SlideShare uma empresa Scribd logo
1 de 50
Baixar para ler offline
Presented By
 Keshab Nath
Cyber crime and cyber  security
History

-The first recorded cyber crime took place in the year
1820.

-The first spam email took place in 1978 when it was
sent over the Arpanet

-The first VIRUS was installed on an Apple computer in
1982
History
• In 1983, Kevin Mitnick did an intrusion on a Pentagon’s computer
• Robert Tappan Morris created the first worm and sent it from MIT
  to the web and caused $50,000 of damages
• In 1994, Vladimir Levin intruded in an American bank computer and
  stole 10 millions dollars
• Jonathan James “c0mrade”, 16 years old, infiltrated a NASA
  computer in 1999 and had access to data worth 1,7 millions dollars
• Today (CSI Report, 2007):
    – 46% of companies have admitted to suffering financial losses due to
      security incidences. The reported loss amounted to a total of
      approximately $66,930,000.
    – 39% of companies have been unable (or unwilling) to estimate the
      cost of their losses.
• Financial Losses, Personal losses, Privacy losses, Data
  Losses, Computer Malfunction and more…..
Types of Cyber Crime




HACKING                    CREDIT CARD FRAUD
NET EXTORTION              PHISHING
DENIAL OF SERVICE ATTACK   SPOOFING
 VIRUS DISSEMINATION       CYBER STALKING
SOFTWARE PIRACY             CYBER DEFAMATION
 PORNOGRAPHY               THREATENING
 IRC Crime                 SALAMI ATTACK
Hacking
Hacking, in simple terms, means illegal intrusion
into a computer system without permission of the computer
owner / user.




 DENIAL OF SERVICE ATTACK
This is an act by the criminal who floods the bandwidth of the
victim’s network or fills his e-mail box with spam mail
depriving him of the services he is entitled to access or
provide
VIRUS DISSEMINATION
Virus is a malicious software that attaches itself to other software
and causes break down of the operating systemin extreme cases. The
kinds of viruses are –
worms,
Trojan Horse,
Time bomb virus,
 Logic Bomb,
True Love
Spyware
Malware
Hoaxes
SOFTWARE PIRACY

• Theft of software through illegal copying of
  original programs and distribution of the
  products intended to pass for the original.
• Retail revenue losses worldwide are ever
  increasing due to this crime.
• This can be done in various ways -
 End user copying,
 Hard disk loading,
 Illegal downloads from the internet etc.
PORNOGRAPHY
Pornography is the first consistently successful e-commerce
product.
 Deceptive marketing tactics and mouse trapping technologies
used in Pornographic sites encourage PORNOGRAPHY
customers to access these sites.
Anybody, irrespective of age, can fall prey to the pornographic
sites at a click of mouse.
Publishing, transmitting any material in electronic form
which is lascivious or appeals to the prurient interest is an
offence under the provisions of section 67 of I.T. Act -2000.
IRC CRIME



Internet Relay Chat (IRC) servers have chat rooms in
which people from any corner of the world can come together
and chat with each other.
 Criminals use it for meeting co-conspirators.
Hackers use it for discussing their exploits / sharing the
Techniques
Pedophiles use chat rooms to allure small children
Cyber Stalking - In order to harass a female, her
telephone number is shared pseudonymously with others
as if she craves to befriend males.
CREDIT CARD FRAUD
You simply have to type credit card
 number into www page of the
 vendor for online transaction.
If electronic transactions are not
 secured, the credit card umbers can
 be stolen by the hackers who can
 misuse this card by impersonating
 the credit card owner.
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
NET EXTORTION

