Module 2

Introduction
 Technology is “double edge sword” ( Good/bad)
Fast exchange of information. (Good)
Easy down the work . (Good )
Threats of interception. (Bad)
Technology use for criminal activities. (Bad)
 Cybercriminal use the World Wide Web and Internet in optimal
to transfer and store information. ( Smart use of resources )
 Cybercriminal are taking advantage about lack of awareness
about cybercrimes and cyber laws. ( Cyber Threats ).
 Attacker exploit the network vulnerability.
 Hackers- Person with a strong interest in computers
who enjoys learning and experimenting with them.
 Brute force hacking- It is a technique used to find
passwords or encryption keys. It involves trying every
possible combination of letters, numbers, etc.until the
code is broken.
 Cracker- A Cracker is a person who breaks into
computers.
 Cracking- It is the act of breaking into computers.
 Cracking tools- These are programs used to break
into computers.
 Phreaking- This is the notorious art of breaking into
phone or other communication systems.
Network Vulnerabilities
 Inadequate border protection(Network periphery)
 Remote access servers(RASs) with weak access controls
 Application servers with well known expolits
 Misconfigured systems and system with the default
configurations.
Categories of Cybercrime
 The target of the Crime
 Whether the crime occurs as a single event or as a
series of events.
 Categories of cybercrime
 Crime targeted at individuals.
- exploit human weakness such as greedy nature.
- financial fraud.
- copyright violation
- Harassment
 Crime targeted at property.
- stealing of Smartphone, Laptop, Tab, Ext HD, pendrive

 Crime targeted at organization

- Attacker target specific group of computer or organization using
internet and attacking tools by stealing private information and
damaging programming file ,database and software.
 Single event cybercrime :
-It is the single event from the perspective of the
victim.
-Virus with attachment.
 Series of event :
- Attacker interacting with the victims repetitively
-Attacker interact with victim using social engg
skill
-Regularly telephonic conversation.
-Chat Room
How Criminal Plan the Attacks
 Active Attack- Used to alter the system
 Passive Attack- attempt to gain the information
about system or the target.
 Inside attack- Attack originating and/or attempted
within the security perimeter of an organization.
 Outside attack- Attempted by a source outside the
security perimeter, who is indirectly associated with
the organization, through the Internet or a remote
access connection.
 Gathering information ( Passive Attack)
 Scanning and scrutinizing the gathered
information
 Launching the attack- Gaining and maintaining
the system access (Active Attack)
 How Criminal Plan the Attacks
 Reconnaissance/ Gathering information
Accumulating data about targets environment to find ways to
intrude that environment.
➢ Passive Attack-
Gathering information about target without his/her knowledge.
- Google or Yahoo search (search info about employee)
- Organization web site .
- Surfing online community group like orkut/Facebook.
- Blogs, newsletter and Press releases etc. are used as a
medium to gain information about company or
employee.
- Job Posting sites.
- Network Sniffing
Tools used during Passive attacks
 Google Earth
 Internet Archive
 Professional Community- LinkedIn
 People Search
 WHOIS
 Nslookup
 Traceroute
 VisualRoute trace
 Active Attack : Active attack help to collect information about system.
( IP Addresses , OS type , service on network )

Tools used during Active attacks

 Arping
 Dsniff
 Filesnarf
 Fping
How Criminal Plan the Attacks
 Scanning and scrutinizing the gathered
information.
- Port scanning- Identify Open/Close ports services
- Network Scanning- IP Addresses and related
information
- Vulnerability scanning- Existing weakness in system
Attack- Gaining& Maintaining the system access
 Crack the password
 Execute malicious commands
 Hide the files
 Cover the tracks
Social Engineering
 Social engineering involves gathering secret information as
well as unauthorized access of network.
 Art of exploiting the trust of the people
 Classification of social engineering.
1. Human Based

2. Computer Based.
Social Engineering
 Human –Based social engineering.
Person to person interaction to get desired information
- Impersonating an employee or valid user. (organization
having various branch)
-Projecting an important member of the organization.
(CEO/Manager)
- Using third person : An attacker pretends to have
permission from authorized user to access the system.
- Calling technical support .(Technical Support staff )
- Shoulder surfing (login id/password)
- Dumpster Driving
Social Engineering
 Computer Based Social Engineering.
- sensitive or confidential information is collected by using computer
/Internet.
1. Fake E-mail : Attacker sends fake email to no of user victim find it
legitimate mail.
2. E-mail Attachment. (malicious code is attached )
3. Pop up windows. – special offers.
4 . Dumpster Driving
Cyberstalking
 Stalking means “act or process of following victim silently”
 Types of stalking
1. Online stalking : They interact with victim directly with the help
of Internet.
Mode of Interaction : E-mail, chat room
Stalker can make use of third party to harass victim.
2. offline stalker : Stalker may attack on victim by observing his
1. Daily routing.
2. searching personal website /blogs
3. Visiting victim organization.
Case Report on cyberstalking
 Majority of cyberstalking women are victim .
 Few cases are reported where women are cyberstalking and men
are victim.
 How stalking works ?
- Gathering personal info .( sp . Contact no and address)
- Established contact with victim through tel./cell phone.
- Contact via E-mail.
- Continues threaten mail to victim.
- The stalker may post victim personal photo and information
social site/ defamation.
- Subscribe/register victim’s e-mail accounts for some spam
subscription.
Cybercafe and Cybercrime
 Keyloggers
 Shoulder surfing

