cyber crime and law regarding everything in this pdf
hritikop1999
61 views
80 slides
Jul 23, 2024
Slide 1 of 80
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
About This Presentation
EVERYTHING REGARDING CYBER CRIME AND LAW
Slide Content
WORLDWIDE
4.2
BILLION
PEOPLE USE THE
INTERNET ACTIVELY
ESTIMATED
7%
INCREASE
IN THE INTERNET USERS
IN THE LAST YEAR ALONE
Source: International Telecommunications Union
4.2
BILLION
PEOPLE USE THE
INTERNET ACTIVELY
ESTIMATED
7%
INCREASE
IN THE INTERNET USERS
IN THE LAST YEAR ALONE
Source: International Telecommunications Union
The number of Internet users is growing
So…..
CYBER CRIME is bound to RISE………..
So…..
CYBER CRIME is bound to RISE………..
yber
rime
Agenerictermthatreferstoallcriminalactivitiesdone
usingthemediumofcomputers,theInternet,cyberspace
andtheworldwideweb.Itisverydifficulttoclassifycrimes
ingeneralintodistinctgroupsasmanycrimesevolveona
dailybasis.
CYBER SECURITY
Protectinginformation,equipment,devicescomputer,computerresource,
communicationdeviceandinformationstoredthereinfromunauthorizedaccess,use,
disclosure,disruption,modificationordestruction.
rime
Agenerictermthatreferstoallcriminalactivitiesdone
usingthemediumofcomputers,theInternet,cyberspace
andtheworldwideweb.Itisverydifficulttoclassifycrimes
ingeneralintodistinctgroupsasmanycrimesevolveona
dailybasis.
CYBER SECURITY
Protectinginformation,equipment,devicescomputer,computerresource,
communicationdeviceandinformationstoredthereinfromunauthorizedaccess,use,
disclosure,disruption,modificationordestruction.
Hacking
DOS attack
Virus/Worm
attacks
Cyber
Terrorism
Credit card
frauds,
Pornography
IPRviolations
Categories
of Cyber
Crime
DOS attack
Virus/Worm
attacks
Cyber
Terrorism
Credit card
frauds,
Pornography
IPRviolations
Categories
of Cyber
Crime
HISTORY OF CYBER CRIME –FROM 1820 TO PRESENT
1820
1978
Employeescommittedactsof
sabotagetodiscouragea
textilemanufacturerfromfurther
useofthenewtechnology
whichallowedtherepetitionof
aseriesofstepsintheweaving
ofspecialfabrics.
FirstSpamEmailsent
overtheArpanet
1820
1978
Employeescommittedactsof
sabotagetodiscouragea
textilemanufacturerfromfurther
useofthenewtechnology
whichallowedtherepetitionof
aseriesofstepsintheweaving
ofspecialfabrics.
FirstSpamEmailsent
overtheArpanet
1997
MaliciousCode,Trojan,
AdvancedWorms
1982
FirstVirusinstalledon
AppleComputer
2004
IdentityTheft,
Phishing
MaliciousCode,Trojan,
AdvancedWorms
1982
FirstVirusinstalledon
AppleComputer
2004
IdentityTheft,
Phishing
2010
SocialEngineering,
DoS,Ransomware
2007
DNSAttacks,Riseof
Botnets,SQLattacks,
AntiSpamsites
2013
Keyloggers, Phone
Hijacking, Cyber
Warfare, Android Hacks
SocialEngineering,
DoS,Ransomware
2007
DNSAttacks,Riseof
Botnets,SQLattacks,
AntiSpamsites
2013
Keyloggers, Phone
Hijacking, Cyber
Warfare, Android Hacks
2015
Child Pornography,
Cyber Terrorism
Present
DataBreaches,IoTAttacks,
Cryptojacking
Child Pornography,
Cyber Terrorism
Present
DataBreaches,IoTAttacks,
Cryptojacking
Indian
Penal
Code
(IPC)
Special and
Local Laws
(SLL)
THE
IT ACT
REGISTRATION OF CYBER CRIME CASES IN INDIA
Cyber Crime in India
Penal
Code
(IPC)
Special and
Local Laws
(SLL)
THE
IT ACT
REGISTRATION OF CYBER CRIME CASES IN INDIA
Cyber Crime in India
Cases Registered under the IT ACT
Tamperingcomputersourcedocuments(Section65ITAct)