Copying the company’s confidential data in order to extort huge amounts
    of money from the said company.
PHISHING
It is the technique of pulling out confidential information of the account
    holders from their banks /financial institutions by deceptive means.
Cyber crime and cyber  security
Phishing E-mail
From : ICICI Bank
[mailto:support@icici.com]
Sent : 08 June 2004 03:25
To : India
Subject : Official information from ICICIBank
Dear valued ICICI Bank Customer !
      For security purposes your account has been randomly chosen for verification. To
verify your account information we are asking you to provide us with all the data we are
requesting.Otherwise we will not be able to verify your identity and access to your
account will be denied. Please click on the link below to get to the ICICI secure page and
verify your account details.
Thank you.
https://infinity.icicibank.co.in/Verify.jsp
ICICI Bank Limited
Cyber crime and cyber  security
Spoofing




A technique used to gain unauthorized access to computers,
whereby the intruder sends hoax messages to a computer
with such an IP address which indicates that the message is
coming from trusted host.
CYBER DEFAMATION


• Sending defamatory messages through e-mail
   to the victim or his relatives, friends, etc. or
   posting of the defamatory material on a
   website.
---(Disgruntled employee may do this against
   boss, exboyfriends against a girl and divorced
   husband against his wife, to name a few.)
SALAMI ATTACK

A “salami attack” is a form of cyber crime usually used for the
purpose of committing financial crimes in which criminals steal money
or resources a bit at a time from financial accounts on a system. A
single transaction of this kind would usually go completely unnoticed.
In such a crime, the perpetrator introduces minor changes to the
program or a software which are so insignificant that they go almost
unnoticed and derive huge benefit out of the
same.
 e.g. Criminal makes such program that deducts small amount like Rs.
2.50 per month from the account of all the customer of the Bank and
deposit the same in his account.
In this case no account holder will approach the bank for such small
amount but criminal gains huge amount.
• American Lottery
• UK Lottery
• Yahoo Lottery
• Microsoft Lottery      • Hotel Industry
• RBI Lottery            • Hospital                  • RBI
• Google Lottery         • MNC Companies             • ICICI Bank
• Canada Mobile draw     • International Job offer   • HDFC Bank
• Coca Cola Lucky draw   • Shipping Industry         • Axis Bank
• BMW Lottery            • Reputed Universities      • State Bank of India
• Vodafone Lucky draw    • Canada Mobile draw        • Royal Bank of Scottland
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber crime and cyber  security
Cyber security

-Involvesprotection of sensitive personal &
business information through prevention,
detection and response to different online
attacks

-Protects from attacks by    detecting   and
preventing
Cyber crime and cyber  security
Loss of Personal Information


•   Human error, 32%
•   Software corruption, 25%
•   Virus attack (malware), 22%
•   Hardware failure, 13%
•   Natural disasters, 2%
Finding an IP Address via Instant Messengers

    Case: If you are chatting on messengers like MSN, YAHOO etc. then the
     following indirect connection exists between your system and your friend’s
     system:



       Thus in this case, you first have to establish a direct connection with your
     friend’s computer by either sending him a file or by using the call feature.
       Then, goto MSDOS or the command line and type:

      C:>netstat -n

     This command will give you the IP Address of your friend’s computer.
Finding an IP Address via Instant Messengers
Countermeasures

      Do not accept File transfers or calls from unknown people
      Chat online only after logging on through a Proxy Server.

A Proxy Server acts as a buffer between you and the un-trusted network known as
the Internet, hence protecting your identity.


Some good Proxy Servers are:

Wingate (For Windows Platform)
Squid (For Unix Platforms)
Finding an IP Address via your website
   One can easily log the IP Addresses of all visitors to their website by using
    simply JAVA applets or JavaScript code.

Countermeasures

   One should surf the Internet through a Proxy Server.

   One can also make use of the numerous Free Anonymous Surfing Proxy
    Services.

    For Example, www.anonymizer.com
DOS Attacks: Ping of Death Attack
The maximum packet size allowed to be transmitted by TCPIP
on a network is 65 536 bytes.

In the Ping of Death Attack, a packet having a size greater than
this maximum size allowed by TCPIP, is sent to the target system.

As soon as the target system receives a packet exceeding the
allowable size, then it crashes, reboots or hangs.