❖ Observations relating to Cybercafes weakness

➢ Pirated software’s installed on Computers
➢ Antivirus not updated
➢ Less awareness about IT security
➢ Website not blocked
➢ Cybercafe association or state police do not seem to
conduct periodic visit to cybercafes
➢ Annual maintenance contract found to be not in place for
servicing computers.
Cybercafe and Cybercrime
 Tips for safety and security while using the computer in a
cybercafe.
- Always logout.
- Stay with the computer.
- Clear history and temporary file.
- Be alert.
- Avoid online financial transaction.
- change password.
- Virtual keyboard
- Security warning : warning should consider during accessing
financial /banking site.
Security through Virtual keyboard
Botnet :
 Bot is an automated program which are responsible to perform specific task over
network.
 Botnet : A botnet is a network of inflected computer that allow attacker to control
machine remotely .
 Botnet use for business.
Botnet creation

Botnet renting Botnet selling

DDoS Attack , Spam Attack ,Malware and Adware Installation Stealing confidential
information Phishing Attack ,Spamdexing { search engine poisoning } (It is the
deliberate manipulation of search engine indexes.)

Stealing confidential information :

1. Selling credit card and bank account details.
2. Selling personal identity info.
3.Selling internet service and shop account.
Prevention guideline ( Bot )
 Use antivirus and anti-spyware and keep it up-to-date.
 Download security patches (OS)
 Use firewall to protect system from hacking attacks while it is
connected on the internet.
 Disconnect internet when you are away from your computer.
 Download freeware from trusted website.
 Check regularly E mail folder.
 Take an immediate action if your system is inflected.
Attack Vector
 An attack vector is a path or means by which an attacker can gain
access to a computer or to network server to deliver a payload. (
malicious code )
 Attacker vector include virus , E-mail attachment, web page, pop
up window, instant message , chat room .
 To some extend , attack vector can be block using firewalls and
antivirus.
 List of attack vector
1. Attack by email.
2. Attachment.
3.Attack by deception (trick)
4. Hackers
5. Heedless guest (attack by webpage ) : attacker make fake
website to extract
personal information , such website look genuine .
 Attack Vector
6. Attack of the worms.
Many worms are deliver as E mail attachment.
worms are using holes of network protocol ( Provides list of
flaws )
7. Malicious macros : MS word and MS excel.
8. Foistware : Foistware is the software that adds hidden
components to the system on the sly (smartly or clever). It is
bundle with attractive software.
9. Virus
Cloud Computing
 Concept of cloud computing.
E-mail, Project data hosting and accessing.
 Cloud Computing is a technology that uses the internet and central remote servers to maintain
data and applications.
 Businesses that cannot afford the same amount of hardware and storage space as a bigger
company. Small companies can store their information in the cloud, removing the cost of
purchasing and storing memory devices
 To access the cloud user should have internet connection.
Types of clouds
 There are different types of clouds that you can subscribe to depending on your needs. As a
home user or small business owner, you will most likely use public cloud services.
 1. Public Cloud - A public cloud can be accessed by any subscriber with an internet
connection and access to the cloud space.
 2. Private Cloud - A private cloud is established for a specific group or organization and
limits access to just that group.
 3. Community Cloud - A community cloud is shared among two or more organizations
that have similar cloud requirements.
 4. Hybrid Cloud - A hybrid cloud is essentially a combination of at least two clouds,
where the clouds included are a mixture of public, private, or community.
 Cloud Computing
 Advantage of Cloud computing.
1. Application and data can be access from anywhere at any time.
2. It bring HW cost down. Resources can access through internet.
3. Organization can save software license cost
4. Organization can save money on IT support.
Cloud Computing service provider
- Amazon , 3 Tera, Force.com, Flexiscale, Google-App Engine, Go
grid.

Security challenges in Cloud computing

 Cloud Computing is next target of cybercriminals.
 Cloud computing servers are outside of organization security
perimeter.