𝐈𝐍𝐃𝐄𝐗

CYBER CRIME AND SCURITY

ᴏʙᴊᴇᴄᴛɪᴠᴇ
ᴀᴄᴛɪᴏɴ ᴘʟᴀɴ
ᴍᴀᴛᴇʀɪᴀʟ - ꜱᴄʀɪᴘᴛ
ʀᴇᴘᴏʀᴛ
ꜱᴛᴜᴅᴇɴᴛ’ꜱ ʀᴇꜰʟᴇᴄᴛɪᴏɴ
ʙɪʙʟɪᴏɢʀᴀᴘʜʏ
𝐎𝐁𝐉𝐄𝐂𝐓𝐈𝐕𝐄
2

*To provide general awareness of cyber

crime
*To recognize cybercrime methods
*To known the importance of cyber-laws
(love BUG suspects + loss 10$ billion)
*To learn how to keep away from being
a victim
*To Estimation of financial losses related
to cyber crime
ACTION PLAY
3
INTRODUCTION
4

Cyber-crimes are increasingly becoming

social engineering, where cyber
criminals invest resources and time to
gain knowledge about technical and
scientific aspects of cyber security and
because of that the term “cybercrime”
is often confused with the term “cyber
security”. Even though the two are
extremely different and belong to
different areas of expertise, yet they are
interrelated with each other.

A. WHAT IS CYBERCRIME?
Cybercrime is criminal activity that
either targets or uses a computer, a
computer network or a networked
device. Most cybercrime is committed
by cybercriminals or hackers who want
 5

to make money. However, occasionally

cybercrime aims to damage computers
or networks for reasons other than
profit. These could be political or
personal.
Cybercrime can be carried out by
individuals or organizations. Some
cybercriminals are organized, use
advanced techniques and are highly
technically skilled. Others are novice

WHAT ARE THE TYPES OF

hackers.

CYBERCRIME?
 Email and internet fraud.
 Identity fraud (where personal
information is stolen and used)
 Theft of financial or card payment
data.
 Theft and sale of corporate data.
 Cyberextortion (demanding money
to prevent a threatened attack).
 Ransomware attacks (a type of
cyberextortion).
 6

 crypto jacking (where hackers mine

cryptocurrency using resources they
do not own).
 Cyberespionage (where hackers
access government or company
data).
 Interfering with systems in a way
that compromises a network.
 Infringing copyright.
 Illegal gambling.
 Selling illegal items online.
 Soliciting, producing, or possessing

WHY SHOULD WE KNOW

child pornography.

ABOUT CYBER-CRIME?
 In this tech-savvy world of 21st
century every one is engaged with
internet through WhatsApp, twitter,
Facebook, net- banking & lots of
other platforms are there.
 And some criminal mined persons
commit crimes here, which is
included under cybercrime.
 7

 So, we should be aware about crimes

happening around in the cyber -

WHAT IS CYBER-CRIME?
space.

SIMPLE THEORY:
 When you purchase a home, it come
with a door and a lock. you always
ensure that the door\lock exist and
working properly. You may even
purchase security systems.
 Well, why would you not secure your
investments?
 Likewise, your system is your home
and security tools are your door/lock.
 So, if someone breaches into your
home’s(system), accesses all your
personal accounts and tempers your
data, is the criminal who is
committed the crime.
 And committed crime is known as
cyber-crime.
 That means more precisely we can
say that – cyber crime is an illegal
activity committed on the internet.
8
Various categories of cyber-
9

crime.
 Again persons
 Against property

Against person:
 Against government

 Cybercrime committed against

persons include various crimes like
transmission of child – pornography,
harassment of any one with the use of
computer such as e-mail, and cyber-
stalking.
 The distribution, posting, and
dissemination of obscene material
including pornography, indecent
exposure, and child pornography,
constitutes one of the most important
cybercrimes known today. The
potential harm of such a crime to

Against property:
humanity can hardly be overstated.

 the second category of cybercrimes

is that of cybercrimes against all
 10

forms of property. These crimes

include unauthorized computer
trespassing through cyberspace,
computer vandalism, transmission of
harmful programs, and unauthorized
possession of computerized

against government:
information.

 the third category of cybercrimes

relate to cybercrimes against
government. Cyber terrorism is one
distinct kind of crime in this
category. The growth of internet has
shown that the medium of
cyberspace is being used by
individuals and groups to the
international governments as also to
threaten the citizens of a country.
This crime manifests itseft into
terrorism when an individual
“cracks” into a government or

Prevention of Cyber Crime:

military maintained website.
 11

Below are some points by means of

Use strong password:

which we can prevent cybercrime:
1.

