WordPress Websites for Engineers: Elevate Your Brand
Cybercrime
1. IT ACTS FOR CYBER CRIME
Presented By:
Mayank Garg
2. INTRODUCTION
Any crime that involves a computer and
a network
Criminal’s motive may be to intentionally
harm the reputation of the victim
or
To claim financial profit
3. Categories of Cyber Crime
E-Commerce Network - Suzanne Mello - Nov 5 2004
1. Crimes that directly target
Computers or Devices
2. Crimes that use Computer Networks
to Advance other Ends
4. Cyber Crime
2
Cybercrimes are defined as: "Offences
that are committed against individuals
or groups of individuals with a
criminal motive to intentionally harm the
reputation of the victim or cause physical
or mental harm to the victim directly or
indirectly, using modern
telecommunication networks such as
Internet
5. Categories of Cyber Crime
3
Against Property – Financial crimes – cheating
on-line – illegal funds transfer.
Against Persons – On-line harassment, Cyber
Stalking, Obscenity.
Against Nations – Cyber Terrorism – Damaging
critical information infrastructures
6. In the News…….
o ut o f 5 childre n re ce ive d a se xual
so licitatio n o r appro ach o ve r the
Inte rne t in a o ne -ye ar pe rio d o f
tim e (www. m issing childre n. co m )
Califo rnia warns o f m assive ID
the ft – pe rso naldata sto le n fro m
co m pute rs at Unive rsity o f
Califo rnia, Be rke le y (O ct 21 , 20 0 4
IDG ne ws se rvice )
Micro so ft and Cisco anno unce d a
ne w initiative to wo rk to g e the r to
incre ase inte rne t se curity
(O ct 1 8 , 20 0 4 www. cne tne ws. co m
)
2
8. The New Wild Wild West
More cyber criminals than
cyber cops
Criminals feel “safe”
committing crimes from
the privacy of their own
homes
Brand new challenges
facing law enforcement
Most not trained in the
technologies
Internet crimes span
multiple jurisdictions
Need to retrofit new crimes
to existing laws
3
9. Computer Crime
Computer used to commit
a crime
Child porn, threatening
email, assuming someone’s
identity, sexual harassment,
defamation, spam, phishing
Computer as a target of a
crime
Viruses, worms, industrial
espionage, software piracy,
hacking
4
10. IT Acts for Cyber Crime
7
The IT Act provides legal recognition for
transactions carried out by
means of electronic data interchange, and other
means of electronic
communication, commonly referred to as
"electronic commerce", involving the use of
alternatives to paper-based methods of
communication and storage of Information .The IT
Act facilitates electronic filing of documents with the
Government agencies
11. IPC Acts
8
Sending threatening message by email -Section 506 IPC
Sending defamatory message by email -Section 499 IPC
Bogus websites, cyber frauds, phishing -Section 420 IPC
Hacking -Section 66 of IT Act
Pornography -Section 67 of IT Act
12. Computer Forensics
What is it?
an autopsy of a computer or network to
uncover digital evidence of a crime
Evidence must be preserved and hold up
in a court of law
Growing field – Many becoming
computer forensic savvy
FBI, State and Local Police, IRS,
Homeland Security
Defense attorneys, judges and
prosecutors
Independent security agencies
White hat or Ethical Hackers
Programs offered at major universities
such as URI
http://homepage.cs.uri.edu/faculty/wolfe/cf
5
13. Crimes that use Networks
E-Commerce Network - Suzanne Mello - Nov 5 2004
Cyber stalking
Fraud and identity theft
Information warfare
Phishing scams
14. Uncovering Digital Evidence
Smart Criminals don’t usetheir
owncomputers
Floppy disks
Zip/Jazz disks
Tapes
Digital cameras
Memory sticks
Printers
CDs
PDAs
Game boxes
Networks
Hard drives
6
15. Digital Evidence
Criminals Hide Evidence
Delete their files and emails
Hide their files by encryption,
password protection, or
embedding them in unrelated
files (dll, os etc)
Use Wi-Fi networks and cyber
cafes to cover their tracks
Forensics Uncover Evidence
Restore deleted files and emails –
they are still really there!
