Cyber Security
Uploaded by
rscafricatabCyber Security
Uploaded by
rscafricatabCyber Security[SEC-4]
Module-I: Introduction to Cyber security
Defining Cyberspace and Overview of Computer and Web-technology, Architecture of
cyberspace, Communication and web technology, Internet, World wide web, Advent of
internet, Internet infrastructure for data transfer and governance, Internet society,
Regulation of cyberspace, Concept of cyber security, Issues and challenges of cyber
security.
Defining Cyberspace
▪ The term Cyberspace was first coined by William Gibson in the year 1984.
▪ Cyberspace is the environment in which communication over computer networks occurs.
▪ Cyberspace is the virtual and dynamic space created by the machine clones. Cyberspace
mainly refers to the computer which is a virtual network and is a medium electronically
designed to help online communications to occur.
▪ The primary purpose of creating cyberspace is to share information and communicate
across the globe.
▪ Cyberspace is that space in which users share information, interact with each other; engage
in discussions or social media platforms, and many other activities.
▪ The whole Cyberspace is composed of large computer networks which have many sub-
networks. These follow the TCP or IP protocol.
Overview of Computer and Web-technology
Computer and web technology are integral parts of our modern world, shaping how we
communicate, work, learn, and entertain ourselves.
Computer Technology:
1. Hardware: Computers consist of physical components like the central processing unit (CPU),
memory (RAM), storage devices (HDD/SSD), input/output devices (keyboard, mouse,
monitor), and more. These components work together to process and store data.
2. Software: Software includes the operating system (e.g., Windows, macOS, Linux) and
various applications (e.g., Microsoft Office, web browsers, video games) that run on a
computer. Operating systems manage hardware resources and provide a user interface.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 1
Cyber Security[SEC-4]
3. Networking: Computers can connect to each other and the internet via wired (e.g.,
Ethernet) or wireless (e.g., Wi-Fi) networks. Networking enables data sharing,
communication, and remote access.
4. Security: Computer security is crucial to protect data and systems from threats like viruses,
malware, and hackers. Antivirus software, firewalls, and encryption are common security
measures.
5. Processing Power: Moore's Law predicts that the processing power of computers doubles
approximately every two years. This constant improvement drives innovations in various
fields, including artificial intelligence, scientific research, and data analysis.
Web Technology:
1. World Wide Web (WWW): The World Wide Web, commonly referred to as the web, is a
global system of interconnected documents and resources linked through hyperlinks. It
is accessed via web browsers.
2. Web Browsers: Web browsers like Google Chrome, Mozilla Firefox, and Microsoft Edge
allow users to access and interact with web content.
3. Web Development: Web development involves creating and maintaining websites and
web applications.
4. Web Servers: Web servers store and deliver web content to users' browsers upon
request. Popular web server software includes Apache, Microsoft IIS.
5. Web Security: Ensuring web security is critical to protect data and user privacy.
Measures include SSL/TLS encryption, secure authentication, and regular security
audits.
6. Web Standards: Organizations like the World Wide Web Consortium (W3C) establish
web standards to ensure compatibility and accessibility across different devices and
browsers.
Architecture of cyberspace
There isn't a single, specific architecture for cyberspace, as it encompasses a wide range of
technologies, protocols, and platforms. Some key components and concepts related to the
architecture of cyberspace are:
1. Network Infrastructure: At the core of cyberspace is the global network infrastructure,
often referred to as the Internet. This infrastructure comprises a vast array of
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 2
Cyber Security[SEC-4]
interconnected physical and virtual components, including routers, switches, data centers,
and undersea cables. The Internet's architecture is based on the Internet Protocol (IP),
which allows data packets to be routed across the network.
2. Protocols: Various communication protocols define how data is transmitted and received in
cyberspace. The Transmission Control Protocol (TCP) and Internet Protocol (IP) are
fundamental to the functioning of the Internet. Other protocols like HTTP (Hypertext
Transfer Protocol), SMTP (Simple Mail Transfer Protocol), and FTP (File Transfer Protocol)
govern specific types of data exchange.
3. Domain Name System (DNS): DNS is a crucial component of cyberspace that translates
human-readable domain names (e.g., www.example.com) into IP addresses. This system
enables users to access websites and resources by name rather than needing to remember
numeric IP addresses.
4. Data Centers: Data centers house the servers and storage infrastructure that store and
deliver digital content and services. They play a pivotal role in hosting websites, applications,
and cloud services.
5. Cybersecurity: The architecture of cyberspace includes various security measures to protect
data, networks, and users. Firewalls, encryption, intrusion detection systems, and antivirus
software are examples of cybersecurity components.
6. Web and Application Servers: These servers host websites, web applications, and other
online services. They respond to user requests, retrieve data from databases, and deliver
content to users' devices.
7. User Devices: These are the various devices through which users access cyberspace,
including computers, smartphones, tablets, and IoT devices. Each device has its own
hardware and software components that enable connectivity and interaction with
cyberspace.
8. Cloud Computing: Cloud services and platforms are an integral part of cyberspace
architecture. Cloud providers offer scalable computing resources, storage, and services,
allowing organizations to leverage the cloud for various purposes.
9. Social Media and Online Communities: Cyberspace also includes virtual communities and
social media platforms that enable users to connect, share information, and collaborate
online. These platforms have their own architectures and algorithms for content delivery
and interaction.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 3
Cyber Security[SEC-4]
10. Internet of Things (IoT): IoT devices are connected to cyberspace, enabling them to collect
and exchange data with other devices and systems. They play a role in creating the "smart"
aspect of cyberspace, connecting physical objects to the digital realm.
11. Regulations and Governance: Various laws and regulations govern cyberspace to ensure
security, privacy, and fair use. Organizations like ICANN (Internet Corporation for Assigned
Names and Numbers) oversee domain name management, while governments have
jurisdiction over aspects like data protection and cybersecurity.
Cyberspace is a dynamic and evolving environment, with new technologies and architectures
continually emerging. Its architecture is shaped by the needs of users, businesses, governments,
and the broader digital ecosystem. As such, it remains a subject of ongoing development,
discussion, and adaptation.
Communication and web technology
Communication and web technology are integral components of the modern digital landscape.
They encompass a wide range of technologies and tools that facilitate communication and the
dissemination of information over the internet. Some key aspects of communication and web
technology are:
1. Internet: The internet is the foundation of web technology. It is a global network of
interconnected computers and servers that allows for the transfer of data and information
across the world.
2. Web Browsers: Web browsers like Chrome, Firefox, Safari, and Edge are software
applications that enable users to access and interact with websites and web-based
applications.
3. Websites: Websites are collections of web pages that are hosted on web servers and can be
accessed through a web browser. They are created using various web technologies such as
HTML, CSS, and JavaScript.
4. Web Development: Web development involves designing, creating, and maintaining
websites. Web developers use various programming languages and frameworks to build
web applications and sites.
5. Web Standards and Protocols: Various standards and protocols govern web technology,
including HTTP/HTTPS (for data transfer), HTML5, CSS3, and more.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 4
Cyber Security[SEC-4]
6. Mobile Web: Mobile web technology focuses on optimizing websites and applications for
mobile devices, ensuring a seamless user experience on smartphones and tablets.
Internet
▪ The word Internet is derived from the word internetwork, or the connecting together two
or more computer networks.
▪ The Internet started in the 1960s as a way for government researchers to share information.
▪ Computers in the '60s were large and immobile and in order to make use of information
stored in any one computer, one had to either travel to the site of the computer or have
magnetic computer tapes sent through the conventional postal system.
▪ January 1, 1983 is considered the official birthday of the Internet. Prior to this, the various
computer networks did not have a standard way to communicate with each other.
▪ A new communications protocol was established called Transfer Control
Protocol/Internetwork Protocol (TCP/IP). This allowed different kinds of computers on
different networks to "talk" to each other.
▪ Transmission Control Protocol/Internet Protocol (TCP/IP)
− TCP/IP is a suite of communication protocols used to interconnect network devices on
the Internet.
− TCP establishes the connections between sending and receiving computers, and makes
sure that packets sent by one computer are received in the same sequence by the other,
without any packets missing.
− IP provides the Internet’s addressing scheme and is responsible for the actual delivery
of the packets.
− TCP/IP is divided into four separate layers, with each layer handling a different aspect of
the communication problem.
World Wide Web (WWW)
▪ The World Wide Web was invented by a British scientist, Tim Berners-Lee in 1989.
▪ World Wide Web, which is also known as a Web, is a collection of websites or web pages
stored in web servers and connected to local computers through the internet.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 5
Cyber Security[SEC-4]
▪ These websites contain text pages, digital images, audios, videos, etc. Users can access the
content of these sites from any part of the world over the internet using their devices such
as computers, laptops, cell phones, etc.
▪ The WWW, along with the internet, enables the retrieval and display of text and media to
your device.
▪ The building blocks of the Web are web pages which are formatted in HTML and connected
by links called "hypertext" or hyperlinks and accessed by HTTP.
Advent of internet
▪ The Internet started off with research into what was then known as packet switching as
early as the 1960s.
▪ ARPANET is considered the first known group of interconnected computers aka the internet.
This system was used to transfer confidential data between the Military.
▪ This data-sharing technology was then opened to educational institutes in the United States
to allow them to access to government’s supercomputer, first at 56 kbit/s, then at 1.5
Mbit/s, and then at 45 Mbit/s.
▪ Internet service providers began to arise in the late 1980s and the internet was fully
commercialized in the US by 1995.
▪ The history of the Internet can be segmented into three phases
1. Innovation Phase
2. Institutionalization Phase
3. Commercialization Phase
Innovation Phase (1961 to 1974)
− The fundamental building blocks of the Internet—packet-switching hardware, a
communications protocol called TCP/ IP, and client/server computing were
conceptualized and then implemented in actual hardware and software.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 6
Cyber Security[SEC-4]
Institutionalization Phase (1975 to 1995)
− large institutions such as the U.S. Department of Defense (DoD) and the National
Science Foundation (NSF) provided funding and legitimization for the fledging
Internet.
Commercialization Phase (1995 to the present)
− The U.S. government encouraged private corporations to take over and expand the
Internet backbone as well as local service beyond military installations and college
campuses to the rest of the population around the world.
Internet infrastructure for data transfer and governance
▪ Internet infrastructure for data transfer and governance encompasses the physical and
virtual systems, protocols, and regulations that enable the secure, efficient, and reliable
exchange of data across the global network.
▪ This infrastructure plays a critical role in ensuring data privacy, security, and compliance with
regulations.
▪ Here are key components and considerations for internet infrastructure related to data
transfer and governance:
1. Network Infrastructure
− Backbone Networks: High-speed, long-distance networks that form the core of the
internet, connecting major data centers and internet exchange points (IXPs).
− Last-Mile Connectivity: The connection from service providers to end-users,
including wired (e.g., fiber-optic, DSL) and wireless (e.g., 5G, Wi-Fi) technologies.
− Data Centers: Facilities that house servers and storage devices, providing the
infrastructure for web hosting, cloud computing, and data storage.
2. Protocols and Standards
− Internet Protocol (IP): The foundation of internet communication, ensuring data
packets can be routed across networks.
− Transport Layer Security (TLS): Encryption protocol for securing data in transit.
− Hypertext Transfer Protocol (HTTP) and HTTPS: Protocols for web data transfer, with
HTTPS adding a security layer.
− DNSSEC: Enhances the Domain Name System (DNS) by adding a layer of security
through digital signatures.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 7
Cyber Security[SEC-4]
3. Data Centers and Cloud Services
− Major providers like Amazon Web Services (AWS), Microsoft Azure, and Google
Cloud offer robust infrastructure and tools for data storage and processing.
4. Data Governance and Regulation
− Data Privacy Regulations: Compliance with laws like GDPR (in Europe), CCPA (in
California), and HIPAA (for healthcare data).
− Data Retention Policies: Guidelines for storing and managing data for specific
periods.
− Data Access Controls: Systems to restrict and monitor who can access and modify
data.
− Data Encryption: Ensuring data at rest and in transit is properly encrypted to
protect against unauthorized access.
5. Cybersecurity
− Robust security measures, including firewalls, intrusion detection systems, and
regular security audits, are essential to protect data during transfer.
6. Internet Governance Bodies
− Organizations like ICANN (Internet Corporation for Assigned Names and Numbers)
oversee domain name system management and policy.
− Multistakeholder governance models involve various stakeholders, including
governments, businesses, and civil society, in shaping internet governance.
7. Content Delivery Networks (CDNs)
− CDNs like Akamai and Cloudflare optimize data delivery by caching content at
various locations worldwide, reducing latency.
8. Quality of Service (QoS)
− Ensuring data transfer meets performance requirements, especially for applications
like video conferencing and online gaming.
9. International Collaboration
− Cooperation among nations is essential to establish international norms and
agreements related to data transfer and governance.
10. Data Transfer Agreements
− Agreements like Privacy Shield and Standard Contractual Clauses facilitate the
lawful transfer of data across borders.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 8
Cyber Security[SEC-4]
Internet society
▪ Internet Society (ISOC) A professional membership society that promotes the use and future
development of the Internet. It has individual and organization members all over the world
and is governed by an elected board of trustees. ISOC coordinates various groups
responsible for Internet infrastructure.
▪ These include
1. The Internet Engineering Task Force (IETF),
2. The Internet Architecture Board (IAB), and
3. The Internet Engineering Steering Group (IESG).
▪ The IETF develops technical standards for the Internet.
▪ The IAB has overall responsibility for the architecture and adjudicates on disputes about
standards.
▪ The IESG, along with the IAB, reviews standards proposed by the IETF
Regulation of cyberspace
▪ Cyberspace spans worldwide, but it has no formal framework. The lack of formal framework
makes cyberspace nobody's domain
▪ No single individual, entity, or government owns or controls cyberspace.
▪ Regulation in cyberspace is an emerging challenge
▪ The default in cyberspace is anonymity. Anonymity encourages and enhances the exercise
of freedom. A child too shy to express himself in physical space can feign to be somebody
else in virtual space, and express himself freely.
▪ Crimes of global repercussion are also committed with the use of the internet. Trafficking of
persons, child pornography, kidnapping for ransom, and terrorism are perpetrated with the
use of cyberspace. Freedom thus in cyberspace should not be exercised without the
concomitant responsibility of its users.
▪ Practical Problems In Extending The Traditional Laws To Cyberspace
1. Multiple Jurisdictions-Because of anonymity of the Internet user, absence of
geographical boundaries in the cyberspace, and the cross border effect of Internet
transactions, all legal systems face legal uncertainty.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 9
Cyber Security[SEC-4]
2. Problem of Policing-The lack of technical knowledge, non-co-operation among
different police organization etc., make the problem too difficult to be solved.
3. Expensive Process-Training of law enforcement officers to solve the issue of
cybercrime is very expensive.
4. Obtaining Digital Evidence- Another instance where the policing of cybercrime
becomes difficult is with regard to obtaining the digital evidence.
Concept of cyber security
▪ cybersecurity is the practice of protecting computer systems, networks, and data from theft,
damage, or unauthorized access.