This attack can easily be executed by the ‘ping’ command as
follows:

    ping -l 65540 hostname
Threats from Sniffers and Key Loggers

   Sniffers: capture all data packets being sent across the
    network in the raw form.

        Commonly Used for:

            Traffic Monitoring
            Network Trouble shooting
            Gathering Information on Attacker.
            For stealing company Secrets and sensitive data.

   Commonly Available Sniffers

            tcpdump
            Ethereal
            Dsniff
Threats From Key Logger

   Key loggers: Record all keystrokes made on that system and store
    them in a log file, which can later automatically be emailed to the
    attacker.
   Countermeasures

     Periodic Detection practices should be made mandatory.

    A Typical Key Logger automatically loads itself into the memory,
     each time the computer boots.

     Thus, the start up script of the Key Logger should be removed.

E.g. 1.SpyAgent
    2.WebWatcher
    3.PC Pandora
Default Settings
            Default Settings
• Many access points arrive with no security
  mechanism in place
• Changing the default settings before
  deployment should be a matter of
  organizational practice
• An Employee/user may unknowingly infect
  the network by using an infected device.
  Malicious downloads, infected files, corrupted
  images and other threats can easily spread via
  portable devices.
Attack Via Social network


 Social network users can expect more threats to travel virally,
infecting everyone on a user's friends list.

viruses are likely be designed to steal or delete users' personal
information, which can be sold in numerous black markets and
used to acquire credit card and bank information
Cyber crime and cyber  security
Attacker uses multiple transparent or opaque layers to trick users into revealing
confidential information, or taking control of a user's computer when they were
intending to click on the top level page. Thus, the attacker is "hijacking" clicks
meant for their page and routing them to other another page, most likely . Expect
to see an increase of this malicious behavior over the next few years.
 Using a similar technique, keystrokes can also be hijacked. With a carefully
Crafted combination of stylesheets, iframes, and text boxes, a user can be led
to believe they are typing in the password to their email or bank account, but
are instead typing into an invisible frame controlled by the attacker.

 Clickjacking attack allows to perform an action on victim website, Mostly
Facebook and Twitter accounts are targetable.
Clickjacking is a term first introduced by Jeremiah Grossman and
Robert Hansen in 2008 to describe a technique whereby an attacker
tricks a user into performing certain actions on a website by hiding
clickable elements inside an invisible iframe.


Using a similar technique, keystrokes can also be hijacked. With a
carefully crafted combination of stylesheets, iframes, and text boxes, a
user can be led to believe theyare typing in the password to their
email or bank account, but are instead typing into an invisible frame
controlled by the attacker
One of the more persistent threats of 2010 was fake anti-virus, also
commonly known as “scareware” or “rogueware.

The user receives a warning that their system is infected with some
nasty malware and forced to pay for a “full” version of the software to
remove the threat

In most cases there’s no real danger, and in many cases they’re actually
installing additional malware on the system and taking your credit
card information. With this kind of data handed over so freely, cyber
crooks can drain your bank account or completely take over your
identity.
• The search engine is our gateway to the Web, and cyber crooks are
  skilled at manipulating search results from the engines such as
  Google, Bing and Yahoo!
• Best partner for SQL injection is             . We can find the
  Vulnerable websites(hackable websites) using Google Dork list.
  google dork is searching for vulnerable websites using the google
  searching tricks. There is lot of tricks to search in google. But we are
  going to use "inurl:" command for finding the vulnerable websites.
• Find live webcams by searching for: inurl:view/view.shtml
How hackers attack webcams
   Most hackers utilize so-called Trojan horse attacks, says Stiennon. When we
   click on an attachment or download a piece of music or video infected with
   malware, and a hacker is able to remotely control your PC’s functions.
         --Do look for the indicator light.
-Install a firewall , pop-up blocker
-Ensure your virus definitions are up to date
-Use strong passwords , don’t give personal information unless
required(not even phone number)
-Use secure connections
-Disable file sharing , turn off internet when not in use
-Use spam filters , delete spam immediately
-Use various passwords for various accounts
-Don’t believe in everything you read online
-Open attachments carefully
-Beware of promises to make fast profits
-Be smart , don’t act foolish and help in spreading spam