Loss/damagetocomputerresource/utility(Section66(1)ITAct)
Hacking(Section66(2)ITAct)
Obscenepublication/transmissioninelectronicform(Section67ITAct)
Failureofcompliance/ordersofCertifyingAuthority(Section68ITAct)
FailuretoassistindecryptingtheinformationinterceptedbyGovtAgency(Section69ITAct)
Un-authorisedaccess/attempttoaccesstoprotectedcomputersystem(Section70ITAct)
ObtaininglicenceorDigitalSignatureCertificatebymisrepresentation/suppressionoffact
(Section71ITAct)
PublishingfalseDigitalSignatureCertificate(Section73ITAct)
FraudDigitalSignatureCertificate(Section74ITAct)
Breachofconfidentiality/privacy(Section72ITAct)
Others
Tamperingcomputersourcedocuments(Section65ITAct)
Loss/damagetocomputerresource/utility(Section66(1)ITAct)
Hacking(Section66(2)ITAct)
Obscenepublication/transmissioninelectronicform(Section67ITAct)
Failureofcompliance/ordersofCertifyingAuthority(Section68ITAct)
FailuretoassistindecryptingtheinformationinterceptedbyGovtAgency(Section69ITAct)
Un-authorisedaccess/attempttoaccesstoprotectedcomputersystem(Section70ITAct)
ObtaininglicenceorDigitalSignatureCertificatebymisrepresentation/suppressionoffact
(Section71ITAct)
PublishingfalseDigitalSignatureCertificate(Section73ITAct)
FraudDigitalSignatureCertificate(Section74ITAct)
Breachofconfidentiality/privacy(Section72ITAct)
Others
Cases Registered under the IPC
Offences by/against Public Servant (Section 167, 172, 173, 175 IPC)
False electronic evidence (Section 193 IPC)
Destruction of electronic evidence (Section 204, 477 IPC)
Forgery (Section 463, 465, 466, 468, 469, 471, 474, 476, 477AIPC)
Criminal Breach of Trust (Section 405, 406, 408, 409 IPC)
Counterfeiting Property Mark (Section 482, 183, 483, 484, 485 IPC)
Tampering (Section 489 IPC)
Counterfeiting Currency / Stamps (Section 489Ato 489EIPC)
Offences by/against Public Servant (Section 167, 172, 173, 175 IPC)
False electronic evidence (Section 193 IPC)
Destruction of electronic evidence (Section 204, 477 IPC)
Forgery (Section 463, 465, 466, 468, 469, 471, 474, 476, 477AIPC)
Criminal Breach of Trust (Section 405, 406, 408, 409 IPC)
Counterfeiting Property Mark (Section 482, 183, 483, 484, 485 IPC)
Tampering (Section 489 IPC)
Counterfeiting Currency / Stamps (Section 489Ato 489EIPC)
*NCRBCII report -2018
CYBER CRIMES RECORDED IN 2018
KARNATAKA
ThestatesofAndhraPradesh(1207)andTelangana(1205)
alongwithRajasthan(1104)areamongtheotherstates
whichhaverecordedahighnumberofcyber-crimecases.
KARNATAKA
ThestatesofAndhraPradesh(1207)andTelangana(1205)
alongwithRajasthan(1104)areamongtheotherstates
whichhaverecordedahighnumberofcyber-crimecases.
6688
3076
2751
2704
Identity Theft Distribution of Sexually
Explicit Content
Offences other than
Ransomware under Sec 66
Cheating by Personation
MOST COMMON CYBER CRIMES
(INDIA -2018)
3076
2751
2704
Identity Theft Distribution of Sexually
Explicit Content
Offences other than
Ransomware under Sec 66
Cheating by Personation
MOST COMMON CYBER CRIMES
(INDIA -2018)
•Cheating,Fraud,CyberStalkingform
amajorityofcyber-crimesbooked
underIPC.
•39%ofthecasesbookedunder
varioussectionofIPCrelatedto
‘Fraud(undersection420,465,468-
471)’i.e.3,353casesacrossallthe
statesandUTs.
•Ofthese,amajorportionarerelated
toATMrelatedfraudswith1284
cases.Bihar,Maharashtraand
Odishaareamongthestateswiththe
highestnumberofATMrelated
frauds.