▪ It encompasses a wide range of technologies, processes, and practices designed to
safeguard digital information and ensure the confidentiality, integrity, and availability of
data.
1. Confidentiality: This principle focuses on ensuring that sensitive information is only
accessible to authorized individuals or systems. It involves encryption, access controls,
and data classification to prevent unauthorized access or disclosure.
2. Integrity: Integrity in cybersecurity means that data and systems are accurate and
trustworthy. Any unauthorized modification or tampering with data or systems should
be detected and prevented. Techniques like checksums and digital signatures are used
to maintain data integrity.
3. 3. Availability: Availability ensures that systems and data are accessible when
needed. Cyberattacks can disrupt services or make them unavailable, so cybersecurity
measures aim to prevent or mitigate such disruptions through redundancy, load
balancing, and disaster recovery planning.
4. Authentication: Authentication is the process of verifying the identity of users,
devices, or systems trying to access resources. This can be achieved through
passwords, biometrics, two-factor authentication (2FA), and multi-factor
authentication (MFA).
Cyber Attacks
▪ A cyber-attack is an exploitation of computer systems and networks. It uses malicious code
to alter computer code, logic or data and lead to cybercrimes, such as information and
identity theft.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 10
Cyber Security[SEC-4]
▪ Cyber-attacks can be classified into the following categories:
1. Web-based attacks
2. System-based attacks
Web-based attacks
▪ These are the attacks which occur on a website or web applications. Some of the important
web-based attacks are as follows-
I. Injection attacks :It is the attack in which some data will be injected into a web
application to manipulate the application and fetch the required information.
II. Session Hijacking :It is a security attack on a user session over a protected network. Web
applications create cookies to store the state and user sessions. By stealing the cookies,
an attacker can have access to all of the user data.
III. Phishing: Phishing is a type of attack which attempts to steal sensitive information like
user login credentials and credit card number. It occurs when an attacker is masquerading
as a trustworthy entity in electronic communication.
IV. Denial of Service:It is an attack which meant to make a server or network resource
unavailable to the users. It accomplishes this by flooding the target with traffic or sending
it information that triggers a crash.
System-based attacks
▪ These are the attacks which are intended to compromise a computer or a computer
network. Some of the important system-based attacks are as follows-
I. Virus :It is a type of malicious software program that spread throughout the computer files
without the knowledge of a user. It is a self-replicating malicious computer program that
replicates by inserting copies of itself into other computer programs when executed. It can
also execute instructions that cause harm to the system.
II. Worm :It is a type of malware whose primary function is to replicate itself to spread to
uninfected computers. It works same as the computer virus. Worms often originate from
email attachments that appear to be from trusted senders.
III. Trojan horse : it is a malicious program that occurs unexpected changes to computer setting
and unusual activity, even when the computer should be idle. It misleads the user of its true
intent. It appears to be a normal application but when opened/executed some malicious
code will run in the background.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 11
Cyber Security[SEC-4]
Cyber Threat
• A Cyber threat is any malicious act that attempts to gain access to a computer network
without authorization or permission from the owners.
• It refers to the wide range of malicious activities that can damage or disrupt a computer
system, a network or the information it contain.
Cyber Threat Cyber Attack
A Threat by definition is a condition /
An Attack by definition is an intended action to
circumstance which can cause damage to the
cause damage to system/asset.
system/asset.
Threats can be intentional like human negligence The attack is a deliberate action. An attacker has
or unintentional like natural disasters. a motive and plan the attack accordingly.
A Threat may or may not malicious. An Attack is always malicious.
Chance to damage or information alteration The chance to damage or information
varies from low to very high. alternation is very high.
Issues and challenges of cyber security
▪ Cybersecurity faces numerous issues and challenges due to the ever-evolving nature of
technology and the increasing sophistication of cyber threats.
▪ Some of the key issues and challenges in cybersecurity include:
1. Cyber Attacks: The constant threat of cyberattacks from various actors, including hackers,
cybercriminals, nation-states, and hacktivists, is a significant challenge. These attacks can
take various forms, such as malware, ransomware, phishing, and distributed denial of
service (DDoS) attacks.
2. Data Breaches: Data breaches can have severe consequences for organizations and
individuals. The theft or exposure of sensitive data, such as personal information, financial
records, or intellectual property, can lead to financial losses, reputational damage, and
legal liabilities.
3. Security Vulnerabilities: Software and hardware vulnerabilities are exploited by attackers
to gain unauthorized access or control over systems. Identifying and patching these
vulnerabilities in a timely manner is a constant challenge.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 12
Cyber Security[SEC-4]
4. Insider Threats: Insider threats, where individuals within an organization misuse their
access and privileges, can be particularly challenging to detect and prevent. This includes
employees, contractors, or partners who intentionally or unintentionally compromise
security.
5. Lack of Cybersecurity Awareness: Many individuals and employees lack awareness of
cybersecurity best practices, making them susceptible to social engineering attacks and
other cyber threats.
6. Resource Constraints: Smaller organizations and even some larger ones may lack the
resources and expertise needed to implement robust cybersecurity measures. This can
leave them vulnerable to attacks.
7. Ransomware: Ransomware attacks have surged in recent years, with cybercriminals
encrypting data and demanding a ransom for decryption keys. These attacks can disrupt
critical operations and result in significant financial losses.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 13
Cyber Security[SEC-4]
Module-II: Cybercrime and Cyber law
Classification of cyber crimes, Common cyber crimes- cyber crime targeting
computers and mobiles, cyber crime against women and children, financial frauds,
social engineering attacks, malware and ransomware attacks, zero day and zero
click attacks, Cybercriminals modus-operandi, Reporting of cyber crimes, Remedial
and mitigation measures, Legal perspective of cyber crime, IT Act 2000 and its
amendments, Cyber crime and offences, Organizations dealing with Cybercrime and
Cyber security in India, Case studies.
What are cyber crimes
▪ Cyber crimes are crimes that involve criminal activities done through cyberspace by devices
connected to the internet.
▪ At times, cyber crimes are also called ‘computer crimes’.
▪ The major objective of committing such crimes is to gather confidential data from people
and use it for monetary, political, or personal motives.
Classification of cyber crimes
Classifying cybercrimes-broad and narrow
Cybercrime in Narrow Sense Cybercrime in Broad Sense
Role of Computer as an object Computer as a tool Computer as the
computer The computer / information The computer/or environment or context
stored on the computer is the information stored The computer /
subject/target of the crime on the computer information stored on the
constitutes an computer play a non-
important tool for substantial role in the act
committing the of crime, but does
crime contain evidence of the
crime
Examples Hacking, sabotage, virtual Computer fraud, Murder using computer
child pornography forgery distribution techniques, bank robbery
of child and drugs trade
pornography
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 1
Cyber Security[SEC-4]
cyber crimes can be classified under three heads, depending on the groups they are targeted at.
1. Cyber crime against Individual
▪ Email spoofing: A spoofed email is one in which the e-mail header is forged so
that the mail appears to originate from one source but actually has been sent
from another source.
▪ Spamming: Spamming means sending multiple copies of unsolicited mails or
mass e-mails such as chain letters.
▪ Cyber Defamation: This occurs when defamation takes place with the help of
computers and/or the Internet. E.g. someone publishes defamatory matter
about someone on a website or sends e-mails containing defamatory
information.
▪ Harassment & Cyber stalking: Cyber Stalking Means following an individual's
activity over internet. It can be done with the help of many protocols available
such as e- mail, chat rooms, user net groups.
2. Cyber crime Against Property
▪ Credit Card Fraud: As the name suggests, this is a fraud that happens by the use
of a credit card. This generally happens if someone gets to know the card number
or the card gets stolen.
▪ Intellectual Property crimes: These include Software piracy: Illegal copying of
programs, distribution of copies of software. Copyright infringement: Using
copyrighted material without proper permission. Trademarks violations: Using
trademarks and associated rights without permission of the actual holder. Theft
of computer source code: Stealing, destroying or misusing the source code of a
computer.
▪ Internet time theft: This happens by the usage of the Internet hours by an
unauthorized person which is actually paid by another person.
3. Cyber crime Against Organization
▪ Unauthorized Accessing of Computer: Accessing the computer/network
without permission from the owner. It can be of 2 forms: a)
Changing/deleting data: Unauthorized changing of data. b) Computer
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 2
Cyber Security[SEC-4]
voyeur: The criminal reads or copies confidential or proprietary information,
but the data is neither deleted nor changed.
▪ Denial Of Service : When Internet server is flooded with continuous bogus
requests so as to denying legitimate users to use the server or to crash the
server.
▪ Computer contamination / Virus attack: A computer virus is a computer
program that can infect other computer programs by modifying them in such
a way as to include a (possibly evolved) copy of it. Viruses can be file infecting
or affecting boot sector of the computer. Worms, unlike viruses do not need
the host to attach themselves to.
▪ Email Bombing: Sending large numbers of mails to the individual or company
or mail servers thereby ultimately resulting into crashing.
▪ Salami Attack: When negligible amounts are removed & accumulated in to
something larger. These attacks are used for the commission of financial
crimes.
▪ Logic Bomb: It is an event dependent program. As soon as the designated
event occurs, it crashes the computer, release a virus or any other harmful
possibilities.
▪ Trojan Horse: This is an unauthorized program which functions from inside
what seems to be an authorized program, thereby concealing what it is
actually doing.
▪ Data diddling: This kind of an attack involves altering raw data just before it
is processed by a computer and then changing it back after the processing is
completed.
4. Cyber crime Against Society
▪ Forgery : Currency notes, revenue stamps, mark sheets etc. can be forged using
computers and high quality scanners and printers.
▪ Cyber Terrorism : Use of computer resources to intimidate or coerce
people and carry out the activities of terrorism.
▪ Web Jacking : Hackers gain access and control over the website of another,
even they change the content of website for fulfilling political objective or for
money.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 3
Cyber Security[SEC-4]
Cyber crime targeting computers and mobiles
▪ Cybercrime targeting computers and mobile devices is a growing concern in today's digital
world.
▪ These crimes encompass a wide range of illegal activities conducted using technology, often
with the goal of financial gain, data theft, or causing harm to individuals, organizations, or
governments.
▪ Here are some common types of cybercrimes that target computers and mobiles:
1. Malware Attacks: Malicious software (malware) is designed to infect computers and
mobile devices. This includes viruses, worms, Trojans, ransomware, spyware, and
adware. Malware can steal data, damage systems, or hold data hostage for a ransom.
2. Phishing: Phishing attacks involve tricking individuals into revealing sensitive
information like passwords, credit card numbers, or personal details by posing as a
legitimate entity through email, text messages, or fake websites.
3. Identity Theft: Cybercriminals can steal personal information, such as Social Security
numbers and financial data, to commit fraud, open accounts in victims' names, or
access their financial resources.
4. Online Scams: Various online scams target individuals, such as advance-fee fraud,
lottery scams, and romance scams. These scams deceive people into sending money
or personal information to fraudsters.
5. DDoS Attacks: Distributed Denial of Service (DDoS) attacks overwhelm a target's
computer or network with traffic, making it unavailable to users. These attacks are
often used to disrupt services or extort money.
6. Data Breaches: Cybercriminals infiltrate organizations to steal sensitive data like
customer information, trade secrets, or financial records. These breaches can result in
significant financial losses and reputational damage.
7. Cyberbullying: Cyberbullying involves the use of technology to harass, threaten, or
intimidate individuals. It can take place through social media, messaging apps, or
email.
8. Mobile Device Theft and Hacking: Criminals can steal mobile devices for resale or hack
into them to access personal data, financial information, or install malware.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 4
Cyber Security[SEC-4]
9. Cyber Extortion: Criminals may threaten to release sensitive or embarrassing
information unless a victim pays a ransom. This can involve sextortion (threatening to
expose explicit content) or other forms of extortion.
10. Insider Threats: Employees or individuals with insider access to computer systems and
data may misuse their privileges to steal or manipulate information.
11. Cryptojacking: Cybercriminals use a victim's computer or mobile device to mine
cryptocurrency without their consent, which can slow down the device and increase
energy consumption.
▪ To protect against cybercrime targeting computers and mobiles, individuals and
organizations should implement robust cybersecurity measures, regularly update software,
use strong passwords, be cautious when clicking on links or downloading files, and stay
informed about the latest cyber threats and best practices.
Cyber crime against women and children
▪ Cybercrimes against women and children are particularly concerning because they often
involve harassment, exploitation, or abuse of vulnerable individuals. Here are some
common types of cybercrimes targeted at women and children:
1. Cyberbullying: Both women and children can be victims of cyberbullying, which
includes online harassment, threats, and intimidation. Perpetrators may use social
media, messaging apps, or other digital platforms to target their victims.
2. Online Harassment: This includes sending unsolicited, offensive, or threatening
messages, images, or videos to women or children. It can be a form of cyberbullying
and may have severe emotional and psychological effects.
3. Revenge Porn: Perpetrators may share explicit or intimate images or videos of women
without their consent, often as an act of revenge. This is a violation of privacy and can
cause significant harm to victims.
4. Sexting Exploitation: In cases involving children, sexting can lead to exploitation when
someone coerces or blackmails minors into sharing explicit images or videos. This can
have legal and psychological consequences for the child involved.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 5
Cyber Security[SEC-4]
5. Online Grooming: Predators may use online platforms to groom children for sexual
exploitation. They build trust with the child and gradually manipulate them into
sharing personal information or engaging in inappropriate activities.
6. Child Pornography: The distribution, possession, or creation of child pornography is
illegal and exploits children. Criminals often use the internet to share such material.
7. Online Trafficking: Human traffickers may use the internet to lure and exploit women
and children, including for purposes of forced labor or sexual exploitation. Online
platforms can be used to recruit victims.
8. Cyberstalking: This involves persistent and unwanted online attention, often leading
to fear or emotional distress. Women and children can be targeted by cyberstalkers
who may threaten or harass them through digital means.
9. Financial Fraud: Women can also be victims of financial fraud, including online scams
targeting personal finances or online dating scams where perpetrators exploit
emotional connections for financial gain.
10. Privacy Violations: Privacy breaches can occur when personal information or
photographs are shared without consent, affecting both women and children. This can
lead to identity theft or other forms of cybercrime.
▪ To combat cybercrimes against women and children, various organizations and
governments have implemented laws and initiatives aimed at raising awareness, providing
support to victims, and prosecuting offenders.
Financial frauds
▪ Financial frauds can have devastating consequences for individuals and the economy as a
whole. While digital payments have made life convenient and easy In India, they have also
made us prone to all kinds of financial frauds.
▪ Ponzi Schemes: A Mirage of False Promises
• Ponzi schemes lure investors with promises of unusually high returns in a short period.
The fraudsters use funds from new investors to pay off earlier investors, creating a false
illusion of profitability.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 6
Cyber Security[SEC-4]
• One infamous example is the Saradha chit fund scam, where millions of investors lost
their hard-earned money. The group, consisting of over 200 private companies, falsely
portrayed its collective investment schemes as chit funds.