Mais conteúdo relacionado

Mais procurados

Cybercrime a growing threat of 21 st century !!!
Cybercrime a growing threat of 21 st  century !!!Cybercrime a growing threat of 21 st  century !!!
Cybercrime a growing threat of 21 st century !!!Asma Hossain
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentationA.S. Sabuj
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security ritik shukla
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Cyber Crime And Cyber Security
Cyber Crime And Cyber SecurityCyber Crime And Cyber Security
Cyber Crime And Cyber SecurityPrashant Sharma
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxPrinceKumar851167
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Types of Cyber Attacks
Types of Cyber AttacksTypes of Cyber Attacks
Types of Cyber AttacksRubal Sagwal
 

Mais procurados (20)

Cyber security
Cyber security Cyber security
Cyber security
 
Cyber security(2018 updated)
Cyber security(2018 updated)Cyber security(2018 updated)
Cyber security(2018 updated)
 
Cyber security
Cyber securityCyber security
Cyber security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cybercrime a growing threat of 21 st century !!!
Cybercrime a growing threat of 21 st  century !!!Cybercrime a growing threat of 21 st  century !!!
Cybercrime a growing threat of 21 st century !!!
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentation
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information security
 
Cyber Crime And Cyber Security
Cyber Crime And Cyber SecurityCyber Crime And Cyber Security
Cyber Crime And Cyber Security
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptx
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
Types of Cyber Attacks
Types of Cyber AttacksTypes of Cyber Attacks
Types of Cyber Attacks
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber security
Cyber securityCyber security
Cyber security
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
 

Destaque

presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and securityAlisha Korpal
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityintroduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityErdo Deshiant Garnaby
 
Malwaretheorie
MalwaretheorieMalwaretheorie
Malwaretheoriephooeikp
 
Ppt0000001
Ppt0000001Ppt0000001
Ppt0000001maritza
 
Sicher unterwegs im gefaehrlichsten Medium der Welt
Sicher unterwegs im gefaehrlichsten Medium der WeltSicher unterwegs im gefaehrlichsten Medium der Welt
Sicher unterwegs im gefaehrlichsten Medium der Weltwww.zebedin.at
 
Ein Manifest für Cyber Resilience
Ein Manifest für Cyber ResilienceEin Manifest für Cyber Resilience
Ein Manifest für Cyber ResilienceSymantec
 
Malware Augeneder Hagmayr
Malware Augeneder HagmayrMalware Augeneder Hagmayr
Malware Augeneder Hagmayrphooeikp
 
Die Gefahr Im Web
Die Gefahr Im WebDie Gefahr Im Web
Die Gefahr Im WebC0pa
 
Gefahren Internet - Web 2010
Gefahren Internet - Web 2010Gefahren Internet - Web 2010
Gefahren Internet - Web 2010Joerg Thelenberg
 
Glossar IT-Sicherheit
Glossar IT-SicherheitGlossar IT-Sicherheit
Glossar IT-SicherheitITWissen.info
 
Wie schütze ich mich vor Malware?
Wie schütze ich mich vor Malware?Wie schütze ich mich vor Malware?
Wie schütze ich mich vor Malware?INFONAUTICS GmbH
 
Computerkriminalität in der deutschen Wirtschaft 2010
Computerkriminalität in der deutschen Wirtschaft 2010Computerkriminalität in der deutschen Wirtschaft 2010
Computerkriminalität in der deutschen Wirtschaft 2010Torben Haagh
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineeringthetacker
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & SecurityAnchit Rajawat
 
Internet sicherheit 020511-1-powerpoint
Internet sicherheit 020511-1-powerpointInternet sicherheit 020511-1-powerpoint
Internet sicherheit 020511-1-powerpointBernd Hoyer
 