Maintain different password and

username combinations for each
account and resist the temptation
to write them down. Weak
passwords can be easily cracked
using certain attacking methods
like Brute force attack, Rainbow
table attack etc, So make them
complex. That means combination
of letters, numbers and special
characters.
 12

Use trusted antivirus in

devices:
2.

Always use trustworthy and highly

advanced antivirus software in
mobile and personal computers.
This leads to the prevention of
different virus attack on devices.

3. Keep social media private:

Always keep your social media
accounts data privacy only to your
friends. Also make sure only to
make friends who are known to
 13

Keep your device

you.

software updated:
4.

Whenever you get the updates of

the system software update it at
the same time because sometimes
the previous version can be easily
attacked.

5. Use secure network:

Public Wi-Fi are vulnerable. Avoid
conducting financial or corporate
transactions on these networks.

Never open attachments in

spam emails:
6.

A computer get infected by malware

attacks and other forms of cybercrime
is via email attachments in spam
emails. Never open an attachment

Software should be
from a sender you do not know .

updated:
7.
 14

Operating system should be updated

regularly when it comes to internet
security. This can become a potential
threat when cybercriminals exploit

Impact of cybercrime:
flaws in the system.

Generally, cybercrime is on the rise.

According to Accenture’s State of
Cybersecurity Resilience 2021 report,
security attacks increased 31% from
2020 to 2021. The number of attacks
per company increased from 206 to 270
year on year. Attacks on companies
affect individuals too since many of
them store sensitive data and personal
information from customers.

A single attack – whether it’s a data

breach, malware, ransomware or DDoS
attack - costs companies of all sizes an
average of $200,000, and many
affected companies go out of business
within six months of the attack,
according to insurance company Hiscox.

Javelin Strategy & Research published

an Identity Fraud Study in 2021 which
 15

found that identity fraud losses for the

year totalled $56 billion.
For both individuals and companies, the
impact of cybercrime can be profound –
primarily financial damage, but also loss

B. WHAT IS CYBER
of trust and reputational dam

SECURITY?
Cyber security is a technique to protect
computers, networks, programs,
personal data, etc., from unauthorized
access and threats. It is an activity by
which information and other
communication systems are protected
and defended against the unauthorized
use or modification or exploitation of
the device. Cyber security is also called
information technology security. It
includes the techniques of protecting
computers, networks, programs and
data from unauthorized access or
attacks that can cause damage to them
or exploit them in any way. Basically,
cyber security is a technical approach to
secure systems from such attacks.
 16

Good cyber security recognizes all the

vulnerabilities and threats a computer
system or network contains. It then
identifies the cause of such
vulnerabilities and fixes those
vulnerabilities and threats and secures
the system. Strong cyber security
programs are based on a combination of
technological and human elements.
 17

Various elements of cyber

security:
For a strong cyber security system
certain elements are needed. The
elements are as following:
 Applicationsecurity: Applications
play an essential role in business
 18

ventures; that is why every firm

needs to focus on web application
security. Web application security is
important in order to protect
customers, their information and
interests. Application security helps
in thwarting any attempts to violate
the authorization limits set by the
security policies of the computer
system or networks.
 Information security: Information
includes business records, personal
data, customer’s data, intellectual
property etc; hence, it is important
for a corporation to have strong
cyber security for information to
prevent its leakage.
Information security involves
safeguarding sensitive information from
illegitimate access, usage, or any other
kind of damage. This also ensures that
the important data does not get lost
when any issue like natural disasters,
 19

malfunction of system, theft or other

potentially damaging situation arises.
The characteristics defining information
security are confidentiality, integrity and
availability. Information security also
includes Data Confidentiality, Data
integrity, Data availability, and Data
authenticity.

C. HISTORY
EVOLUTION OF
CYBERCRIME:
The history of cybercrime and security
spans several decades, beginning with
the emergence of computer technology
and the internet. Here's an overview of
the key milestones in this field:
 20

 Early Years (1960s-1980s):

The first instances of cybercrime were
largely non-malicious, consisting of
unauthorized access to computer
systems by enthusiasts known as
"hackers."
In the 1970s and 1980s, the focus
shifted to financial gain as hackers
started exploiting vulnerabilities in
computer networks for profit.
Notable incidents during this period
include the Morris Worm in 1988, which
infected thousands of computers and
brought attention to the need for
improved security measures.
 21

 Rise of the Internet (1990s):

The proliferation of the internet brought
about new opportunities for
cybercriminals, who began targeting
individuals, businesses, and
governments.
The 1990s saw a surge in hacking
activities, including website
defacements and the creation of
malicious software like viruses and
worms.
Financial fraud and identity theft also
became prevalent during this period,
facilitated by the growing popularity of
online banking and e-commerce.
 22

 Expansion of Cybercrime
(2000s):
The 2000s witnessed an increase in
sophisticated cybercrime operations,
often carried out by organized criminal
groups.
Malware attacks became more
prevalent, with viruses, worms, and
Trojans infecting systems and stealing
sensitive information.
Cybercriminals targeted financial
institutions, online payment systems,
and e-commerce platforms, leading to
significant financial losses.
 23

The emergence of botnets allowed

criminals to control networks of
compromised computers, which were
used for various malicious activities,
such as distributed denial-of-service
(DDoS) attacks.