• With an estimated collection of ₹200 to 300 billion (US$4–6 billion), the scheme
managed to attract deposits from more than 1.7 million individuals before its eventual
downfall.
▪ Identity fraud
• Identity fraud is common on Internet. Criminals have a few options when it comes to
stealing your sensitive information.
• They might target you with a phishing attack where they email, call, or text pretending
to be from your bank. Or, they could target you with a cyber attack to get you to install
malware on your devices that steals your logins and passwords.
• How do you know you're being targeted?
− Unfamiliar transactions on your credit card.
− Strange charges on your bank statements.
− New credit cards or loans in your name.
− Missing or error-filled tax returns.
− Calls from debt collectors about purchases you didn’t make.
− A drop in credit score.
− Bounced checks.
▪ Fraudulent charities
• Scammers use philanthropy as fraud, too. Charity fraud entails creating a fake charity and
collecting “donations” that disappear along with the thief
• How does charity fraud happen?
− Scammers create fake charities — like military veteran charities — that sound like
ones you know and trust. These scams are especially common during natural
disasters or international news events.
• What are the warning signs?
− Claiming that you’re a previous donor when you know you’ve never sent them
money.
− Only accepting donations through cash, cryptocurrency, gift cards, or wire
transfers
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 7
Cyber Security[SEC-4]
▪ Credit card fraud
• There are several ways that criminals can steal your credit card information. They could steal
your physical card, trick you into entering information on a phishing website or email, buy
your details on the Dark Web, or use any number of other credit card scams.
• Hackers can also create a clone of your physical card using just your credit card numbers.
• What are the warning signs?
− Suspicious transactions on your credit card or bank statement.
− Small unfamiliar charges on your account. (Fraudsters use a scam called carding to
validate your credit card before making large purchases.)
− Fraud alerts from your bank, credit card issuer, or credit monitoring service.
▪ Stock Market Manipulation
• Stock market manipulation includes activities like price rigging, spreading false information,
insider trading, and pump-and-dump schemes. Fraudsters manipulate stock prices,
deceiving investors and causing significant financial losses.
• The Satyam Computer Services scandal is a prime example, where the company’s
promoters manipulated financial statements to inflate stock prices.
▪ Bank Frauds
• Bank frauds encompass various fraudulent activities, including loan frauds, cheque
frauds, forged documents, and unauthorized transactions. These frauds result in
substantial financial losses for banks and individuals.
• One notable case is the Nirav Modi-PNB scam, where fraudulent Letters of
Undertaking were issued, causing a massive loss to Punjab National Bank.
▪ How to protect yourself against financial frauds
1. Protect your personal information
2. Monitor financial activities
3. Be cautious online
4. Use strong passwords and enable two-factor authentication
5. Stay informed about scams
6. Keep your devices secure
7. Exercise caution with public Wi-Fi
8. Verify before sharing information
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 8
Cyber Security[SEC-4]
Social Engineering Attacks
Social Engineering
▪ It is the “technique to influence” & “persuasion to deceive” people to obtain the
information.
▪ It exploits the fact that people are the weak link in security.
▪ Social engineers build the trust with the victim/person to gain the unauthorized
information/access
▪ Their goal is to fool someone into providing valuable information.
▪ Example: The attacker (social engineer) calling a user & pretending to be a tech support
person & ask questions about the confidential files, passwords, etc.
Classification of Social Engineering
1. Human based Social Engineering:
▪ It refers to person to person interaction to get the unauthorized information.
▪ The following are its different types.
i. Impersonating an employee or valid user: The attacker impersonates/poses as an
employee of the same organization to take the advantage from the people who are
helpful.
ii. Posing as important user: The attacker pretends to be a CEO/Manager who intimidates
lower level employee in order to gain access to the system.
iii. Using a third person: The attacker pretends to have permission from an authorized
source/person (who cannot be contacted for verification) to use a system.
iv. Calling technical support: Attacker calls help desk or tech support personnel to obtain
the information since they are trained to help users.
v. Shoulder surfing: It involves gathering information (usernames, passwords, etc) by
watching over a person’s shoulder while he/she logs into the system.
vi. Dumpster diving (Scavenging/Binning): It involves looking in the trash/dustbin for
information written on pieces of paper, computer print outs, etc.
2. Computer based Social Engineering
▪ It refers to the attempts made to get the unauthorized information by using
computer/software/internet.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 9
Cyber Security[SEC-4]
▪ The following are its different types.
i.Fake emails: It involves the attacker sending fake emails (pretending as a legitimate
email) to a number of users in order to make the users to reveal their sensitive
information such as usernames, passwords, credit card details, etc. It is also called
as Phishing.
ii.Email attachments: It involves sending malicious codes to victim’s system in the form
of an email attachment. The virus, worms, etc which will be present in the email
attachment will be automatically executed if the victim opens the attachment.
iii.Pop-up windows: They are used similar to email attachments but they encourage
the victim to click on special offers or free stuffs so that the malicious code can be
installed to the system.
Effects of Social Engineering:
▪ Loss/altering of medical & healthcare information, corporate financial data, electronic funds
transfers, etc.
▪ Loss of customers
▪ Loss of funds
▪ Loss of trust
▪ Collapse of the organization
Counter measures (Security) against Social Engineering:
▪ Providing training/awareness to the potential victims at regular intervals about the attacks
▪ Creating awareness on how attackers gain the trust of the victims
▪ Strict policies about service desk staff, not to ask for personal/sensitive information
▪ Educate potential victims to recognize social engineering attempt
Malware and Ransomware attacks
Malware Attacks
▪ Malware attacks are any type of malicious software designed to cause harm or damage to
a computer, server, client or computer network and/or infrastructure without end-user
knowledge
▪ Cyber attackers create, use and sell malware for many different reasons, but it is most
frequently used to steal personal, financial or business information.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 10
Cyber Security[SEC-4]
Types of Malware
1. Adware: Display ads (sometimes malicious ads) to users as they work on their computers or
browse the web.
2. Viruses: A virus infects a computer and performs a variety of payloads. It may corrupt files,
destroy operating systems, delete or move files, or deliver a payload at a specific date.
3. Worms: A worm is a self-replicating virus, but instead of affecting local files, a worm spreads
to other systems and exhausts resources.
4. Trojans: A Trojan is named after the Greek war strategy of using a Trojan horse to enter the
city of Troy. The malware masquerades as a harmless program, but it runs in the background
stealing data, allowing remote control of the system, or waiting for a command from an
attacker to deliver a payload.
5. Bots: Infected computers can become a part of a botnet used to launch a distributed denial-
of-service by sending extensive traffic to a specific host.
6. Keyloggers: Capture keystrokes as users type in URLs, credentials, and personal information
and send it to an attacker.
7. RAT: “Remote access tools” enable attackers to access and control the targeted device
remotely.
8. Downloaders: Download other malware to install locally. The type of malware depends on
the attacker’s motives.
9. POS: Compromise a point-of-sale (PoS) device to steal credit card numbers, debit card and
PINs, transaction history, and contact information.
How do I know I’ve been infected with malware?
▪ The most common signs that your computer has been compromised by malware are:
▪ Slow computer performance
▪ Browser redirects, or when your web browser takes you to sites you did not intend to visit
▪ Infection warnings, frequently accompanied by solicitations to buy something to fix them
▪ Problems shutting down or starting up your computer
▪ Frequent pop-up ads
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 11
Cyber Security[SEC-4]
How can I protect myself from malware?
1. Protect your devices
▪ Keep your operating system and applications updated. Cybercriminals look for
vulnerabilities in old or outdated software, so make sure you install updates as soon as
they become available.
▪ Never click on a link in a popup. Simply close the message by clicking on “X” in the upper
corner and navigate away from the site that generated it.
▪ Limit the number of apps on your devices. Only install apps you think you need and will
use regularly. And if you no longer use an app, uninstall it.
2. Be careful online
▪ Avoid clicking on unknown links. Whether it comes via email, a social networking site or
a text message, if a link seems unfamiliar, keep away from it.
▪ Be selective about which sites you visit. Do your best to only use known and trusted sites,
▪ Beware of emails requesting personal information. If an email appears to come from your
bank and instructs you to click a link and reset your password or access your account,
don't click it. Go directly to your online banking site and log in there.
▪ Avoid risky websites, such as those offering free screensavers.
3. Perform regular checks
▪ If you are concerned that your device may be infected, run a scan using the security
software you have installed on your device.
▪ Check your bank accounts and credit reports regularly.
Ransomware Attack
▪ A ransomware attack is a malware that encrypts personal information and documents while
demanding a ransom amount to decrypt them.
▪ Once the files are encrypted or locked behind a password, a text file is available to the
victim, explaining how to make the ransom payment and unlock the files for it.
How Does a Ransomware Attack Work?
▪ The spread of ransomware mostly starts with phishing attacks. A ransomware attack gains
access to a victim's device through infected emails, messages, and malicious sites
and encrypts the data in that device.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 12
Cyber Security[SEC-4]
▪ The ransomware uses simple asymmetric encryption algorithms, blocks a user's files, and
makes them difficult to decrypt without knowing the key.
▪ Another way to breach a system with ransomware is by using the Remote Desktop Protocol
or RDP access. It can access remotely a computer using this protocol, allowing a hacker to
install malicious software on the system with the owner, unaware of these developments.
▪ Ransomware adds instruction files describing the pay-for-decryption process, then uses
those files to present a ransom note to the user.
▪ Ransomware usually terminates and destroys itself by leaving only the payment instruction
files.
Types of Ransomware
1. Locker ransomware
▪ It is a type of malware that blocks standard computer functions from being accessed
until the payment to the hackers is not complete.
▪ It shows a lock screen that doesn't allow the victim to use the computer for primary
purposes.
2. Crypto ransomware
▪ This ransomware encrypts the local files and documents on the computers.
▪ Once the files are encrypted, finding the decryption key is impossible unless the
ransomware variant is old and the keys are already available on the internet.
3. Scareware
▪ It is a fake software that claims to have detected a virus or other issue on your
computer and directs you to pay to resolve the problem.
▪ Some scareware locks the computer, while others flood the screen with pop-up alerts
without damaging files.
How to Prevent Ransomware Attacks?
▪ One must always have backups of their data. Cloud storage for backup is easy,
but a physical backup in a hard drive is always recommended.
▪ Keeping the system updated with the latest security patches is always a good
idea.
▪ Apart from system updates, one must always have reputed antivirus software
installed.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 13
Cyber Security[SEC-4]
▪ If a system is infected with ransomware already, there is a website,
'nomoreransom.org.' It has a collection of decryption tools for most well-known
ransomware packages.
Zero day and Zero click attacks
Zero day
▪ Software often has security vulnerabilities that hackers can exploit to cause havoc.
▪ The term "zero-day" refers to the fact that the vendor or developer has only just learned of
the flaw – which means they have “zero days” to fix it.
▪ A zero-day attack takes place when hackers exploit the flaw before developers have a
chance to address it.
▪ Zero-day attackers can steal data, corrupt files, take control of devices, install malware or
spyware, and more.
▪ Typical targets for a zero-day exploit include:
1. Government departments.
2. Large enterprises.
3. Individuals with access to valuable business data, such as intellectual property.
4. Hardware devices, firmware and Internet of Things (IoT).
Recent Examples of Zero Day Attacks
▪ In December 2021, Amazon Web Services, Microsoft, Cisco, Google Cloud, and IBM were
among the major tech players affected by the Log4j vulnerability in an open-source logging
library.
▪ In 2021, Google's Chrome suffered a series of zero-day threats, causing Chrome to issue
updates. The vulnerability stemmed from a bug in the V8 JavaScript engine used in the web
browser.
▪ Zoom was targeted in 2020. Hackers were able to remotely access users’ PCs if the video
conferencing platform was running on an older version of Windows.
▪ Apple’s iOS fell victim in 2020 to two sets of zero-day bugs that saw attackers compromising
iPhones remotely.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 14
Cyber Security[SEC-4]
How to protect yourself against zero-day attacks
1. Keep all software and operating systems up to date. This is because the vendors include
security patches to cover newly identified vulnerabilities in new releases. Keeping up to date
ensures you are more secure.
2. Use only essential applications. The more software you have, the more potential
vulnerabilities you have. You can reduce the risk to your network by using only the
applications you need.
3. Use a firewall. A firewall plays an essential role in protecting your system against zero-day
threats. You can ensure maximum protection by configuring it to allow only necessary
transactions.
Zero click
▪ zero-click attacks require no action from the victim – meaning that even the most advanced
users can fall prey to serious cyber hacks and spyware tools.
▪ also called interaction-less or fully remote attacks.
▪ spying software relies on convincing the targeted person to click on a compromised link or
file to install itself on their phone, tablet, or computer.
▪ However, with a zero-click attack, the software can be installed on a device without the
victim clicking on any link. As a result, zero-click malware or no-click malware is much more
dangerous.
▪ The target of a zero-click attack can be anything from a smartphone to a desktop computer
and even an IoT device
Examples of Zero-Click Attacks
1. Apple zero-click, forced entry, 2021: In 2021, a Bahraini human rights activist had their
iPhone hacked by powerful spyware sold to nation-states.
2. WhatsApp breach, 2019:This infamous breach was triggered by a missed call, which
exploited a flaw in the source code framework of WhatsApp.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 15
Cyber Security[SEC-4]
How to protect yourself from zero-click exploits
▪ Keep your operating system, firmware, and apps on all your devices up to date as prompted.
▪ Only download apps from official stores.
▪ Delete any apps you no longer use.
▪ Use your device password protection.
▪ Use strong authentication to access accounts, especially critical networks.
▪ Use strong passwords – i.e., long and unique passwords.
Modus Operandi of Cyber Criminals
▪ In general, modus operandi is the method acquired by any criminal for the successful
commission of a crime. At a minimum, every Modus Operandi will contain three basic
elements namely:
1. Ensure success of the crime
2. Protect identity
3. Facilitate effective escape
Common forms of modus operandi
1. Sending Annoying Messages
▪ Annoying, Insulting, Misleading, Defaming messages are often sent using mobile
phones in bulk. Hence the actual source could not be fixed.
▪ Such messages are often a cause of misperception among people of different race,
culture and tradition many a times often resulting in fights or riots.
▪ Unaware and innocent people often fall in traps of cyber criminals for SMS of lottery,
Emails of prize money, false promise of jobs, and false mail for admission in reputed
colleges.
▪ Multimedia messages often defaming the identity of a person are distributed among
small groups using mobile phones.
▪ Pornography, Obscene messages and cyber bullying are becoming very common and
very popular, for e.g. Delhi MMS Scandal.
▪ Obscene videos are often captured in remote places unknowingly of the victim for
future exploitation.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 16
Cyber Security[SEC-4]
2. Making Offensive Calls
▪ Offenders can also harass others by making offensive calls to them and annoying
them.
▪ Many a time anonymous calls are used by the criminals as an effective tool in making
extortion or threatening call. Females are often harassed by stalkers by this means of
communication.
