See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/322086317

CyberCrime and Security

Experiment Findings · December 2017

DOI: 10.13140/RG.2.2.11806.84800

CITATIONS READS

0 9,197

1 author:

Muhammad Hamza
Namal College
31 PUBLICATIONS   146 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

A report on Artificial Intelligence Conquering the next frontier of the digital world View project

All content following this page was uploaded by Muhammad Hamza on 27 December 2017.

The user has requested enhancement of the downloaded file.

1
Abstract:
Being one of the most rapidly expanding sector, internet has become one of the
most vital part of our life from work to entertainment there's no other option
now but it comes with a price of our privacy.
Cyber Crimes are also on the rapid expansion causing our sensitive data to be
used without our permission. Governments are aware of this matter doing
everything they can to secure our networks but many say security is just an
illusion.
In this whole report we will analyse the strength of the people who are trying to
spoil the Cyber Ecosystem and the higher grounds where we can deceive them.

2
Introduction:
Cybercrime is a type of crime or an illegal activity that is basically committed through a computer with the help of
networking.

The ideal or most familiar word for this would be "Hacking".

Following are the examples of cybercrime.

1) Internet Fraud.

2) Spams.

3) Cyberbullying.

4) Gathering Information Illegally.

5) Identity Theft.

6) Phishing scams.

7) Hate Crimes.

Internet Fraud:
Whenever one tries to purchase a product from the internet, he/she is on a great risk of being victimized by internet
fraud. So, it is very important for a person to research and study the sources from which he/she is purchasing the
product. The e-commerce environment is stuffed with fake companies and organizations who distribute worst quality
products to the customers and are greatly involved in stealing customers bank account data. These Internet crimes
became a larger platform for crimes in the late 1990s and early 2000s. A single virus outbreak was blamed for 80$
Billion loss. In this scenario, HBL has introduced a 3-D secure e-commerce web certification which allows the user to
recognize websites that can be trusted for online shopping. There are some famous websites which could be trusted
on the basis of current circumstances for online shopping.Some of the trustworthy websites are given below:

1) www.daraz.pk

2) www.kaymu.pk

3) www.amazon.com

4) www.alibaba.com

5) www.microsoft.com

Cyberbullying.
Cyberbullying is done through digital devices for example Cell Phones, Computers, Tablets, iPhone, Ipads etc

Mentally torturing, harassment, Humiliation is cyberbullying. It includes sending, posting or sharing taunting, offending
and sexual contents "publicly" or sending it to a specific person. The content could be personal data like pictures,
email, chats etc.

Platforms for cyberbullying are given below:

1) Social Media such as Facebook, Twitter, Snapchat, Instagram.

3) Mobile Messaging.

80% teenagers use cell phones and some other related devices and 20% of them are bullied on daily basis.
3
Phishing scams:
This is an attempt to gather users password and sensitive information by generating and disguising a fake webpage of
an authentic website. When a user comes across this kind of fake webpage he inputs his personal data in the sign in
or sign up form resulting in stolen data of the user.

Cyber Criminals :

Someone who penetrates and breaks the security system of an organization or a network and exploits the flaws in
that computer system is known as Hacker and process is known as Hacking.

There are many types of hackers.

1) Script Kiddie.

2) White Hat Hackers

3) Grey Hat Hackers

4) Black Hat Hackers

5) Green Hat Hackers

6) Red Hat Hackers

7) Blue Hat Hackers

But main of them are Blackhat, White hat and grey hat.

Script Kiddie:

Basically, they cannot be called hackers, because they just copy some kind of coded script and use it as a virus or use
predefined software like maltego, hydra,Metasploit etc for penetration.

White Hat Hackers:

White hat hackers are known as Ethical Hacker or Legal Hackers. These type of hackers help organizations to make
their system secure or they help victim company to prevent the viruses. White Hat Hackers are certified to hack.

Black Hat Hackers:

Blackhat hackers are famous as "Crackers" .They find companies, organizations, especially bank that have weak and
small security system and when they find it they steal the money, credit card information and etc

Gray Hat Hackers:

They are nor Ethical Hackers neither Unethical Hackers. They don't harm people with their hacking nor steal anything,
like money or personal information but sometimes they try to penetrate into a system.

Green Hat Hackers:

Green Hat Hackers are types of hackers that really love hacking and care about it .They are unlike script-kiddies and
they work hard and strive and struggle to become a legendary hacker.

Red Hat Hackers:

Red Hat Hackers are the wanted criminals of the world. They steal money, steal data, harm the computer system,
sometimes leaks the information to the outer world .It may include Terrorist.

4
History of Cyber Attacks:
In February 2000. DDoS flooded Yahoo, eBay, CNN and ZDNet with huge data, blocking access for thousands of users
for two to three hours.

Love Letter virus struck companies worldwide in May the same year, flooding e-mail servers and causing them to
crash as it spreads.

1994:
A hacker known as Merc manages to dial into a server at the Salt River Project and explores computers used to monitor
canals in the Phoenix region.

1988:
"Robert Morris" released a worm that infected around 3,000 to 4,000 of the Internet's approximately servers.

WannaCry ransomware attack was a May 2017 global cyber offence

Which targeted computers running Microsoft Windows operating systems. Their sole objective was to encrypt whole
computers data and then demanded ransom for the decryption keys.

Cyber Warfare:
Cyber warfare is a modern form of warfare in which countries attack each other for proving their strength or for gaining
political/foreign policy victories.

Cyber warfare is an important evolutionary addition in the battle fronts that has the potential for significant effect on
the citizens and especially on the computer scientists of the world.

Cyber warfare may be used as a political tool to increase the control of the government on the citizens and different
organizations by keeping in checking their data and resources. Some of the techniques of the cyber-attacks include
breaking into someone's personal computer or servers.