 Advanced Persistent Threats

(APTs) and State-sponsored
Attacks:
In the late 2000s and early 2010s, APTs
and state-sponsored cyberattacks
gained prominence.
APTs involve long-term, stealthy
infiltration of targeted organizations'
 24

networks, aiming to steal sensitive

information or disrupt operations.
Notable examples include Operation
Aurora in 2009 and the Stuxnet worm in
2010, which targeted specific industries
and demonstrated the potential for

 Ransomware and Data

cyber warfare.

Breaches (2010s):
Ransomware attacks became a
significant threat, where malicious
software encrypts victims' files,
demanding a ransom for their release.
High-profile data breaches affecting
major corporations and institutions
exposed vast amounts of personal
information, leading to increased
concerns about privacy and
cybersecurity.
Cybercriminals targeted critical
infrastructure, such as power grids and
healthcare systems, highlighting the
potential for widespread disruption.
  Current Trends:
25

In recent years, cybercrime has

continued to evolve with new
techniques and tactics, such as
cryptojacking, social engineering, and
supply chain attacks.
Artificial intelligence and machine
learning have been employed both by
cybercriminals and security
professionals, creating a constant battle
of wits.
The proliferation of Internet of Things
(IoT) devices has introduced new
security challenges due to their
interconnected nature and often
inadequate security measures.
Governments and organizations
worldwide have increased efforts to
combat cybercrime, with the
establishment of specialized
cybersecurity agencies and the
implementation of stricter regulations.
 26

Overall, the history of cybercrime and

security demonstrates the ongoing arms
race between cybercriminals and those
working to protect digital systems. The
landscape continues to evolve rapidly,
emphasizing the need for constant
vigilance and innovation in

Real incidents:
cybersecurity practices.

Equifax Data Breach (2017):

Equifax, one of the largest credit
reporting agencies, suffered a massive
data breach that exposed sensitive
 27

information of approximately 147

million individuals.
The breach occurred due to a
vulnerability in a web application, which
allowed hackers to gain unauthorized
access to personal data, including
names, social security numbers, and
addresses.
WannaCry Ransomware Attack (2017):
The WannaCry ransomware attack
affected hundreds of thousands of
computers worldwide, targeting
organizations across various sectors,
including healthcare and government
agencies.
The malware exploited a vulnerability in
the Windows operating system and
encrypted files on infected computers,
demanding a ransom in exchange for
decryption keys.
 28

Capital One Data Breach

(2019):
Capital One, a major financial
institution, experienced a data breach
that exposed personal information of
over 100 million customers in the
United States and Canada.
The breach occurred due to a
misconfiguration in a web application
firewall, allowing a hacker to gain
unauthorized access to customer data

NotPetya Cyberattack (2017):

stored in the cloud.
 29

The NotPetya cyberattack was a

destructive malware outbreak that
affected organizations globally,
primarily in Ukraine.
The malware initially masqueraded as
ransomware, but its primary purpose
was to spread rapidly and cause
widespread disruption by overwriting
the master boot record of infected

SolarWinds Supply Chain

computers.

Attack (2020):
The SolarWinds attack was a highly
sophisticated supply chain attack that
targeted the software provider
SolarWinds.
The attackers compromised SolarWinds'
software development process, leading
to the distribution of a malicious
software update to thousands of
organizations, including government
agencies and Fortune 500 companies.
 30

Colonial Pipeline Ransomware

Attack (2021):
The Colonial Pipeline, which supplies
fuel to the eastern United States, fell
victim to a ransomware attack that
disrupted operations for several days.
The attack involved the DarkSide
ransomware group, which encrypted
critical systems and demanded a
ransom payment in exchange for
restoring access.
D. Cyber laws
31

What is Cyber Law?

Cyber laws, also known as cybercrime
laws or computer laws, are legal
frameworks that govern and regulate
activities related to the internet,
computers, and digital technologies.
These laws are designed to protect
individuals, organizations, and
governments from cyber threats, data
breaches, online fraud, and other forms
of cybercrime. The primary objectives of
cyber laws are to establish legal
guidelines, rights, and responsibilities in
cyberspace and to provide mechanisms
for preventing, detecting, and
responding to cybercrime.
The very first cyber law to exist was the
Computer Fraud and Abuse Act (1986.)
Currently, there are several cyber laws
around the world, and the penalties,
punishments, and regulations vary to an
extent.
32