▪ Landlines having no Caller Ids pose a problem for the quick analysis of an incoming
call, which is an undue advantage to the cyber stalkers, cyber bullies, etc.
▪ Calls can be made by spoofing the mobile number using various sites. Such calls are
intended to hide the actual location of the caller and any fake or annoying calls are
made. Such calls are often used for terrorist activity and for trafficking illegal goods
or for any ransom or blackmailing purposes.
▪ Cyber Criminals operating from overseas and indulged in forgery are hard to trace
without the co-operation of international agencies.
Reporting of cyber crimes
▪ Reporting cybercrimes is essential to combat online threats and hold perpetrators
accountable. Here are the steps you can take to report cybercrimes:
1. Contact Your Local Law Enforcement: If you believe you are a victim of a cybercrime, you
should report it to your local police department or law enforcement agency. They can
investigate the incident and take appropriate action.
2. Report to a National Cybersecurity Agency: In many countries, there are dedicated
agencies responsible for handling cybercrimes. In the United States, for example, you can
report cybercrimes to the Federal Bureau of Investigation (FBI) through their Internet Crime
Complaint Center (IC3). Check if your country has a similar agency and report the incident
to them.
3. Report to the Appropriate Online Platforms: If the cybercrime occurred on a specific online
platform, such as a social media site, email service, or e-commerce website, report the
incident to that platform. They may have mechanisms in place to address various online
abuses and can take action against the responsible parties.
4. Report to Anti-Fraud Organizations: There are organizations like the Anti-Phishing Working
Group (APWG) and the Anti-Malware Testing Standards Organization (AMTSO) that collect
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 17
Cyber Security[SEC-4]
information about cyber threats and work with law enforcement. Reporting incidents to
these organizations can help in identifying trends and patterns.
5. Report to Financial Institutions: If the cybercrime involves financial fraud, contact your
bank or financial institution immediately. They can help you secure your accounts and
investigate any unauthorized transactions.
6. Report to Internet Service Providers (ISPs): If you have evidence of cybercrimes, such as
hacking or distribution of illegal content, involving an IP address, contact the relevant
Internet Service Provider (ISP). They may take action against the offender or provide
assistance to law enforcement.
7. Document the Incident: Make sure to document all evidence related to the cybercrime,
including emails, messages, screenshots, IP addresses, and any other relevant information.
This documentation can be crucial for investigations.
8. Use Online Reporting Portals: Many countries and regions have online reporting portals
where you can report cybercrimes. These portals may be managed by government agencies
or law enforcement. Check if your region offers such a service.
9. Consider Legal Advice: In some cases, it may be necessary to seek legal advice or consult
with a cybersecurity expert to understand the best course of action and to help with the
investigation.
10. Protect Yourself: While reporting the cybercrime, take steps to secure your online presence,
change passwords, update security settings, and install or update security software to
prevent further incidents.
▪ Remember that reporting cybercrimes is essential for both your own protection and the
collective effort to combat online threats. The information you provide can help authorities
take action and prevent future cybercrimes.
Remedial and mitigation measures
Remedial Measures:
1. Incident Response: In the event of a cyber crime, organizations should have an incident
response plan in place to quickly identify, contain, and mitigate the impact of the attack. This
includes isolating affected systems, restoring backups, and applying patches or security
updates.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 18
Cyber Security[SEC-4]
2. Forensic Investigation: Engaging professional forensic investigators can help identify the
source and extent of the cyber crime, gather evidence, and aid in legal proceedings.
3. Data Recovery: If data is compromised or encrypted due to a cyber attack, organizations
should have backups in place to restore affected systems and minimize data loss.
Mitigation Measures:
1. Strong Security Practices: Implement robust security measures, such as firewalls, antivirus
software, and intrusion detection and prevention systems, to protect against cyber threats.
2. Regular Updates and Patching: Keep software, operating systems, and firmware up to date
with the latest security patches to mitigate vulnerabilities that cyber criminals may exploit.
3. Employee Education: Provide cybersecurity awareness and training programs to employees
to educate them about common cyber threats, phishing techniques, and safe online
practices.
4. Multi-factor Authentication (MFA): Implement MFA wherever possible to add an extra
layer of security, making it harder for cyber criminals to gain unauthorized access to
accounts or systems.
5. Data Encryption: Encrypt sensitive data, both in transit and at rest, to ensure that even if it is
intercepted or stolen, it remains unreadable and unusable for unauthorized individuals.
6. Regular Security Audits: Conduct regular security audits and vulnerability assessments to
identify and address any weaknesses or potential entry points for cyber criminals.
Legal perspective of cyber crime
▪ In today’s techno-savvy environment, the world is becoming more and more digitally
sophisticated and so are the crimes.
▪ All legal issues related to internet crime are dealt with through cyber laws.
▪ As the number of internet users is on the rise, the need for cyber laws and their application
has also gathered great momentum.
▪ Cyber law is a framework created to give legal recognition to all risks arising out of the usage
of computers and computer networks.
▪ Cyber law encompasses laws relating to:
1. Cyber crimes
2. Electronic and digital signatures
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 19
Cyber Security[SEC-4]
3. Intellectual property
4. Data protection and privacy
Legal perspective of cybercrime in India
▪ In India, cybercrime is primarily governed by the Information Technology Act, 2000 (IT
Act). This law was established to address various cyber offenses and provide a legal
framework for electronic transactions, digital signatures, and data protection.
▪ The purpose of the Indian IT Act(ITA) was to amend the Indian Penal Code(IPC).
Amendments and Updates
▪ The IT Act has undergone amendments over the years to address emerging cyber threats
and strengthen cybercrime provisions.
▪ For example, the Information Technology (Amendment) Act, 2008 introduced additional
provisions to tackle cyber terrorism, data privacy, and intermediary liability.
▪ It is important to consult with legal professionals or refer to official sources for
comprehensive and up-to-date information on the legal aspects of cybercrime in India.
Cyber crime and offences
▪ Cybercrime encompasses various illegal activities conducted through digital means,
often targeting individuals, organizations, or systems. Here are some common
cybercrimes and offenses:
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 20
Cyber Security[SEC-4]
1. Hacking: Unauthorized access to computer systems, networks, or devices to manipulate,
steal data, or disrupt operations.
2. Identity Theft: Stealing personal information (such as Social Security numbers, credit
card details) to impersonate someone else, commit fraud, or gain access to financial
resources.
3. Phishing and Spoofing: Sending deceptive emails or creating fake websites to trick
individuals into revealing sensitive information (passwords, financial data) or
downloading malware.
4. Cyberbullying: Harassment, threats, or intimidation using digital platforms, often
directed at individuals, which can have serious emotional and psychological effects.
5. Online Fraud: Illegitimate schemes to deceive individuals or entities for financial gain,
including investment scams, online shopping fraud, and auction fraud.
6. Distributed Denial of Service (DDoS) Attacks: Overloading servers or networks with
excessive traffic to disrupt access, making websites or services unavailable to users.
7. Cyber Espionage: Unauthorized access to confidential information or intellectual
property of governments, organizations, or individuals, often carried out by other
governments or corporate entities.
8. Child Exploitation and Pornography: Using digital means to produce, distribute, or
possess child pornography or engage in illegal activities involving minors.
9. Ransomware Attacks: Malicious software that encrypts files or systems, demanding
payment (usually in cryptocurrency) for decryption or to avoid data exposure.
10. Cyberstalking: Persistent harassment or monitoring of an individual online, causing fear
or emotional distress.
Organizations dealing with Cybercrime and Cyber security in India,
▪ In India, several organizations are involved in dealing with cybercrime and cybersecurity at
various levels, including law enforcement, regulatory bodies, and agencies focused on
awareness and prevention.
▪ Some prominent ones include:
1. National Cyber Security Coordinator (NCSC): The NCSC operates under the Prime
Minister's Office and is responsible for coordinating all cybersecurity initiatives in
the country.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 21
Cyber Security[SEC-4]
2. Computer Emergency Response Team-India (CERT-In): CERT-In is the national
nodal agency under the Ministry of Electronics and Information Technology that
deals with cybersecurity incidents, response, and related issues.
3. National Critical Information Infrastructure Protection Centre (NCIIPC): NCIIPC is
responsible for protecting critical information infrastructure in the country and
formulating policies and guidelines for securing these assets.
4. State Police Cyber Cells: Many states have established specialized cyber cells within
their police departments to investigate and handle cybercrimes at the state level.
5. National Investigation Agency (NIA): NIA deals with investigating and prosecuting
offenses affecting the sovereignty, security, and integrity of India, including
cybercrimes with national implications.
6. Cyber Appellate Tribunal (CAT): It hears appeals against any order passed by CERT-
In or the Adjudicating Officer under the Information Technology Act, 2000.
7. Banks and Financial Institutions: Regulatory bodies like the Reserve Bank of India
(RBI) and Securities and Exchange Board of India (SEBI) have guidelines and teams
dedicated to cybersecurity in the financial sector.
8. Private Cybersecurity Firms: Several private cybersecurity companies operate in
India, offering services ranging from consulting and risk assessment to incident
response and security solutions.
▪ These organizations collaborate to address cyber threats, enforce cybersecurity laws and
regulations, provide guidelines and advisories, conduct awareness programs, and
investigate cybercrimes. They play a crucial role in safeguarding digital infrastructure and
combating cyber threats in India.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 22
Cyber Security[SEC-4]
Module III. Social Media Overview and Security
Introduction to Social networks. Types of Social media, Social media platforms,
Social media monitoring, Hashtag, Viral content, Social media marketing, Social
media privacy, Challenges, opportunities and pitfalls in online social network, Security
issues related to social media, Flagging and reporting of inappropriate content, Laws
regarding posting of inappropriate content, Best practices for the use of Social media,
Case studies.
Introduction to Social networks
▪ Social networks are websites and apps that allow users and organizations to connect,
communicate, share information and form relationships.
▪ People can connect with others in the same area, families, friends, and those with the same
interests.
▪ Social networks are one of the most important uses of the internet today.
▪ Social networking refers to using internet-based social media sites to stay connected with
friends, family, colleagues, or customers. Social networking can have a social purpose, a
business purpose, or both through sites like Facebook, X (formerly Twitter), Instagram, and
Pinterest.
▪ Social networking is also a significant opportunity for marketers seeking to engage customers.
Facebook remains the largest and most popular social network, with 2 billion people using the
platform daily, as of Feb 1, 2023.1 Other popular platforms in the U.S. are Instagram, X,
WhatsApp, TikTok, and Pinterest.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 1
Cyber Security[SEC-4]
Types of Social media , Social media platforms
▪ Social media comes in various forms, each with its unique features and purposes. Here are
some types
1. Social networking sites
▪ Social networking sites allow people to connect with each other through a shared
online space. Users can like, share, comment on posts and follow other users and
businesses.
▪ Examples: Facebook, LinkedIn, Instagram, Twitter, TikTok and Snapchat
2. Media Sharing Networks
▪ Media sharing types of Social Media are used to find and share photographs, live video,
video and other kinds of media on the web.
▪ They are also going to help you in brand building, lead generation, targeting and so on.
▪ Examples: Instagram, Snapchat, YouTube
3. Discussion Forums
▪ Discussion forums encourage people to answer each other's questions and share ideas
and news.
▪ Discussion forums are very essential because they allow users to ask questions and get
answers from different people.
▪ Examples: Quora, Reddit, Digg
4. Blogs and community platforms
▪ These social media networks give you a place to publish your thoughts on your job,
current events, hobbies and more.
▪ Blogs are a great way for businesses and marketers to reach and provide credible
information to their target audience.
▪ Examples: WordPress, Tumblr, Medium
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 2
Cyber Security[SEC-4]
5. Bookmarking networks
▪ Bookmarking networks are platforms where users save different ideas, articles, posts
and other content for later use.
▪ Many people also share links to lists of online resources.
▪ The purpose of these websites is to discover new content based on shared interests
and to discuss trends.
▪ Examples: Feedly, Flipboard,Pocket,StumbleUpon, Pinterest
6. Consumer Review Networks
▪ Using Customer Review networks will help you find out, share and review different
information about a variety of products, services or brands.
▪ When a business has positive reviews on these networks, their claims turn more
credible because reviews on these networks act as Social Proof.
▪ Examples: Yelp, Zomato, TripAdvisor
7. Social shopping networks
▪ These networks help people spot trends, share great finds, make purchases and
follow their favourite brands. They focus on e-commerce, and the social element
makes it engaging and entertaining.
▪ Examples: Polyvore, Etsy, Fancy
These categories often overlap, and many social media platforms offer a combination of functionalities
to meet user needs and preferences.
Social media monitoring
It is the process of collecting social conversations and messages into a database of useful information.
Social media monitoring is the process of identifying and determining what is being said about a
brand, individual or product through different social and online channels.
Here are some examples of what social media monitoring can help you achieve:
• Sentiment analysis: Understand how users feel about specific online conversations (negative,
positive, or neutral).
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 3
Cyber Security[SEC-4]
• ROI (return on investment): Identify if and how your money is paying off.
• Hashtags and keywords: Find the right ones to improve your social media strategies and
attract new customers.
• Trends: Identify popular themes, memes, songs, and topics in real time and how your brand
could jump on some of them to attract business.
• Share of voice: Understand the percentage of online conversations that are about your brand
vs your competitors.
Top Social Media Monitoring Tools
1. Hootsuite: Effectively track topics that matter—then respond quickly
2. Sprout Social:Intelligent, real-time social media monitoring with Sprout
3. Agora Pulse: Discover what people are really saying about your business
4. Zoho Social: Get real-time updates from your audience
5. Brand24: Smart social media monitoring for businesses of all sizes
6. Mention: Media monitoring made simple
7. Keyhole: Hashtag tracking for Twitter, Instagram, and Facebook
8. Iconosquare: Instagram analytics and management platform
9. Tailwind: Social media monitoring for Pinterest
10. Sendible: Seize opportunities via social listening
Benefits of Monitoring Social Media
1. Brand awareness: Social media monitoring is a great tool to protect your brand reputation
and improve brand awareness. It enables you to be aware in real time of what customers think
and say about your brand on social media while allowing you to be able to reply to them on
the spot.
2. Engage the right audience : Strong and meaningful relationships with the audience lead to
more engaged customers and create fidelity among your online audience. Social media
monitoring allows you to exchange with them, identify topics and trends they are interested
in, as well as learn more in-depth about your audience’s needs.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 4
Cyber Security[SEC-4]
3. Competitor analysis: Your competitors are a great source of information and data to help
your brand improve and stay on top. With social monitoring, your brand is able to know what
they are up to, understand what works best for them to see what could work for your brand,
and learn from their mistakes.
4. Market research: Monitoring helps you stay on track of trends and customers’ sentiments or
experiences. Your brand is able to know what your customer thinks and feels about your brand
products or services, which enables you to adjust at any moment according to how the data
changes to evolve with your market.
5. Receive better insights from your audience: Customers can offer useful insights and
feedback on social media directly by tagging your brands or via hashtags. You can easily test
out how your audience responds to each message, product, or content to identify quickly what
works best to create more curated and efficient content, as well as high-demand services or
products.