Cyber warfare became elite warfare when In the last United States elections Russian government Hacked into the
election and moulded the results whatever they wanted it to be. This created a mass tension around the globe as it
was one of the most powerful and unique display of power by one of the Superpower.

Another tactic is to create hindrance in the functionality of computers and the embedded equipment by using worms
and viruses. In addition, some hackers use logic bombs and some other malware to malfunction the computer
networks of important facilities.

The main scope and platform for the cyber warfare is internet and local network with a strong help from the ruling
Government as generally they are the master planner of the attacks.

Because of increasing Cybercrimes and warfare around the globe and also because of some political reasons The
Pakistani Government has also passed a Cyber Crime Bill which was targeted frequently by the critics.

Some of the salient features of the Pakistans Cyber Crime bill are mentioned below:

1) Up to 3 years imprisonment, Rs1 million fine or both for unauthorised access to critical Network system or data.

2) The government will cooperate with any foreign agency investigating about Cyber Criminals residing in the authority
of Pakistan.

3) Rs5 million fine, Up to three years imprisonment or both for breaching and using an individual Identity and crucial
data without authorization.
5
4) If anyone's information has been used intentionally or without authorization he/she can report it 24/7 to the Cyber
Security department of FIA.

Resources and the techniques used for Cyber Crimes:

There are many resources but we will only discuss about most popular of them. Kali linux is the operating system and
python is the programming language which is widely used by the network penetrators.

Techniques used by hackers :

Brute force attack: In this technique, all possible combinations of the password are applied in order to find the
correct combination.

Dictionary attack: Common dictionary words are used For predicting password.
Waterhole attacks: When the objective of the hacker is to gather as many sensitive information as he can they target
public places like internet café, coffee shops or other most visited public places.

Fake wifi points: They can create fake wifi points in order to grab the sensitive data of the user who tries to log in from
the wifi.

Backdoors: The points from which they penetrate into a system is known as the backdoor.

Usage of proxy networks for defence: Universities and institutions use proxy servers in order to defend their user
from being attacked. This proxy network changes the IP address of their traffic who are accessing the internet so that
a foreigner whose intentions are bad fails in tracking the genuine IP address of their member.

DDOS Attack stands for distributed denial of service attack. In this, the victim is attacked from different sources. This
makes it very difficult to defend the network from the attack.

Hackers point out bugs in the system of the targeted computer and then manipulate that weak point of the system
in order to get access to the pc/network. This mainly happens when OS update is released but the targeted pc has not
updated yet which leaves that bug unresolved and prove as an open attack on people like black hat hackers. That's
the reason why our windows always recommend us to always turn on the automatic updates.

The internet as a whole consist of three layers world wide web, deep web and dark web. Worldwide is the portion of
internet consisting google search engine and the whole social media and many more websites. There are other
different websites which our search engines cannot access therefore we can call them hidden or the webs which can
be accessed via password or authorization. Which can only be logged in by using genuine authorization these are the
deep web content that won't show up on our common search engine.

The other one is dark web which is quite popular in the underworld of criminals and unethical hackers. Dark web is
part of worldwide that require a special browser to access.

The dark web is also called "Onionland" because of its content accessible only using services like Tor. It can be identified
by the domain ".onion" whereas other normal websites identified by the domain .com.

The darkweb is used for illegal activities such as drug trade, media and confidential information exchange also for
pedophiles and terrorists who want to hide their illegal activities use the dark web. People who want to hide their
identity and want to search illegal articles use the dark web. Dark web is notorious for being the base of all cyber
crimes.

6
About Tor Browser :
Tor is a web browser or an internet networking protocol which is used commonly to reach Dark web and also to
anonymize the data relayed to across it. Torr makes it difficult for anyone to track the internet activity of the user.By
using it trackers may face a lot of hindrances in order to track and analyse users IP address .When someone runs tor
online data collectors such as Google Ads and little known but powerful Crawlers will not be able to gather your data.

Conclusions:
Security is an illusion: Whatever technique we use to secure our networks it will be defeated in any time soon.
This cycle keeps on running until meaning of security loses it's worth.

develop best security practices:

People believe that security is an illusion but we can do much more to give them a tough time.Technology tycoons like
Facebook have thousands of their employees dedicated to the Cybersecurity wing. Which allows their customers to
trust them .The ones who know how to penetrate can also secure our networks as they know what a hacker looks for
before penetrating into a system.

Be proactive:
Do not wait until your networks are doomed in one way or another .Use every possible defence techniques which
cannot be deceived by the hackers.

Strict cyber laws should be deployed: Maximum people out there think we cannot/should not categorize Cyber
Crimes into regular crimes. But as the events are happening and the world has started facing heavy losses because of
cybercrimes it is becoming more and more clear that introducing strict cyber laws is the only way to handle these
activities.

Increase security awareness among the masses: Most of the people do not give much more important
to their data and they also imagine no one can really hurt them by grabbing their data but ironically the reality is
opposite. Being tech people we have a responsibility to create awareness among the masses about the dark side of
the cyber ecosystem.

7
REFERNCE:
https://www.fbi.gov/news/pressrel/press-releases/fbi-releases-2016-hate-crime-statistics
http://www.encyclopedia.com/science-and-technology/computers-and-electrical-engineering/computers-
and-computing/internet-fraud
https://www.cybrary.it/0p3n/types-of-hackers/

https://www.cia.gov/library/publications/the-world-factbook/geos/en.html
http://www.state.gov/r/pa/ei/bgn/5377.htm
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5634434
http://www.stratcom.mil/factsheets/cyber_command/

View publication stats