Destaque (20)

presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and security
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Cyber security
Cyber security        Cyber security
Cyber security
 
introduction to cyber patriot and cyber security
introduction to cyber patriot and cyber securityintroduction to cyber patriot and cyber security
introduction to cyber patriot and cyber security
 
openHPI_Zertifikat
openHPI_ZertifikatopenHPI_Zertifikat
openHPI_Zertifikat
 
Zukunftstrends von Informationstechnologie und Cyber-Sicherheit
Zukunftstrends von Informationstechnologie und Cyber-SicherheitZukunftstrends von Informationstechnologie und Cyber-Sicherheit
Zukunftstrends von Informationstechnologie und Cyber-Sicherheit
 
Malwaretheorie
MalwaretheorieMalwaretheorie
Malwaretheorie
 
Ppt0000001
Ppt0000001Ppt0000001
Ppt0000001
 
Sicher unterwegs im gefaehrlichsten Medium der Welt
Sicher unterwegs im gefaehrlichsten Medium der WeltSicher unterwegs im gefaehrlichsten Medium der Welt
Sicher unterwegs im gefaehrlichsten Medium der Welt
 
Ein Manifest für Cyber Resilience
Ein Manifest für Cyber ResilienceEin Manifest für Cyber Resilience
Ein Manifest für Cyber Resilience
 
Malware Augeneder Hagmayr
Malware Augeneder HagmayrMalware Augeneder Hagmayr
Malware Augeneder Hagmayr
 
Die Gefahr Im Web
Die Gefahr Im WebDie Gefahr Im Web
Die Gefahr Im Web
 
Gefahren Internet - Web 2010
Gefahren Internet - Web 2010Gefahren Internet - Web 2010
Gefahren Internet - Web 2010
 
Glossar IT-Sicherheit
Glossar IT-SicherheitGlossar IT-Sicherheit
Glossar IT-Sicherheit
 
Wie schütze ich mich vor Malware?
Wie schütze ich mich vor Malware?Wie schütze ich mich vor Malware?
Wie schütze ich mich vor Malware?
 
Computerkriminalität in der deutschen Wirtschaft 2010
Computerkriminalität in der deutschen Wirtschaft 2010Computerkriminalität in der deutschen Wirtschaft 2010
Computerkriminalität in der deutschen Wirtschaft 2010
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
 
ESET - Cyber Security Pro
ESET - Cyber Security ProESET - Cyber Security Pro
ESET - Cyber Security Pro
 
Internet sicherheit 020511-1-powerpoint
Internet sicherheit 020511-1-powerpointInternet sicherheit 020511-1-powerpoint
Internet sicherheit 020511-1-powerpoint
 

Semelhante a Cyber crime and cyber security

Semelhante a Cyber crime and cyber security (20)

Web Security
Web SecurityWeb Security
Web Security
 
Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)
 
cyber crime
cyber crimecyber crime
cyber crime
 
presentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.pptpresentation_cybercrime_1486105587_257582.ppt
presentation_cybercrime_1486105587_257582.ppt
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
cyber crime.pptx
cyber crime.pptxcyber crime.pptx
cyber crime.pptx
 
CYBER-CRIME PRESENTATION.ppt
CYBER-CRIME PRESENTATION.pptCYBER-CRIME PRESENTATION.ppt
CYBER-CRIME PRESENTATION.ppt
 
CYBER-CRIME PRESENTATION with real-time examples
CYBER-CRIME PRESENTATION with real-time examplesCYBER-CRIME PRESENTATION with real-time examples
CYBER-CRIME PRESENTATION with real-time examples
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber  crimeCyber  crime
Cyber crime
 
Legal (Types of Cyber Crime)
Legal (Types of Cyber Crime)Legal (Types of Cyber Crime)
Legal (Types of Cyber Crime)
 
hacking
hackinghacking
hacking
 
CYBER.pptx
CYBER.pptxCYBER.pptx
CYBER.pptx
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
My presentation
My presentationMy presentation
My presentation
 