Hashtag
▪ When it comes to social media, the hashtag is used to draw attention, organize, promote, and
connect.
▪ Hashtags refer to the usage of the pound or number symbol, "#," to mark a keyword or
topic on social media.
▪ It's used within a post on social media to help those who may be interested in your topic to
be able to find it when they search for a keyword or particular hashtag
▪ It helps to draw attention to your posts and encourage interaction.
▪ The hashtag's use in social media is closely associated with microblogging site Twitter.
▪ Hashtags can be a fun way to enhance communication and connect yourself to others
discussing the same topic. They offer a shorthand way of referring to a topic,
providing context, or simply adding humor or sarcasm to a message.
Viral content
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 5
Cyber Security[SEC-4]
▪ To be “viral” on social media means that a piece of content, such as a post, video, or image,
has become extremely popular and is being shared by a large number of people on various
social media platforms.
▪ Viral content is online content that achieves a high level of awareness due to shares and
exposure on social media networks, news websites, aggregators, email newsletters and
search engines.
▪ Typically, viral content reaches a large number of people within a short timeframe by
being frequently shared online. Some key indicators that a piece of content has "gone
viral" include:
− Millions of views/shares within days or weeks
− Getting shared exponentially through social platforms
− Sparking conversations, reactions, and engagement amongst a large audience
− Getting picked up by mainstream media outlets
− Inspiring remixes, remakes, or spin-offs
Social Media Marketing
▪ Social media marketing is a form of digital marketing that leverages the power of popular
social media networks to achieve your marketing and branding goals.
▪ Social media marketing includes increasing website traffic, engagement, brand awareness, and
other marketing goals by designing various types of content for different social media
platforms. The content can be in the form of videos, blogs, infographics, or any other forms
that have the potential to go viral.
▪ If it’s done right, social media marketing can be beneficial to in several ways:
− Increase brand awareness
− Boost conversions rates
− Improve search engine ratings
− Build top-funnel traffic
− Lower marketing campaign costs
▪ While Facebook, Instagram, LinkedIn, YouTube, and Twitter are the most popular platforms,
there are hundreds of others out there. They come in many flavors, like — microblogging,
B2B networking, video sharing, content sharing, bookmarking, Q&A, and so on
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 6
Cyber Security[SEC-4]
Pros and cons of Social media marketing
Pros
• May help companies enhance brand recognition easily
• Offers companies more cost-effective solutions with great exposure
• May be leveraged to increase website traffic and real-time feedback
• May be leveraged for targeted or specific engagements
Cons
• May be time-consuming to set up and maintain
• May be unpredictable, as different platforms may change algoriths
• May result in negative feedba ck displayed in a very public fashion
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 7
Cyber Security[SEC-4]
• May be difficult to fully understand the true ROI
Social media privacy
▪ Social media privacy includes personal and sensitive information that people can find out
from user accounts. Some of this information is shared voluntarily through posts and profile
information.
▪ Information also may be released unknowingly through tracking cookies, which track the
information of a user's online activity, including webpage views, social media sharing and
purchase history.
▪ Social media privacy is a crucial aspect of online presence. It involves controlling what
information you share on social platforms and who can access it.
▪ Here are some tips to enhance social media privacy:
1. Privacy Settings: Review and adjust your privacy settings regularly on each
platform. Limit who can see your posts, personal information, and contact details.
2. Strong Passwords: Use strong, unique passwords for each social media account.
Consider using a password manager to generate and store complex passwords
securely.
3. Two-Factor Authentication (2FA): Enable 2FA wherever possible. This adds
an extra layer of security by requiring a second form of verification, such as a text
code or authentication app.
4. Be Mindful of Sharing: Think before posting. Avoid sharing sensitive personal
information, like your address or phone number, publicly. Be cautious about
sharing location-based information.
5. Regularly Review Permissions: Periodically review and revoke access for third-
party apps that are connected to your social media accounts. Some apps may have
access to more of your data than necessary.
6. Customize Audience: Use platform features that allow you to customize the
audience for each post. Not everything needs to be visible to everyone on your
friend list.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 8
Cyber Security[SEC-4]
7. Limit Tagging and Geo-Tagging: Disable automatic tagging and geotagging
features. This prevents others from tagging you in posts without your approval
and sharing your location.
8. Update Privacy Policies: Stay informed about platform privacy policies and
adjust settings accordingly when policies change.
9. Regularly Audit Your Profile: Review your profile periodically to remove old
posts, photos, or information that you no longer want to be public.
10. Educate Yourself: Keep yourself updated on common privacy threats and tactics
used by scammers or hackers. Awareness goes a long way in protecting yourself.
▪ Remember, while social media is a fantastic tool for connecting and sharing, it's crucial to
balance sharing with safeguarding your privacy and security.
Challenges, opportunities, and pitfalls in online social network
▪ Online social networks present a myriad of challenges, opportunities, and potential pitfalls that
significantly impact individuals, societies, and businesses.
▪ Challenges:
1. Privacy Concerns: Users often share personal information, leading to privacy breaches,
identity theft, and data misuse.
2.Cyberbullying and Harassment: Online platforms can become breeding grounds for
cyberbullying and harassment, affecting mental health and well-being.
3.Fake News and Misinformation: Social networks propagate false information rapidly,
influencing opinions and behaviors.
4.Addiction and Mental Health: Excessive use of social media can lead to addiction,
affecting mental health, self-esteem, and real-life relationships.
5.Filter Bubbles and Echo Chambers: Algorithms personalize content, creating isolated
echo chambers where users are exposed only to viewpoints similar to their own, limiting
diverse perspectives.
6.Online Disinformation Campaigns: Social networks are susceptible to coordinated
disinformation efforts that can manipulate public opinion, influence elections, and sow
societal discord.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 9
Cyber Security[SEC-4]
7.Security Threats: Cyberattacks, phishing, and scams can exploit vulnerabilities within
networks, compromising user data and security.
▪ Opportunities:
1. Global Connectivity: Social networks enable people worldwide to connect, communicate,
and share ideas effortlessly.
2. Business and Marketing: Platforms offer businesses a vast audience for advertising,
customer engagement, and market research.
3. Information Dissemination: Social media facilitates the rapid spread of information,
raising awareness about various issues and causes.
4. Community Building: Users can find like-minded individuals, create communities, and
mobilize for social change.
5. Education and Learning: Social networks serve as platforms for educational content,
fostering learning communities and sharing knowledge.
6. Career Networking: Professional networks assist in career growth, job hunting, and
industry connections.
▪ Pitfalls:
1. Over-reliance on Algorithms: Algorithms can reinforce biases, limit exposure to diverse
perspectives, and prioritize sensational content over quality information.
2. Dependence on Engagement Metrics: Platforms often prioritize engagement metrics
(likes, shares) over content accuracy or depth, encouraging clickbait and shallow content.
3. Lack of Regulation: The absence of robust regulations can lead to unchecked spread of
harmful content, misinformation, and exploitation of user data.
4. Monetization vs. User Well-being: Business models focused on ad revenue may conflict
with user well-being, as platforms aim to maximize user engagement.
5. Digital Divide: Not everyone has equal access to social networks due to socioeconomic
factors, creating a digital divide.
▪ Balancing these challenges and opportunities is crucial for harnessing the positive aspects of
online social networks while mitigating their negative impacts. Strategies involving user
education, platform regulations, and responsible design can contribute to a healthier online
environment.
Security issues related to social media
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 10
Cyber Security[SEC-4]
▪ Social media platforms have revolutionized communication, connecting individuals globally.
However, they also pose significant security risks. Here are some key issues:
1. Privacy Concerns: Social media often requires personal information for account creation.
Users may unintentionally disclose sensitive data, leading to identity theft, stalking, or
harassment.
2. Data Breaches: Cyber attackers target social media platforms to access user data,
including login credentials, personal details, and private messages. These breaches can
result in widespread identity theft and financial loss.
3. Phishing Attacks: Malicious actors use social media to execute phishing attacks, tricking
users into revealing personal information or clicking on harmful links that install malware.
4. Fake Accounts and Impersonation: Fraudulent profiles impersonating real users or
organizations deceive individuals. This can lead to reputational damage or financial scams.
5. Cyberbullying: Social media enables anonymous or semi-anonymous communication,
fostering cyberbullying, harassment, and hate speech.
6. Misinformation and Fake News: False information can spread rapidly on social media
platforms, influencing opinions, and causing societal discord.
7. Addiction and Mental Health: Excessive use of social media has been linked to
addiction and mental health issues, including anxiety, depression, and low self-esteem.
8. Geotagging and Location Tracking: Sharing location details on social media can
compromise personal safety and security, especially when coupled with other personal
information.
9. Third-party Apps and Permissions: Users often grant extensive permissions to third-
party apps linked to their social media accounts, risking data misuse and privacy breaches.
10. Employment and Reputation: Inappropriate content or behavior shared on social
media can negatively impact job prospects and personal reputation.
▪ To mitigate these risks, users should regularly review and adjust privacy settings, use strong
and unique passwords, be cautious about sharing personal information, verify sources before
sharing news, and remain vigilant against suspicious activities.
Flagging and reporting of inappropriate content
▪ Flagging and reporting inappropriate content on social media platforms is crucial for
maintaining a safe and respectful online environment.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 11
Cyber Security[SEC-4]
▪ Here's a general guide on how it's typically done:
1. Identify the Content: When you come across something inappropriate (e.g., hate speech,
harassment, nudity, violence), take note of it.
2. Check Platform Policies: Review the platform's community guidelines to ensure the
content violates their rules. Different platforms have different rules and definitions of
what constitutes inappropriate content.
3. Flag or Report: Most platforms have a "Report" or "Flag" option directly on the post.
Click on it, and you'll usually be prompted to choose a reason for the report (e.g., spam,
abusive behavior, nudity).
4. Provide Details: Some platforms allow you to provide additional details or comments
when reporting. Be specific about why you find the content inappropriate and, if
applicable, how it violates the platform's guidelines.
5. Follow Platform Instructions: After reporting, the platform will review the content
based on its policies. They might take action by removing the content, warning the user,
or even suspending their account, depending on the severity of the violation.
6. Monitor and Follow Up: While the process may vary, many platforms send notifications
about the actions taken or the status of the report. If necessary, follow up or re-report if
the content remains unresolved.
▪ Remember, while flagging content is essential, it's also important to avoid engaging with or
spreading inappropriate content further. If you feel that content poses an immediate risk (like
self-harm or danger to others), consider contacting local authorities.
Laws regarding posting of inappropriate content
▪ Laws around posting inappropriate content on social media can vary widely by country and
even within regions due to different legal systems and cultural norms.
▪ However, there are some common principles and regulations that many places uphold:
1. Hate Speech and Discrimination: Many countries have laws against hate speech,
which includes content that promotes violence or discrimination against individuals or
groups based on characteristics like race, religion, ethnicity, gender, sexual orientation,
or disability.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 12
Cyber Security[SEC-4]
2. Defamation and Libel: Posting false information that harms someone's reputation
can lead to legal action for defamation or libel. This includes both written and visual
content that portrays someone in a false and negative light.
3. Copyright Infringement: Using someone else's content without permission can
violate copyright laws. This applies to images, videos, music, and other creative works.
4. Privacy Violations: Sharing private information, such as someone's address, personal
details, or intimate media, without their consent can violate privacy laws.
▪ In India, there are laws and regulations that address the posting of inappropriate content on
social media platforms.
▪ Some of the key laws and guidelines related to this include:
1. Information Technology (Intermediary Guidelines and Digital Media Ethics
Code) Rules, 2021: These rules introduced various regulations for social media
intermediaries and digital platforms in India. They outline obligations for platforms to
remove specific types of content within a specified timeframe. They require platforms
to appoint officers for grievance redressal and compliance.
2. Indian Penal Code (IPC): Sections of the IPC deal with offenses related to
defamation (Section 499), obscenity (Section 292), and acts intended to outrage
religious feelings (Section 295A), among others. These sections can be invoked for
inappropriate content posted on social media if it falls within the purview of these
offenses.
3. The Information Technology Act, 2000: Section 67 of this act deals with punishment
for publishing or transmitting obscene material in electronic form. It prohibits the
publishing or transmitting of obscene content in electronic form.
4. Defamation Laws: Both civil and criminal defamation laws exist in India, which can
be applied if someone posts defamatory content on social media.
Best practices for the use of Social media
▪ Here are some best practices for using social media effectively:
1. Define Your Goals: Determine what you want to achieve with your social media presence.
Whether it's brand awareness, lead generation, customer engagement, or something else,
having clear goals will guide your strategy.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 13
Cyber Security[SEC-4]
2. Know Your Audience: Understand your target audience's preferences, behaviors, and
demographics. Tailor your content to resonate with them.
3. Quality Content: Share valuable, relevant, and engaging content. This could be in various
formats like images, videos, articles, infographics, etc.
4. Use Hashtags Wisely: Research and use relevant hashtags to increase the visibility of your
posts. But don't overdo it; use them sparingly and appropriately.
5. Post Regularly: Consistency is vital. Develop a content calendar to maintain a steady posting
schedule, but avoid overposting – quality over quantity matters.
6. Stay Up-to-Date: Social media trends and algorithms change frequently. Stay informed about
platform updates and trends to adapt your strategy accordingly.
7. Community Building: Create a sense of community around your brand. Encourage user-
generated content, run contests, and involve your audience in discussions.
8. Respect Privacy and Policies: Understand and comply with platform guidelines, privacy
policies, and copyright laws to avoid any issues.
Case studies.
Security Case Studies:
1. Facebook-Cambridge Analytica Scandal (2018): Cambridge Analytica harvested
data from millions of Facebook profiles without users' consent. This breach raised
concerns about data privacy and led to investigations, changes in Facebook's policies,
and CEO Mark Zuckerberg's testimony in front of Congress.
2. Twitter Hacks (2020): Several high-profile Twitter accounts, including those of
Barack Obama, Elon Musk, and Bill Gates, were compromised in a Bitcoin scam.
Hackers gained access to accounts through social engineering attacks on employees,
highlighting the need for robust internal security protocols.
3. LinkedIn Data Breach (2021): Personal data of around 500 million LinkedIn users,
including email addresses and phone numbers, was scraped and put for sale online. It
raised concerns about data scraping and the vulnerability of personal information on
professional networking sites.
4. TikTok's Privacy Concerns: TikTok faced scrutiny over its data collection practices,
especially given its Chinese ownership. Concerns were raised about the potential
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 14
Cyber Security[SEC-4]
misuse of user data and its handling, leading to investigations and debates regarding
national security risks.
5. WhatsApp Privacy Policy Update (2021): WhatsApp faced backlash after
announcing changes to its privacy policy, allowing greater data sharing with its parent
company, Facebook. This led to widespread concern over user privacy and data
sharing practices.
Security Measures:
▪ Two-Factor Authentication (2FA): Adding an extra layer of security to accounts.
▪ Privacy Settings Review: Regularly reviewing and adjusting privacy settings.
▪ Strong Passwords: Using complex and unique passwords for different platforms.