Find the hidden files through
complex password, encryption
programs, and searching
techniques
Track them down through the
digital trail - IP addresses to ISPs
to the offender
7
Not obvious…….it’s most likely hidden on purpose
or needs to be unearthed by forensics experts
16. The Crime Scene
(with Co m pute r Fo re nsics)
Similar to traditional crime scenes
Must acquire the evidence while
preserving the integrity of the
evidence
No damage during collection,
transportation, or storage
Document everything
Collect everything the first time
Establish a chain of custody
But also different…….
Can perform analysis of evidence on
exact copy!
Make many copies and investigate
them without touching original
Can use time stamping/hash code
techniques to prove evidence hasn’t
been compromised
8
17. IPC Acts
E-Commerce Network - Suzanne Mello - Nov 5 2004
Sending threatening message by email -Section 506
IPC
Sending defamatory message by email -Section 499
IPC
Bogus websites, cyber frauds, phishing -Section 420
IPC
Hacking -Section 66 of IT Act
Pornography -Section 67 of IT Act
18. TOP CYBER CRIMES THAT
ATTACK BUSINESS
Spam
Viruses/Worms
Industrial Espionage and Hackers
Wi-Fi High Jacking
19. Spam
“Spam accounts for 9 out of every 10
emails in the United States.”
Me ssag e Labs, Inc. , an e m ailm anag e m e nt
and se curity co m pany base d in Ne w Yo rk.
“We do no t o bje ct to the use o f this slang
te rm to de scribe UCE (unso licite d
co m m e rciale m ail), altho ug h we do
o bje ct to the use o f the wo rd “spam ” as
a trade m ark and the use o f o ur pro duct
im ag e in asso ciatio n with that te rm ”
www. ho rm e l. co m
10
20. Can-Spam Act of 2003
11
Controlling the Assault of Non-Solicited Pornography and Marketing
Act (Can-Spam)
Signed into law by President Bush on Dec 16, 2003
Took effect Jan 1, 2004
Unsolicited commercial email must:
Be labeled
Include Opt-Out instructions
No false headers
FTC is authorized (but not required) to establish a “do-not-email”
registry
www.spamlaws.com –lists all the latest in federal, state, and
international laws
21. Spam is Hostile
You pay for Spam, not Spammers
Email costs are paid by email
recipients
Spam can be dangerous
Never click on the opt-out link!
May take you to hostile web site
where mouse-over downloads an
.exe
Tells spammers they found a
working address
They won’t take you off the list
anyway
What should you do?
Filter it out whenever possible
Keep filters up to date
If you get it, just delete the email
12
22. Viruses and Worms
Different types of “ailments”
Viruses
software that piggybacks on
other software and runs when
you run something else
Macro in excel, word
Transmitted through sharing
programs on bulletin boards
Passing around floppy disks
An .exe, .com file in your email
Worms
software that uses computer
networks to find security holes
to get in to your computer –
usually in Microsoft OS!! But
worm for MAC was recently
written
13
23. Hackers are Everywhere
Stealing data
Industrial Espionage
Identity theft
Defamation
Deleting data for fun
A lot of bored 16 year olds late at
night
Turning computers into zombies
To commit crimes
Take down networks
Distribute porn
Harass someone
Ethical/white hat hackers exist too
Help break into networks to prevent
crimes
14
Mafia Boy
24. Wireless Fidelity (Wi-Fi)
Using antennas to create “hot spots”
Hotspots – Internet Access (sometimes free)
Newport Harbor - All the boats in Harbor have internet access
San Francisco Giants Stadium – Surf the web while catching a
game
UMass (need to register, but it’s free)
Cambridge, MA
Philadelphia, PA – just announced – entire city by 2006
15
25. Wi-Fi High Jacking
60-70% wireless networks are wide open
Why are the Wi-Fi networks unprotected?
Most people say “Our data is boring”
But… criminals look for wireless networks to commit
their crimes
And… the authorities will come knocking on your
door…..
26. Protect your Computers!
Use anti-virus software and
firewalls - keep them up to date
Keep your operating system up to
date with critical security updates
and patches
Don't open emails or attachments
from unknown sources
Use hard-to-guess passwords.
Don’t use words found in a
dictionary. Remember that
password cracking tools exist
Back-up your computer data on
disks or CDs often
Don't share access to your
computers with strangers
If you have a wi-fi network,
password protect it
Disconnect from the Internet when
not in use
Reevaluate your security on a
regular basis
Make sure your employees and
family members know this info
too!
17