ATMs
Cases booked under various section of IPCrelated
to ‘Fraud(under section 420, 465, 468-471)’
309
1284
319
968
Credit/Debit
Card
Online Banking Fraud
OTP
amajorityofcyber-crimesbooked
underIPC.
•39%ofthecasesbookedunder
varioussectionofIPCrelatedto
‘Fraud(undersection420,465,468-
471)’i.e.3,353casesacrossallthe
statesandUTs.
•Ofthese,amajorportionarerelated
toATMrelatedfraudswith1284
cases.Bihar,Maharashtraand
Odishaareamongthestateswiththe
highestnumberofATMrelated
frauds.
ATMs
Cases booked under various section of IPCrelated
to ‘Fraud(under section 420, 465, 468-471)’
309
1284
319
968
Credit/Debit
Card
Online Banking Fraud
OTP
15051
SEXUAL
EXPLOITATION
2030
1212
1050
CAUSING
DISREPUTE
EXTOR TION
FRAUD
CYBER CRIMES
CASES BY MOTIVE
(INDIA -2018)
SEXUAL
EXPLOITATION
2030
1212
1050
CAUSING
DISREPUTE
EXTOR TION
FRAUD
CYBER CRIMES
CASES BY MOTIVE
(INDIA -2018)
HACKING
DENIAL OF SERVICE
ATTACK
TROJANS, WORMS &
VIRUSES
SOFTWARE
PIRACY
PORNOGRAPHY
CREDIT CARD
FRAUD
SPAMMING
PHISHING
SPOOFING
CYBER STALKING
CYBER
DEFAMATION
SALAMI ATTACK
DATA THEFT
IDENTITY THEFT
EMAIL SPOOFING
TYPES OF CYBER CRIME
DENIAL OF SERVICE
ATTACK
TROJANS, WORMS &
VIRUSES
SOFTWARE
PIRACY
PORNOGRAPHY
CREDIT CARD
FRAUD
SPAMMING
PHISHING
SPOOFING
CYBER STALKING
CYBER
DEFAMATION
SALAMI ATTACK
DATA THEFT
IDENTITY THEFT
EMAIL SPOOFING
TYPES OF CYBER CRIME
Variants of Cyber Crime
acking
A crime which entails cracking systems and gaining unauthorized
access to the data stored in them.
yberSquatting
Act of registering a famous Domain Name and then selling it for a
fortune. This is an issue that has not been tackled in IT ACT 2000.
acking
A crime which entails cracking systems and gaining unauthorized
access to the data stored in them.
yberSquatting
Act of registering a famous Domain Name and then selling it for a
fortune. This is an issue that has not been tackled in IT ACT 2000.
HackedTwitterhandlesofRahulGandhi,VijayMallyaandthelatestBarkhaDuttand
RavishKumarforNDTV.
Theyhadtweetedalinktoapartialdatadumpofabout1.2GBemailsofBarkha
Dutt.
ThegroupclaimsithasabypassforTwittertwo-factorauthenticationtogetaccess
toTwitteraccounts.
AlsobraggedabouthavingaccesstoserverslikeApolloHospitals,butthegroup
wasunsureaboutreleasingdatafromthoseservers.
LEGION HACKERS
RavishKumarforNDTV.
Theyhadtweetedalinktoapartialdatadumpofabout1.2GBemailsofBarkha
Dutt.
ThegroupclaimsithasabypassforTwittertwo-factorauthenticationtogetaccess
toTwitteraccounts.
AlsobraggedabouthavingaccesstoserverslikeApolloHospitals,butthegroup
wasunsureaboutreleasingdatafromthoseservers.
LEGION HACKERS
Prevention Against Hacking
Perform required software updates
Install a firewall on your computer
Change your passwords every month
Purchase or download antivirus software
Monitor network traffic
Restrict software installation
Use strong passwords
Do not share professional information on social networks
Perform required software updates
Install a firewall on your computer
Change your passwords every month
Purchase or download antivirus software
Monitor network traffic
Restrict software installation
Use strong passwords
Do not share professional information on social networks
DATA THEFT
DataTheftisagrowingproblem,primarilyperpetratedbyofficeworkerswith
accesstotechnologysuchasdesktopcomputersandhand-helddevices,
capableofstoringdigitalinformationsuchasflashdrives,iPodsandeven
digitalcameras.