▪ Regular Updates and Patches: Ensuring apps and devices are updated with the
latest security patches.
▪ Awareness and Education: Educating users about potential threats and best
practices for staying secure online.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 15
Cyber Security[SEC-4]
Module-IV:
Definition of E- Commerce, Main components of E-Commerce, Elements of E-Commerce
security, E-Commerce threats, E-Commerce security best practices. Advantages of e-
commerce, Survey of popular e-commerce sites.
Introduction to digital payments, Components of digital payment and stake holders, Modes of
digital payments- Banking Cards, Unified Payment Interface (UPI), e-Wallets, Unstructured
Supplementary Service Data (USSD), Aadhar enabled payments, Digital payments related
common frauds and preventive measures. RBI guidelines on digital payments and customer
protection in unauthorized banking transactions. Relevant provisions of Payment Settlement
Act,2007.
Definition of E- Commerce
▪ E-Commerce or Electronic Commerce means buying and selling of goods, products, or services
over the internet.
▪ E-commerce is also known as electronic commerce or internet commerce.
▪ Transaction of money, funds, and data are also considered as E-commerce.
▪ These business transactions can be done in four ways: Business to Business (B2B), Business to
Customer (B2C), Customer to Customer (C2C), Customer to Business (C2B).
Main components of E-Commerce
▪ The components of E-Commerce are as follows:
1. User: This may be individual / organization or anybody using the e-commerce platforms.
2. E-commerce vendors: This is the organization/ entity providing the user, goods/ services.
E.g.: www.flipkart.com.E-commerce Vendors further needs to ensure following for better,
effective and efficient transaction.
− Suppliers and Supply Chain Management
− Warehouse operations
− Shipping and returns
− E-Commerce catalogue and product display
− Marketing and loyalty programs
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 1
Cyber Security[SEC-4]
3. Technology Infrastructure: This includes Server computers, apps etc. These are the backbone
for the success of the venture. They store the data/program used to run the whole operation of
the organization.
4. Internet/ Network: This is the key to success of e-commerce transactions. Internet
connectivity is important for any e-commerce transaction to go through. The faster net
connectivity leads to better e-commerce.
5. Web Portal: This shall provide the interface through which an individual/organization shall
perform e-commerce transactions. These web portals can be accessed through desktops/
laptops/PDA/hand- held computing devices/ mobiles and now through smart TVs.
6. Payment Gateway: The payment mode through which customers shall make payments.
Payment gateway represents the way e-commerce vendors collect their payments. Examples are
Credit / Debit Card Payments, Online bank payments, Vendors own payment wallet, Third Party
Payment wallets, like PAYTM and Unified Payments Interface (UPI).
Elements of E-Commerce security
▪ E-commerce security involves safeguarding online transactions and protecting sensitive
information during online purchases. Here are some key elements:
1. Encryption: Encrypting data ensures that sensitive information like credit card details, personal
information, and transaction data is encoded during transmission. Secure Sockets Layer (SSL)
or Transport Layer Security (TLS) protocols are commonly used to encrypt data.
2. Secure Payment Gateways: Using trusted and secure payment gateways ensures that financial
information is transmitted securely between the customer, merchant, and financial institutions.
3. Firewalls and Security Software: Implementing firewalls and up-to-date security software
helps prevent unauthorized access to the e-commerce website's network. This includes
protection against malware, viruses, and other cyber threats.
4. Authentication and Authorization: Employing strong user authentication methods, such as
two-factor authentication (2FA), helps verify the identity of users, reducing the risk of
unauthorized access.
5. Regular Updates and Patch Management: Ensuring that the e-commerce platform and all
associated software are regularly updated with the latest security patches helps mitigate
vulnerabilities that could be exploited by attackers.
6. Data Privacy and Compliance: Adhering to data privacy regulations (such as GDPR, CCPA)
and implementing privacy policies that protect customer data is crucial. This includes proper
handling and storage of personal information.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 2
Cyber Security[SEC-4]
7. Risk Assessment and Monitoring: Conducting regular security audits and risk assessments
helps identify potential vulnerabilities and threats. Continuous monitoring of systems for
suspicious activities is vital to detect and respond to any security breaches promptly.
8. Customer Education: Educating customers about safe online practices, such as creating strong
passwords, avoiding public Wi-Fi for sensitive transactions, and being cautious of phishing
attempts, can significantly enhance overall e-commerce security.
9. Physical Security Measures: Ensuring physical security of servers and data centers where
customer information is stored is essential to prevent unauthorized access to hardware and
infrastructure.
10.Backup and Disaster Recovery: Implementing robust backup and disaster recovery plans
ensures that in case of a security breach or system failure, data can be recovered without
significant loss.
E-Commerce threats
▪ E-commerce platforms face various threats that can compromise security and disrupt
operations. Here are some common threats:
1. Data Breaches: These occur when sensitive customer information, such as credit card details
or personal data, is accessed or stolen by unauthorized individuals or cybercriminals.
Breaches can happen through hacking, phishing, or exploiting vulnerabilities in the system.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 3
Cyber Security[SEC-4]
2.Phishing Attacks: Cybercriminals use deceptive emails, messages, or websites that mimic
legitimate sources to trick users into revealing sensitive information like login credentials,
credit card numbers, or personal details.
3. Malware and Viruses: Malicious software can infect e-commerce websites, compromising
user data, stealing information, or disrupting operations. Malware can be introduced through
infected files, links, or vulnerable software.
4.DDoS Attacks: Distributed Denial of Service attacks aim to overwhelm a website's servers
with excessive traffic, causing it to become slow or unavailable, disrupting business
operations and potentially leading to financial losses.
5.SQL Injection: Attackers exploit vulnerabilities in the website's code to insert malicious SQL
queries, allowing them to access or manipulate the database, compromising sensitive
information.
6.Man-in-the-Middle (MITM) Attacks: Hackers intercept communication between a user
and an e-commerce website to eavesdrop, steal information, or manipulate data during the
transmission.
7.Identity Theft: Cybercriminals may steal user identities from e-commerce platforms to
make fraudulent purchases, access financial accounts, or commit other forms of fraud.
8.Supply Chain Attacks: Hackers target weaknesses in the supply chain to access the e-
commerce platform, compromising the security of transactions, customer data, or the overall
system.
9.Payment Frauds: Fraudulent activities during payment transactions, such as stolen credit
card information or unauthorized transactions, pose a significant threat to e-commerce
platforms and customers.
E-Commerce security best practices
▪ Ensuring security in e-commerce is crucial to protect both your business and your customers'
sensitive information. Here are some best practices:
1. Use Secure Sockets Layer (SSL) Encryption: Encrypt data transmitted between your
website and users' browsers. This prevents interception of sensitive information like credit
card details.
2. Implement Strong Password Policies: Encourage users to create strong passwords and
use multi-factor authentication (MFA) wherever possible to add an extra layer of security.
3. Regularly Update Software and Security Patches: Keep your e-commerce platform,
plugins, and software updated to patch vulnerabilities that attackers could exploit.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 4
Cyber Security[SEC-4]
4. Secure Payment Gateways: Use reputable payment gateways that comply with Payment
Card Industry Data Security Standard (PCI DSS). Avoid storing payment information on
your servers.
5. Data Encryption: Encrypt sensitive data, including customer information and payment
details, when stored in databases or during transmission.
6. Regular Security Audits and Testing: Conduct security audits and penetration testing to
identify vulnerabilities and weaknesses in your system before attackers do.
7.Implement Firewalls and DDoS Protection: Install firewalls to monitor and control
incoming and outgoing traffic. Use DDoS (Distributed Denial of Service) protection to
prevent service disruption due to attacks.
8.Train Employees: Educate your staff about security best practices, phishing attacks, and how
to handle sensitive information to prevent internal security breaches.
9.Privacy Policies and Compliance: Comply with data protection regulations (like GDPR,
CCPA) and clearly communicate your privacy policies to customers.
10.Monitor and Respond to Suspicious Activity: Implement monitoring systems to detect
unusual activity and respond promptly to security incidents.
11. Backup Data Regularly: Keep regular backups of your e-commerce data to ensure you can
recover in case of a security breach or data loss.
12.Limit Access to Data: Restrict access to sensitive data. Only grant access to those who need
it for their specific roles.
Advantage of e-commerce
1. Reduced overhead costs: Running an e-commerce store is a lot more cost-effective than
running a physical store. You don’t have to rent commercial real estate — instead, you can pay
an affordable fee for web hosting.
2. No need for a physical storefront: There are so many difficult aspects to running a physical
storefront and using e-commerce means you don’t have to face most of those obstacles. Renting
a commercial property can be expensive. You also have to pay for electricity, water, and internet
to ensure your space is up to code and can handle your business. There’s also security to
consider; if you want your physical storefront to be secure, you’ll need to invest in cameras and
other surveillance equipment. With an e-commerce store, you can simply build your website and
start selling your products online without worrying about setting up a physical storefront and
spending as much money.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 5
Cyber Security[SEC-4]
3. Ability to reach a broader audience: Perhaps the biggest advantage of e-commerce is the fact
that it allows you to reach a massive audience. Your physical storefront can only get so many
visitors in a day, especially if you live in a smaller town or a rural area. With an e-commerce
store, you can reach potential customers all throughout the world and show them your products.
4. Scalability:. If you have a physical storefront, your business can only grow so much before you
have to move to a larger storefront. You also have to move inventory and equipment from one
location to another, which makes it even harder to scale your store with the growth of your
business. With e-commerce, your website and store can grow as your business does, and you
don’t have to spend a fortune moving to a new physical space.
5. Track logistics: Keeping track of logistics is an essential part of e-commerce and retail
marketing, and it’s significantly easier with e-commerce than it is with a physical storefront. You
can outsource fulfillment logistics so your customers can enjoy benefits like 2-day shipping and
easy returns processing.
Survey of popular e-commerce sites
▪ There are several popular e-commerce sites that cater to different markets and needs.
▪ Some of the well-known ones globally include:
1. Amazon: One of the largest online retailers, offering a wide range of products from
electronics to books to household items.
2. eBay: Known for its auction-style selling and a vast array of products, including both
new and used items.
3. Alibaba: A Chinese e-commerce company specializing in wholesale trading between
businesses and consumers.
4. Walmart: A major retailer with a strong online presence, selling a variety of products
similar to its physical stores.
5. Etsy: Focused on handmade, vintage, and unique goods, often catering to niche markets
and creative products.
6. Target: Similar to Walmart, Target offers a diverse range of products and has a
significant online presence.
7. Best Buy: Specializes in electronics, offering a wide selection of tech-related products.
8. Zappos: A popular online shoe and clothing retailer known for its customer service and
wide selection.
9. ASOS: Primarily focused on fashion and beauty products, targeting a younger audience
with trendy items.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 6
Cyber Security[SEC-4]
10. Rakuten: A diverse marketplace offering various products and services, often providing
cashback rewards for purchases.
▪ Each of these platforms has its own strengths, unique selling points, and target demographics,
making them popular choices for different types of consumers.
Introduction to Digital Payments
▪ Digital payments are payments done through digital or online modes, with no exchange of hard
cash being involved. Such a payment, sometimes also called an electronic payment (e-payment),
is the transfer of value from one payment account to another where both the payer and the
payee use a digital device such as a mobile phone, computer, or a credit, debit, or prepaid card.
▪ The payer and payee could be either a business or an individual. This means that for digital
payments to take place, the payer and payee both must have a bank account, an online banking
method, a device from which they can make the payment, and a medium of transmission,
meaning that either they should have signed up to a payment provider or an intermediary such
as a bank or a service provider.
Components of Digital Payment and Stake holders
▪ Digital payments involve several components and stakeholders that collectively facilitate the
transfer of money or transactions through electronic means.
▪ Here are the key components and stakeholders:
▪ Components:
1. Payment Gateway: It's the technology that authorizes and facilitates transactions by
connecting merchants, banks, and customers. It encrypts sensitive information and ensures
secure transfer.
2.Payment Processor: Responsible for managing the transaction process by transmitting
data between the merchant's bank and the customer's bank. It verifies transaction details
and ensures funds are transferred.
3.Mobile Wallets: Apps or platforms that store payment information, allowing users to
make transactions through their smartphones. Examples include Apple Pay, Google Pay,
and PayPal.
4.Digital Currencies/Cryptocurrencies: These decentralized forms of currency (like
Bitcoin or Ethereum) facilitate peer-to-peer transactions through blockchain technology.
5.Near Field Communication (NFC): Technology that enables contactless payments by
allowing devices to communicate when in close proximity.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 7
Cyber Security[SEC-4]
6.QR Codes: Scannable codes that store payment information, enabling easy transactions by
simply scanning the code.
▪ Stakeholders:
1. Customers/Users: Individuals or entities making payments or transactions using digital
payment methods.
2. Merchants/Retailers: Businesses or individuals selling goods or services and accepting
digital payments from customers.
3. Financial Institutions: Banks, credit unions, and other financial entities that provide the
infrastructure and accounts necessary for digital transactions.
4. Payment Service Providers (PSPs): Companies that offer services facilitating digital
payments for merchants, such as Stripe, Square, or Adyen.
5. Regulatory Bodies/Government Agencies: Entities responsible for creating and
enforcing rules, regulations, and standards for digital payments to ensure security and
fairness.
6. Technology Providers: Companies developing and maintaining the technology and
software necessary for secure digital payment systems, including hardware manufacturers
and software developers.
7. Security Firms: Organizations specializing in ensuring the security of digital payment
systems by providing encryption, fraud detection, and cybersecurity services.
▪ These components and stakeholders collectively form the ecosystem that enables the seamless
execution of digital payments across various platforms and devices.
Modes of digital payments
▪ There are various modes of digital payments that have become increasingly popular due to their
convenience and accessibility.
▪ Here's a brief overview of each:
1. Banking cards:
Cards are among the most widely used payment methods and come with various features and
benefits such as security of payments, convenience, etc. The main advantage of debit/credit or
prepaid banking cards is that they can be used to make other types of digital payments. For
example, customers can store card information in digital payment apps or mobile wallets to
make a cashless payment. Some of the most reputed and well-known card payment systems are
Visa, Rupay and MasterCard, among others. Banking cards can be used for online purchases, in
digital payment apps, PoS machines, online transactions, etc.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 8
Cyber Security[SEC-4]
2. Unified Payment Interface (UPI)
UPI is a payment system that culminates numerous bank accounts into a single application,
allowing the transfer of money easily between any two parties. As compared to NEFT, RTGS,
and IMPS, UPI is far more well-defined and standardized across banks. You can use UPI to
initiate a bank transfer from anywhere in just a few clicks.
The benefit of using UPI is that it allows you to pay directly from your bank account, without
the need to type in the card or bank details. This method has become one of the most popular
digital payment modes in 2020, with October witnessing over 2 billion transactions.