Cyber crimes
Cyber crimesCyber crimes
Cyber crimes
 

Mais de Keshab Nath

Active Server Page(ASP)
Active Server Page(ASP)Active Server Page(ASP)
Active Server Page(ASP)Keshab Nath
 
J2 ee container & components
J2 ee container & componentsJ2 ee container & components
J2 ee container & componentsKeshab Nath
 
Distributed computing
Distributed computingDistributed computing
Distributed computingKeshab Nath
 

Mais de Keshab Nath (6)

Grid computing
Grid computingGrid computing
Grid computing
 
Active Server Page(ASP)
Active Server Page(ASP)Active Server Page(ASP)
Active Server Page(ASP)
 
J2 ee container & components
J2 ee container & componentsJ2 ee container & components
J2 ee container & components
 
Distributed computing
Distributed computingDistributed computing
Distributed computing
 
IP Security
IP SecurityIP Security
IP Security
 
Cyber law
Cyber lawCyber law
Cyber law
 

Último

The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum ComputingGDSC PJATK
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIUdaiappa Ramachandran
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 

Último (20)

The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum Computing
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 

Cyber crime and cyber security

  • 3. History -The first recorded cyber crime took place in the year 1820. -The first spam email took place in 1978 when it was sent over the Arpanet -The first VIRUS was installed on an Apple computer in 1982
  • 4. History • In 1983, Kevin Mitnick did an intrusion on a Pentagon’s computer • Robert Tappan Morris created the first worm and sent it from MIT to the web and caused $50,000 of damages • In 1994, Vladimir Levin intruded in an American bank computer and stole 10 millions dollars • Jonathan James “c0mrade”, 16 years old, infiltrated a NASA computer in 1999 and had access to data worth 1,7 millions dollars • Today (CSI Report, 2007): – 46% of companies have admitted to suffering financial losses due to security incidences. The reported loss amounted to a total of approximately $66,930,000. – 39% of companies have been unable (or unwilling) to estimate the cost of their losses. • Financial Losses, Personal losses, Privacy losses, Data Losses, Computer Malfunction and more…..
  • 5. Types of Cyber Crime HACKING CREDIT CARD FRAUD NET EXTORTION PHISHING DENIAL OF SERVICE ATTACK SPOOFING  VIRUS DISSEMINATION CYBER STALKING SOFTWARE PIRACY  CYBER DEFAMATION  PORNOGRAPHY THREATENING  IRC Crime SALAMI ATTACK
  • 6. Hacking Hacking, in simple terms, means illegal intrusion into a computer system without permission of the computer owner / user. DENIAL OF SERVICE ATTACK This is an act by the criminal who floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide
  • 7. VIRUS DISSEMINATION Virus is a malicious software that attaches itself to other software and causes break down of the operating systemin extreme cases. The kinds of viruses are – worms, Trojan Horse, Time bomb virus,  Logic Bomb, True Love Spyware Malware Hoaxes
  • 8. SOFTWARE PIRACY • Theft of software through illegal copying of original programs and distribution of the products intended to pass for the original. • Retail revenue losses worldwide are ever increasing due to this crime. • This can be done in various ways -  End user copying,  Hard disk loading,  Illegal downloads from the internet etc.
  • 9. PORNOGRAPHY Pornography is the first consistently successful e-commerce product.  Deceptive marketing tactics and mouse trapping technologies used in Pornographic sites encourage PORNOGRAPHY customers to access these sites. Anybody, irrespective of age, can fall prey to the pornographic sites at a click of mouse. Publishing, transmitting any material in electronic form which is lascivious or appeals to the prurient interest is an offence under the provisions of section 67 of I.T. Act -2000.
  • 10. IRC CRIME Internet Relay Chat (IRC) servers have chat rooms in which people from any corner of the world can come together and chat with each other.  Criminals use it for meeting co-conspirators. Hackers use it for discussing their exploits / sharing the Techniques Pedophiles use chat rooms to allure small children Cyber Stalking - In order to harass a female, her telephone number is shared pseudonymously with others as if she craves to befriend males.
  • 11. CREDIT CARD FRAUD You simply have to type credit card number into www page of the vendor for online transaction. If electronic transactions are not secured, the credit card umbers can be stolen by the hackers who can misuse this card by impersonating the credit card owner.
