fraud is the term used for a broad range of malicious activities accomplished through
human interactions. It uses psychological manipulation to trick users into making security mistakes or
giving away sensitive information.

Social engineering attacks happen in one or more steps. A perpetrator first investigates the intended
victim to gather necessary background information, such as potential points of entry and weak security
protocols, needed to proceed with the attack. Then, the attacker moves to gain the victim’s trust and
provide stimuli for subsequent actions that break security practices