3. e-Wallets
Electronic wallets or e-wallets store financial information and allow users to make online
transactions quickly. E-wallet is a type of pre-paid account in which a user can store his/her
money for any future online transaction. An E-wallet is protected with a password. With the
help of an E-wallet, one can make payments for groceries, online purchases, and flight tickets,
among others. E-wallet has mainly two components, software and information. The software
component stores personal information and provides security and encryption of the data. The
information component is a database of details provided by the user which includes their name,
shipping address, payment method, amount to be paid, credit or debit card details, etc. Services
like PayPal, Google Pay, Apple Pay, and Paytm fall under this category.
4. Unstructured Supplementary Service Data (USSD)
USSD technology enables mobile banking services through basic phones, allowing users to
access banking services by dialing a shortcode. This method doesn't require internet connectivity
and is particularly beneficial in regions with limited internet access. USSD was launched for
those sections of India’s population which don’t have access to proper banking and internet
facilities. Under USSD, mobile banking transactions are possible without an internet connection
by simply dialing *99# on any essential feature phone.
This number is operational across all Telecom Service Providers (TSPs) and allows customers
to avail of services including interbank account to account fund transfer, balance inquiry, and
availing mini statements. Around 51 leading banks offer USSD service in 12 different languages,
including Hindi & English.
5.Aadhar enabled payments system (AEPS)
AEPS is a bank-led model for digital payments that was initiated to leverage the presence and
reach of Aadhar. Under this system, customers can use their Aadhaar-linked accounts to transfer
money between two Aadhaar linked Bank Accounts. As of February 2020, AEPS had crossed
more than 205 million as per NPCI data.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 9
Cyber Security[SEC-4]
AEPS doesn’t require any physical activity like visiting a branch, using debit or credit cards or
making a signature on a document. This bank-led model allows digital payments at PoS (Point of
Sale / Micro ATM) via a Business Correspondent (also known as Bank Mitra) using Aadhaar
authentication.
▪ Each mode of digital payment offers its own set of advantages in terms of accessibility, ease of
use, security, and suitability for different scenarios. The choice of which to use often depends on
factors like convenience, accessibility to technology, internet connectivity, and personal
preferences.
Digital Payments Related Common Frauds and Preventive Measures
▪ With the increasing trend of digital payment systems, the number of fraud attempts is also
increasing at an alarming rate. Cybercriminals are always looking for ways to exploit the loopholes
in the digital payment process to steal money from unsuspecting individuals.
1. Phishing
▪ Phishing scams are fake messages, emails, or websites that trick people into providing
their personal information, such as login credentials, credit card details, or social security
numbers. These scammers then use this information to access victims’ accounts and steal
their funds.
▪ Preventive Measures:
− Verify website URLs before entering any personal information.
− Never share personal or financial details via email or unsecured websites.
− Enable two-factor authentication for added security.
2.Identity Theft
▪ Identity theft occurs when a fraudster steals someone’s personal information, such as
their name, address, or social security number, and uses it for fraudulent activities, such
as opening a new credit card or mobile payment account.
▪ Preventive Measures:
− Use strong, unique passwords for each financial account.
− Regularly monitor your credit report for any suspicious activities.
− Be cautious while sharing personal information online.
3.Account Takeover
▪ In an account takeover, a fraudster gains access to a user’s digital payment account by
stealing their login credentials or obtaining their personal information using phishing
scams. The attacker then uses the account to make unauthorized transactions and
transfer funds.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 10
Cyber Security[SEC-4]
▪ Preventive Measures:
− Use strong, unique passwords and change them regularly.
− Enable account alerts for any unusual activity.
− Consider using biometric authentication if available.
4.Card Skimming
▪ Card skimming involves the illegal copying of a user’s credit or debit card information
using a skimming device when the card is swiped for payment. The scammers then use
the copied information to make fraudulent transactions.
▪ Preventive Measures:
− Check for tampering on card readers before using them.
− Use contactless payment methods where possible.
− Regularly monitor your account statements for any unauthorized charges.
5.Malware and Spyware:
▪ Malicious software designed to steal financial information from devices.
▪ Preventive Measures:
− Install and regularly update antivirus and anti-malware software.
− Avoid clicking on suspicious links or downloading unknown attachments.
− Keep your device's operating system and apps up to date.
6. Unauthorized Transactions:
▪ Transactions made without the account holder's knowledge or consent.
▪ Preventive Measures:
− Regularly check account statements for any unfamiliar transactions.
− Enable transaction notifications or alerts for your accounts.
− Report any unauthorized transactions to your bank or payment provider
immediately.
7. Social Engineering Attacks:
▪ Manipulating individuals to reveal confidential information.
▪ Preventive Measures:
− Be cautious of unsolicited calls or messages asking for personal information.
− Verify the identity of the person or organization before sharing any details.
− Educate yourself and your family about common social engineering tactics.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 11
Cyber Security[SEC-4]
RBI guidelines on digital payments and customer protection in unauthorized
banking transactions.
▪ The Reserve Bank of India (RBI) has put forth various guidelines regarding digital payments and
customer protection, particularly concerning unauthorized banking transactions.
▪ Here are some key aspects:
▪ Digital Payments:
1. Security Measures: RBI mandates that banks and financial institutions implement robust
security measures to safeguard digital transactions. This includes two-factor authentication,
encryption, and other security protocols.
2.Customer Awareness: Banks are required to educate customers about safe digital practices,
potential risks, and methods to secure their transactions. This could be through notifications,
SMS alerts, or educational campaigns.
3.Fraud Monitoring: Regular monitoring of transactions for any suspicious activity or
patterns to prevent fraudulent transactions is mandatory.
4.Prompt Redressal: There are provisions for customers to report unauthorized transactions
promptly. Upon receiving such reports, banks are obligated to investigate and resolve
complaints within a specific timeline.
▪ Customer Protection in Unauthorized Transactions:
1. Limited Liability of Customers: In cases of unauthorized transactions, if the customer
reports the transaction within a stipulated time frame, the customer's liability is limited. The
liability shift is from the customer to the bank, subject to certain conditions and
documentation.
2.Timely Reporting: Customers are encouraged to report unauthorized transactions or any
suspicious activity as soon as possible to minimize their liability.
3.Dispute Resolution: There is a defined process for dispute resolution between the
customer and the bank regarding unauthorized transactions.
4.Reversal of Transactions: The RBI mandates that banks have to ensure prompt reversal of
any unauthorized transaction within a specified time frame once it is reported by the
customer.
Relevant provisions of Payment Settlement Act,2007.
▪ The Payment and Settlement Systems Act, 2007 is an Indian legislation that provides the
regulatory framework for payment systems in India. Here are some of the relevant provisions:
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 12
Cyber Security[SEC-4]
1. Regulation of Payment Systems: The Act establishes the Reserve Bank of India
(RBI) as the regulatory authority for payment systems in India. It aims to ensure the
stability, efficiency, and integrity of payment systems.
2. Designation of Payment Systems: The RBI has the authority to designate systems
for the purpose of the Act, allowing it to regulate and supervise various payment
systems in the country.
3. Licensing of Payment System Operators: The Act outlines provisions for the
licensing and regulation of payment system operators, ensuring that entities involved in
payment systems meet certain criteria and adhere to specified norms.
4. Oversight and Monitoring: The RBI is empowered to oversee and monitor payment
systems to ensure their smooth functioning, stability, and compliance with regulations.
5. Settlement Finality: The Act provides for settlement finality, meaning that once a
settlement in a payment system is deemed final, it cannot be revoked or reversed, except
in certain specified circumstances.
6. Establishment of Payment System Board: The Act establishes a Payment System
Board within the RBI to regulate and supervise payment systems more effectively.
7. Penalties and Enforcement: Provisions for penalties and enforcement mechanisms
are outlined in the Act to ensure compliance with its provisions and regulations set by
the RBI.
▪ These provisions and more are detailed in the Payment and Settlement Systems Act, 2007, aimed
at fostering a secure, efficient, and reliable payment system framework in India.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 13
Cyber Security [SEC-4]
Module-V:
End Point device and Mobile phone security, Password policy, Security patch
management, Data backup, Downloading and management of third-party software,
Device security policy, Cyber Security best practices, Significance of host firewall and
Ant-virus, Management of host firewall and Anti-virus, Wi-Fi security, Configuration of
basic security policy and permissions.
End Point device and Mobile phone security
▪ Securing endpoint devices and mobile phones is crucial due to the sensitive information they
often hold and their susceptibility to various threats. Here are some essential practices:
▪ For End Point Devices:
1. Keep Software Updated: Regularly update operating systems and applications. Patches
often contain security fixes.
2. Use Antivirus/Malware Protection: Install reputable antivirus and anti-malware
software. Schedule regular scans.
3. Implement Firewalls: Enable firewalls to prevent unauthorized access to your device.
4. Strong Authentication: Use strong, unique passwords or consider using password
managers. Implement multi-factor authentication where possible.
5. Encrypt Data: Encrypt sensitive data to prevent unauthorized access if the device is lost
or stolen.
6. Backup Regularly: Maintain backups of important data. In case of a security breach, you
can recover your data.
7. Limit User Privileges: Users should have only the necessary permissions to perform their
tasks to limit the potential damage from a compromised account.
▪ For Mobile Phones:
1. Lock Screen Security: Use passcodes, patterns, fingerprints, or facial recognition to secure
access to the device.
2. App Permissions: Review and manage app permissions to limit what data apps can access.
3. Install from Trusted Sources: Only download apps from official app stores to reduce the risk
of installing malicious software.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 1
Cyber Security [SEC-4]
4. Encrypt Mobile Data: Enable encryption for data stored on the device. Most modern
smartphones have this option in settings.
5. Remote Wipe/Find Features: Activate remote wipe/locate features so that if the device is
lost, you can erase its data or find its location.
6. Regular Updates: Keep the phone's operating system and apps updated to patch
vulnerabilities.
7. Use VPNs on Public Networks: When connecting to public Wi-Fi, use a Virtual Private
Network (VPN) for encrypted and secure browsing.
8. Avoid Jailbreaking or Rooting: Avoid modifying the phone's operating system beyond the
manufacturer's intended use, as it can expose the device to more risks.
Password policy
▪ A password policy sets the rules that passwords for a service must meet, such as length and type
of characters allowed and disallowed.
▪ Password policies are crucial for ensuring the security of digital accounts and systems. They
typically include guidelines and requirements that dictate how passwords should be created,
used, and managed. Here are some common elements of a robust password policy:
1. Password Length: Requiring a minimum number of characters (often 8-12) helps create
stronger passwords.
2. Complexity Requirements: Encouraging or mandating a mix of character types
(uppercase, lowercase, numbers, symbols) makes passwords harder to crack.
3. Regular Changes: Requiring periodic password changes (every 60-90 days) reduces the
risk of prolonged exposure to potential breaches.
4. Prohibiting Common Passwords: Blocking commonly used or easily guessable
passwords enhances security.
5. Account Lockout: Implementing a mechanism that locks an account after multiple failed
login attempts prevents brute force attacks.
6. Multi-Factor Authentication (MFA): Encouraging or mandating the use of MFA adds
an extra layer of security, requiring users to provide more than one form of verification.
7. Education and Training: Providing guidance to users on creating strong passwords and
the importance of safeguarding them through regular training or resources.
8. Restrictions on Password Sharing: Discouraging or prohibiting the sharing of
passwords helps maintain individual account security.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 2
Cyber Security [SEC-4]
9. Monitoring and Enforcement: Regularly auditing password practices and enforcing
policy compliance ensures ongoing security.
10. Encryption and Storage: Safely storing passwords using encryption and secure hashing
methods mitigates the risk of exposing them in case of a data breach.
▪ Creating a policy that balances security needs with user convenience is essential. Forcing overly
complex passwords might lead users to write them down or reuse them across multiple accounts,
which can introduce vulnerabilities. Balancing complexity with usability is often a challenge but
a critical aspect of a strong password policy.
Security patch management
▪ Security patch management is a crucial aspect of maintaining a secure system or network. It
involves identifying, acquiring, testing, and applying patches or updates to software, applications,
or devices to address known vulnerabilities or security weaknesses. Here's a breakdown of the
process:
1. Identification: Stay informed about security vulnerabilities. This involves monitoring
vendor websites, security advisories, mailing lists, and other sources to identify patches
relevant to your systems.
2. Assessment: Evaluate the severity and impact of the vulnerability on your systems.
Determine if the patch is applicable and necessary for your environment.
3. Acquisition: Download or obtain the necessary patches or updates from the official sources.
Ensure that you're getting patches from trusted and verified sources to avoid installing
malicious software.
4. Testing: Before deploying patches to your production environment, test them in a controlled
environment (like a test network or system) to ensure they work as intended and don’t create
conflicts with existing software.
5. Deployment: Once patches are tested and validated, deploy them to the production
environment. Use automation tools where possible to streamline the deployment process.
6. Verification: Confirm that the patches have been successfully applied and that systems are
functioning properly after the update.
7. Monitoring and Maintenance: Regularly monitor for new vulnerabilities and keep track of
installed patches. Perform periodic checks to ensure all systems are up to date with the latest
security patches.
8. Documentation: Maintain records of applied patches, dates, and any issues encountered
during the patching process. Documentation is essential for audits and future reference.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 3
Cyber Security [SEC-4]
▪ Effective patch management helps mitigate the risks associated with security vulnerabilities,
reducing the chances of security breaches or attacks exploiting known weaknesses in software
or systems.
Data backup
▪ Data backup is crucial for safeguarding your important information. It involves creating
duplicate copies of your files or data to protect against data loss in case of hardware failures,
human error, cyberattacks, or any unforeseen disasters.
▪ Here are some essential tips for effective data backup:
1. Regular backups: Set up a routine schedule for backing up your data. How frequently you
back up depends on the importance of the data and how frequently it changes.
2.Multiple locations: Store your backups in multiple locations. This could include external
hard drives, cloud storage, or even offsite locations. Having copies in different places
reduces the risk of losing all data in case of a localized issue.
3.Automate backups: Use backup tools that allow you to automate the process. This
ensures consistency and helps prevent forgetting to back up important data.
4.Verify backups: Periodically check your backups to ensure they are complete and accurate.
Sometimes, backups may contain errors or become corrupted.
5.Use encryption: If your data contains sensitive information, consider encrypting your
backups. This adds an extra layer of security, especially when storing data in the cloud or
on portable devices.
6.Test restoration: Regularly test the restoration process to ensure your backups are usable.
It’s crucial to know that you can recover data effectively when needed.
7.Prioritize important data: Not all data is equally critical. Prioritize what needs to be
backed up more frequently or with higher security measures.
Downloading and management of third-party software
▪ Downloading and managing third-party software involves several steps to ensure you're
obtaining it safely and using it securely:
1. Source: Obtain software from reputable sources. Official websites or trusted app stores
(like Apple App Store, Google Play Store, Microsoft Store) are safer than random websites.
2. Reviews and Ratings: Check reviews, ratings, and user feedback to gauge the software's
reliability, performance, and security.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 4
Cyber Security [SEC-4]
3. Official Websites: Prefer downloading from the official website of the software developer.
Be cautious of downloading from third-party websites as they might bundle software with
malware.