  • 21. NET EXTORTION Copying the company’s confidential data in order to extort huge amounts of money from the said company. PHISHING It is the technique of pulling out confidential information of the account holders from their banks /financial institutions by deceptive means.
  • 23. Phishing E-mail From : ICICI Bank [mailto:support@icici.com] Sent : 08 June 2004 03:25 To : India Subject : Official information from ICICIBank Dear valued ICICI Bank Customer ! For security purposes your account has been randomly chosen for verification. To verify your account information we are asking you to provide us with all the data we are requesting.Otherwise we will not be able to verify your identity and access to your account will be denied. Please click on the link below to get to the ICICI secure page and verify your account details. Thank you. https://infinity.icicibank.co.in/Verify.jsp ICICI Bank Limited
  • 25. Spoofing A technique used to gain unauthorized access to computers, whereby the intruder sends hoax messages to a computer with such an IP address which indicates that the message is coming from trusted host.
  • 26. CYBER DEFAMATION • Sending defamatory messages through e-mail to the victim or his relatives, friends, etc. or posting of the defamatory material on a website. ---(Disgruntled employee may do this against boss, exboyfriends against a girl and divorced husband against his wife, to name a few.)
  • 27. SALAMI ATTACK A “salami attack” is a form of cyber crime usually used for the purpose of committing financial crimes in which criminals steal money or resources a bit at a time from financial accounts on a system. A single transaction of this kind would usually go completely unnoticed. In such a crime, the perpetrator introduces minor changes to the program or a software which are so insignificant that they go almost unnoticed and derive huge benefit out of the same. e.g. Criminal makes such program that deducts small amount like Rs. 2.50 per month from the account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount.
  • 28. • American Lottery • UK Lottery • Yahoo Lottery • Microsoft Lottery • Hotel Industry • RBI Lottery • Hospital • RBI • Google Lottery • MNC Companies • ICICI Bank • Canada Mobile draw • International Job offer • HDFC Bank • Coca Cola Lucky draw • Shipping Industry • Axis Bank • BMW Lottery • Reputed Universities • State Bank of India • Vodafone Lucky draw • Canada Mobile draw • Royal Bank of Scottland
  • 33. Cyber security -Involvesprotection of sensitive personal & business information through prevention, detection and response to different online attacks -Protects from attacks by detecting and preventing
  • 35. Loss of Personal Information • Human error, 32% • Software corruption, 25% • Virus attack (malware), 22% • Hardware failure, 13% • Natural disasters, 2%
  • 36. Finding an IP Address via Instant Messengers  Case: If you are chatting on messengers like MSN, YAHOO etc. then the following indirect connection exists between your system and your friend’s system: Thus in this case, you first have to establish a direct connection with your friend’s computer by either sending him a file or by using the call feature. Then, goto MSDOS or the command line and type: C:>netstat -n This command will give you the IP Address of your friend’s computer.
  • 37. Finding an IP Address via Instant Messengers Countermeasures Do not accept File transfers or calls from unknown people Chat online only after logging on through a Proxy Server. A Proxy Server acts as a buffer between you and the un-trusted network known as the Internet, hence protecting your identity. Some good Proxy Servers are: Wingate (For Windows Platform) Squid (For Unix Platforms)
  • 38. Finding an IP Address via your website  One can easily log the IP Addresses of all visitors to their website by using simply JAVA applets or JavaScript code. Countermeasures  One should surf the Internet through a Proxy Server.  One can also make use of the numerous Free Anonymous Surfing Proxy Services. For Example, www.anonymizer.com
  • 39. DOS Attacks: Ping of Death Attack The maximum packet size allowed to be transmitted by TCPIP on a network is 65 536 bytes. In the Ping of Death Attack, a packet having a size greater than this maximum size allowed by TCPIP, is sent to the target system. As soon as the target system receives a packet exceeding the allowable size, then it crashes, reboots or hangs. This attack can easily be executed by the ‘ping’ command as follows: ping -l 65540 hostname
  • 40. Threats from Sniffers and Key Loggers  Sniffers: capture all data packets being sent across the network in the raw form. Commonly Used for:  Traffic Monitoring  Network Trouble shooting  Gathering Information on Attacker.  For stealing company Secrets and sensitive data.  Commonly Available Sniffers  tcpdump  Ethereal  Dsniff
  • 41. Threats From Key Logger  Key loggers: Record all keystrokes made on that system and store them in a log file, which can later automatically be emailed to the attacker.  Countermeasures  Periodic Detection practices should be made mandatory. A Typical Key Logger automatically loads itself into the memory, each time the computer boots.  Thus, the start up script of the Key Logger should be removed. E.g. 1.SpyAgent 2.WebWatcher 3.PC Pandora
  • 42. Default Settings Default Settings • Many access points arrive with no security mechanism in place • Changing the default settings before deployment should be a matter of organizational practice
  • 43. • An Employee/user may unknowingly infect the network by using an infected device. Malicious downloads, infected files, corrupted images and other threats can easily spread via portable devices.
  • 44. Attack Via Social network  Social network users can expect more threats to travel virally, infecting everyone on a user's friends list. viruses are likely be designed to steal or delete users' personal information, which can be sold in numerous black markets and used to acquire credit card and bank information
  • 46. Attacker uses multiple transparent or opaque layers to trick users into revealing confidential information, or taking control of a user's computer when they were intending to click on the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to other another page, most likely . Expect to see an increase of this malicious behavior over the next few years.  Using a similar technique, keystrokes can also be hijacked. With a carefully Crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they are typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker.  Clickjacking attack allows to perform an action on victim website, Mostly Facebook and Twitter accounts are targetable.
  • 47. Clickjacking is a term first introduced by Jeremiah Grossman and Robert Hansen in 2008 to describe a technique whereby an attacker tricks a user into performing certain actions on a website by hiding clickable elements inside an invisible iframe. Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe theyare typing in the password to their email or bank account, but are instead typing into an invisible frame controlled by the attacker
  • 48. One of the more persistent threats of 2010 was fake anti-virus, also commonly known as “scareware” or “rogueware. The user receives a warning that their system is infected with some nasty malware and forced to pay for a “full” version of the software to remove the threat In most cases there’s no real danger, and in many cases they’re actually installing additional malware on the system and taking your credit card information. With this kind of data handed over so freely, cyber crooks can drain your bank account or completely take over your identity.
  • 49. • The search engine is our gateway to the Web, and cyber crooks are skilled at manipulating search results from the engines such as Google, Bing and Yahoo! • Best partner for SQL injection is . We can find the Vulnerable websites(hackable websites) using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use "inurl:" command for finding the vulnerable websites. • Find live webcams by searching for: inurl:view/view.shtml How hackers attack webcams Most hackers utilize so-called Trojan horse attacks, says Stiennon. When we click on an attachment or download a piece of music or video infected with malware, and a hacker is able to remotely control your PC’s functions. --Do look for the indicator light.
  • 50. -Install a firewall , pop-up blocker -Ensure your virus definitions are up to date -Use strong passwords , don’t give personal information unless required(not even phone number) -Use secure connections -Disable file sharing , turn off internet when not in use -Use spam filters , delete spam immediately -Use various passwords for various accounts -Don’t believe in everything you read online -Open attachments carefully -Beware of promises to make fast profits -Be smart , don’t act foolish and help in spreading spam