4. Verify Authenticity: Verify the authenticity of the website and the software. Look for
digital signatures or official hashes provided by the developer to ensure the software hasn't
been tampered with.
5. Read Permissions: When installing, read the permissions the software is requesting. Be
cautious if the permissions seem excessive for the software's intended function.
6. Security Software: Have reliable antivirus/anti-malware software installed and keep it up-
to-date. Run scans on downloaded files to ensure they're safe.
7. Regular Updates: Keep all software updated, including third-party applications, to patch
security vulnerabilities.
8. Uninstall Unused Software: Remove any software that is no longer needed to reduce the
potential vulnerabilities on your system.
9. License Agreement: Read the license agreement to understand the terms and conditions
of using the software.
10.Back Up Data: Regularly back up your data to mitigate the impact of any potential issues
caused by third-party software.
11. Virtual Environments/Sandboxes: Consider using virtual environments or sandboxes
to test potentially risky software before installing it on your main system.
▪ Remember, exercising caution and staying informed are crucial when downloading and
managing third-party software to maintain the security and performance of your system.
Device security policy
▪ Creating a device security policy is crucial to safeguarding your systems and data. Here are some
key components you might want to consider when drafting a device security policy:
1. Device Usage Guidelines: Establish rules for how devices should be used within your
organization. This might include specifying who can use company devices, how they
should be used, and for what purposes.
2. Acceptable Use Policy: Define what is and isn't permitted on company devices. This can
cover browsing certain websites, downloading software, or using external drives.
3. Password and Authentication: Require strong, unique passwords for each device and
enforce multi-factor authentication where possible.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 5
Cyber Security [SEC-4]
4. Data Encryption: Mandate encryption for sensitive data stored on devices to prevent
unauthorized access.
5. Regular Updates and Patching: Ensure that devices have the latest security updates and
patches installed to protect against vulnerabilities.
6. Access Control: Implement controls that limit access to data and systems based on job
roles and responsibilities.
7. Remote Access Security: Define protocols for secure remote access to company
systems, including the use of virtual private networks (VPNs) and secure connections.
8. Lost or Stolen Devices: Establish procedures for reporting and handling lost or stolen
devices to mitigate potential data breaches.
9. Software and Application Management: Specify guidelines for installing, updating, and
removing software and applications on company devices.
10. Monitoring and Reporting: Outline measures for monitoring device usage, detecting
security incidents, and reporting breaches or suspicious activities.
11. Employee Training: Provide regular training and awareness programs to educate
employees about security best practices and potential threats.
12. BYOD (Bring Your Own Device) Policy: If applicable, define rules for personal devices
used for work purposes, including security requirements and access limitations.
Cyber Security best practices
▪ Cybersecurity is crucial in protecting digital systems and data. Here are some best practices to
enhance cybersecurity:
1. Use Strong Passwords: Create complex passwords with a mix of letters (uppercase and
lowercase), numbers, and symbols. Consider using a password manager to keep track of them.
2. Enable Multi-Factor Authentication (MFA): Implement MFA wherever possible. It adds an
extra layer of security by requiring users to provide more than one form of identification to
access an account.
3. Keep Software Updated: Regularly update operating systems, applications, and antivirus
software. Updates often include security patches that protect against known vulnerabilities.
4. Regular Backups: Perform regular backups of important data and systems. This ensures that
if there's a security breach or data loss, you can recover your information.
5. Educate Employees: Train staff on cybersecurity best practices, including recognizing
phishing attempts, avoiding suspicious links or downloads, and handling sensitive information
securely.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 6
Cyber Security [SEC-4]
6. Secure Wi-Fi Networks: Use strong encryption (like WPA3) for Wi-Fi networks, change
default passwords on routers, and hide your network's SSID to prevent unauthorized access.
7. Implement Firewalls: Use firewalls to establish barriers between your internal network and
untrusted external networks, such as the internet.
8. Limit Access and Permissions: Grant access only to necessary data and systems. Regularly
review and update user permissions as roles change within the organization.
9. Monitor and Respond: Employ monitoring tools to detect and respond to security threats
promptly. This includes network traffic, system logs, and anomalous activities.
10. Create an Incident Response Plan: Develop a plan outlining steps to take in the event of a
cybersecurity incident. This helps in responding effectively and minimizing damage.
11. Encrypt Sensitive Data: Encrypt data both in transit and at rest. This adds a layer of protection
even if data is compromised.
12. Third-Party Risk Management: Assess and manage the security risks posed by third-party
vendors and service providers who have access to your systems or data.
13. Regular Security Audits: Conduct periodic security audits and assessments to identify
vulnerabilities and address them promptly.
14. Implement Least Privilege: Provide users with the minimum level of access needed to
perform their jobs. This minimizes the risk of unauthorized access.
15. Stay Informed: Stay updated on the latest cybersecurity threats and trends. This knowledge
helps in proactively securing systems and networks.
▪ Cybersecurity is an ongoing process requiring continuous efforts to stay ahead of evolving
threats. Implementing these best practices can significantly strengthen your organization's
security posture.
Significance of host firewall and Ant-virus
▪ Both host firewalls and antivirus software play critical roles in computer security, albeit in
different ways.
▪ Host Firewall:
A host firewall is a software or hardware component that monitors and controls incoming and
outgoing network traffic on an individual device (such as a computer or server). Its primary
function is to act as a barrier between your device and potentially malicious content from the
internet or other networks.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 7
Cyber Security [SEC-4]
− Protection: It helps prevent unauthorized access to or from a private network by controlling
the traffic entering or leaving the device.
− Filtering: It filters network packets based on predefined security rules, allowing or denying
traffic based on various criteria like IP addresses, ports, protocols, and applications.
− Defense: A host firewall is the first line of defense against many common network-based
attacks, such as port scanning, malware, and certain types of cyber threats.
▪ Antivirus Software:
Antivirus software is designed to detect, prevent, and remove malicious software (malware) from
a computer or device.
− Malware Protection: It scans files, emails, downloads, and other elements of your system for
known patterns and behaviors associated with viruses, worms, Trojans, spyware,
ransomware, and other types of malicious software.
− Real-time Monitoring: Many antivirus programs run continuously in the background,
monitoring system activities and flagging or quarantining suspicious files or processes.
− Updates and Heuristics: Antivirus software relies on regular updates to its virus definition
databases to recognize new threats. Additionally, some use heuristic analysis to detect
previously unknown malware by identifying suspicious behavior patterns.
▪ Significance:
− Complementary Protection: Host firewalls and antivirus software complement each other.
Firewalls protect against unauthorized network access, while antivirus software safeguards
against malware threats.
− Defense in Depth: Employing both provides a multi-layered defense, crucial in
cybersecurity, known as defense in depth. If one layer fails, others might still provide
protection.
− Preventative Measures: Together, they significantly reduce the risk of various cyber threats,
preventing unauthorized access, data breaches, and the potential damage caused by malware
infections.
▪ In the constantly evolving landscape of cybersecurity, it's essential to keep both your host
firewall and antivirus software updated to ensure they can effectively counter new and emerging
threats.
Management of host firewall and Anti-virus
▪ Managing host firewalls and antivirus software is crucial for maintaining a secure system. Here
are some general guidelines for managing them effectively:
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 8
Cyber Security [SEC-4]
▪ Firewall Management:
1. Understand Firewall Rules: Learn how your firewall works and the rules governing
inbound and outbound traffic. Configure rules based on the principle of least privilege,
allowing only necessary traffic.
2. Regular Updates: Keep the firewall software updated to ensure it has the latest security
patches and features.
3. Logging and Monitoring: Enable logging to track firewall activities. Regularly review logs
for any suspicious activities or unauthorized access attempts.
4. Default Deny Policy: Implement a default deny policy where all traffic is blocked unless
specifically allowed. This minimizes the attack surface.
5. Application Control: Use application-specific rules to control which applications can
access the network. This helps prevent unauthorized programs from communicating
externally.
▪ Antivirus Management:
1. Regular Updates: Ensure your antivirus software is updated with the latest virus definitions
and software patches. New threats emerge regularly, so frequent updates are crucial.
2. Scheduled Scans: Set up regular system scans to check for malware, viruses, and other
threats. Perform full system scans periodically.
3. Real-Time Protection: Enable real-time scanning to monitor files and processes in real-
time for any suspicious behavior or malware.
4. Quarantine and Removal: Configure the antivirus to quarantine or remove identified
threats automatically. Regularly review quarantined items to ensure no false positives.
5. User Education: Educate users about safe browsing habits, downloading files from trusted
sources, and avoiding suspicious emails or websites that could introduce malware.
6. Compatibility and Performance: Ensure the antivirus software doesn’t conflict with other
applications or significantly degrade system performance. Adjust settings if needed for
optimal performance
Wi-Fi security
▪ Wi-Fi security is crucial in safeguarding your network from unauthorized access, data breaches,
and various cyber threats. Here are some essential tips to enhance Wi-Fi security:
1. Strong Passwords: Use a complex, unique password for your Wi-Fi network.
Avoid using default passwords provided by the router manufacturer.
2. Encryption: Enable WPA3 (Wi-Fi Protected Access 3) encryption if available on
your router. WPA2 is also secure but might not be as robust as WPA3.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 9
Cyber Security [SEC-4]
3. Network Name (SSID) Hiding: Consider hiding the network name (SSID) to make
it less visible to potential attackers. While this won’t fully protect your network, it
can add a layer of obscurity.
4. Router Firmware Updates: Regularly update your router's firmware to patch any
security vulnerabilities and ensure it has the latest security features.
5. Firewall: Activate the firewall on your router to control incoming and outgoing
traffic. This helps prevent unauthorized access.
6. Guest Network: Set up a separate guest network for visitors. This network should
have limited access to your main network and its devices.
7. MAC Address Filtering: Restrict network access to specific devices by allowing
only approved MAC addresses to connect to your network. Note: MAC addresses
can be spoofed, so this isn't foolproof.
8. Use a VPN: When connected to public Wi-Fi networks, use a Virtual Private
Network (VPN) to encrypt your internet traffic and protect your data from
potential eavesdropping.
9. Disable WPS: Wi-Fi Protected Setup (WPS) can sometimes be vulnerable to brute
force attacks. Disable it on your router to enhance security.
10. Regular Audits: Periodically check connected devices, review network logs, and
monitor traffic for any suspicious activity.
11. Physical Security: Place your router in a secure location to prevent physical
tampering or unauthorized access.
12. Stronger Authentication: Consider using stronger authentication methods like
two-factor authentication (2FA) for accessing your router's settings.
▪ By implementing these measures, you can significantly improve the security of your Wi-Fi
network and reduce the chances of unauthorized access or data breaches.
Configuration of basic security policy and permissions
▪ Creating a basic security policy involves several steps and considerations. Here’s a general guide
on how to approach setting up security policies and permissions:
1. Identify Assets: Determine what data, systems, or resources need protection. This could be
customer data, intellectual property, servers, etc.
2. Risk Assessment: Evaluate potential threats and vulnerabilities to those assets. Consider internal
and external risks, such as cyber attacks, unauthorized access, data breaches, etc.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 10
Cyber Security [SEC-4]
3. Define Security Policies: Create a set of rules and guidelines to protect the identified assets. This
might include:
− Access Control Policies: Define who can access what. Use principles like least privilege
(giving users only the necessary permissions) and separation of duties.
− Data Encryption Policies: Specify when and where encryption should be applied to
sensitive data, both at rest and in transit.
− Password Policies: Establish guidelines for strong, regularly updated passwords and
multi-factor authentication.
− Security Update Policies: Define how often systems and software should be updated to
patch vulnerabilities.
− Incident Response Policies: Lay out procedures for responding to security incidents,
including reporting and mitigation steps.
4. Implement Permissions:
− User Roles: Define roles (like admin, user, manager) and assign permissions accordingly.
Admins usually have the highest level of access, while users have more limited access.
− Access Controls: Use tools like access control lists (ACLs) or Role-Based Access Control
(RBAC) to enforce permissions. This can be managed through operating systems,
databases, or applications.
5. Regular Audits and Updates: Periodically review and update security policies and permissions.
Technology changes and new threats emerge, so it’s important to stay up-to-date.
6. Employee Training: Educate employees about security policies and the importance of adhering
to them. Human error is a significant factor in security breaches.
7. Monitoring and Logging: Implement systems to monitor user activities and log events. This
helps in identifying suspicious behavior and investigating incidents.
8. Compliance: Ensure that your security policies align with relevant regulations and industry
standards applicable to your organization.
▪ Remember, this is a general framework. The specifics will vary depending on the nature of your
organization, the industry, and the regulatory environment you operate in. Always consider
seeking professional advice or a security expert's help when setting up security policies for an
organization.
Prepared by: Ms. Ambika V, Asst. Professor, Department of BCA 11
You might also like
- Unit 5 Internet Applications: Task 1 Make A List of All The Things You Can Use The Internet ForNo ratings yetUnit 5 Internet Applications: Task 1 Make A List of All The Things You Can Use The Internet For25 pages
- 2 - Blackscreen - Hdh-Nord-Bau GMBH - Mt103-Gpi - 10M - 20.01.2025No ratings yet2 - Blackscreen - Hdh-Nord-Bau GMBH - Mt103-Gpi - 10M - 20.01.20251 page
- Alumni System Final Year Project For ITNo ratings yetAlumni System Final Year Project For IT61 pages
- Service Manual of PM-600 Portable Patient Monitor: Shenzhen Mindray Bio-Medical Electronic Co., LTD100% (1)Service Manual of PM-600 Portable Patient Monitor: Shenzhen Mindray Bio-Medical Electronic Co., LTD44 pages
- Family and Personal History History 1st GradeNo ratings yetFamily and Personal History History 1st Grade63 pages
- Threat Hunting: A Must Have For Any Blue or Red Teamer's Skill ArsenalNo ratings yetThreat Hunting: A Must Have For Any Blue or Red Teamer's Skill Arsenal18 pages
- BASIC USER - USER GUIDE - Entity SearchNo ratings yetBASIC USER - USER GUIDE - Entity Search22 pages
- ADDTOP SE Series Inkjet Printer (SE 1601)No ratings yetADDTOP SE Series Inkjet Printer (SE 1601)3 pages
- Getting Started With QT For Android - QT 6.7No ratings yetGetting Started With QT For Android - QT 6.75 pages
- FIFA Video Game - Players ClassificationNo ratings yetFIFA Video Game - Players Classification26 pages
- B. Com. Part-II: Mr. Santosh Kumar MiriNo ratings yetB. Com. Part-II: Mr. Santosh Kumar Miri11 pages
- Laporan Keuangan KKR Net Isdac Arvada Colorado Usa Bekerja Sama Dengan Gmahk Pioneer Tompaso KamangaNo ratings yetLaporan Keuangan KKR Net Isdac Arvada Colorado Usa Bekerja Sama Dengan Gmahk Pioneer Tompaso Kamanga7 pages
- Add 3.5" SATA Hard Drive To HP Thin Client T5540. Neo-BlogNo ratings yetAdd 3.5" SATA Hard Drive To HP Thin Client T5540. Neo-Blog3 pages