AccordingtoInformationTechnology(Amendment)Act,2008,
crimeofdatatheftunderSection43(b)isstatedas-Ifany
personwithoutpermissionoftheowneroranyotherperson,
whoisinchargeofacomputer,computersystemofcomputer
network-downloads,copiesorextractsanydata,computerdata
baseorinformationfromsuchcomputerorcomputernetwork
includinginformationordataheldorstoredinanyremovable
storagemedium,thenitisdatatheft.
DataTheftisagrowingproblem,primarilyperpetratedbyofficeworkerswith
accesstotechnologysuchasdesktopcomputersandhand-helddevices,
capableofstoringdigitalinformationsuchasflashdrives,iPodsandeven
digitalcameras.
AccordingtoInformationTechnology(Amendment)Act,2008,
crimeofdatatheftunderSection43(b)isstatedas-Ifany
personwithoutpermissionoftheowneroranyotherperson,
whoisinchargeofacomputer,computersystemofcomputer
network-downloads,copiesorextractsanydata,computerdata
baseorinformationfromsuchcomputerorcomputernetwork
includinginformationordataheldorstoredinanyremovable
storagemedium,thenitisdatatheft.
AnonymousIndiaclaimsthatRelianceJioissendingthis
datatocompaniesintheUSandSingaporeandhasalsolisted
astep-by-stepguideforanyonetoverifythisthemselves.
MyJioandJioDialer
appssendthis
informationtoanad
networkcalled
Mad-Me.
Reliance JioStill Sharing Your Call Information With Foreign Countries -
Anonymous India
datatocompaniesintheUSandSingaporeandhasalsolisted
astep-by-stepguideforanyonetoverifythisthemselves.
MyJioandJioDialer
appssendthis
informationtoanad
networkcalled
Mad-Me.
Reliance JioStill Sharing Your Call Information With Foreign Countries -
Anonymous India
VIRUS
WHAT IT IS?
A computer virus is a malware program that, when executed, replicates
by inserting copies of itself (possibly modified) into other computer
programs, data files, or the boot sector of the hard drive; when this
replication succeeds, the affected areas are then said to be "infected".
TYPES
Resident vs
Non-resident
Virus
Macro Viruses
Boot-sector
Viruses
WHAT IT IS?
A computer virus is a malware program that, when executed, replicates
by inserting copies of itself (possibly modified) into other computer
programs, data files, or the boot sector of the hard drive; when this
replication succeeds, the affected areas are then said to be "infected".
TYPES
Resident vs
Non-resident
Virus
Macro Viruses
Boot-sector
Viruses
IDENTITY THEFT
Identitytheftisaformoffraudorcheatingofanotherperson’s
identityinwhichsomeonepretendstobesomeoneelseby
assumingthatperson’sidentity,typicallyinordertoaccess
resourcesotherbenefitsinthatperson’sname.Information
Technology(Amendment)Act,2008,crimeofidentitytheftunder
Section66-C,whoever,fraudulentlyordishonestlymakeuseof
theelectronicsignature,passwordoranyotherunique
identificationfeatureofanyotherpersonknownasidentitytheft.
Ways to steal identity: Data Breaching, Unsafe social media usage, Email hacks
According to the Norton report,
•Every four of 10 Indians have experienced identity theft
•61% of participants feel they are protected against identify theft, but 63% didn't know
what to do after it.
Identitytheftisaformoffraudorcheatingofanotherperson’s
identityinwhichsomeonepretendstobesomeoneelseby
assumingthatperson’sidentity,typicallyinordertoaccess
resourcesotherbenefitsinthatperson’sname.Information
Technology(Amendment)Act,2008,crimeofidentitytheftunder
Section66-C,whoever,fraudulentlyordishonestlymakeuseof
theelectronicsignature,passwordoranyotherunique
identificationfeatureofanyotherpersonknownasidentitytheft.
Ways to steal identity: Data Breaching, Unsafe social media usage, Email hacks
According to the Norton report,
•Every four of 10 Indians have experienced identity theft
•61% of participants feel they are protected against identify theft, but 63% didn't know
what to do after it.
Indian Banking: Biggest
data security Breach
•About32lakhATMcardswerehit
bycyberattackinOctober2016.
•ATMcardsofthecustomerswere
blockeden-massetoavertfinancial
damage,butitraisesserious
concernsoversafetyofonline
bankinginIndia.
Who is Responsible In Case of a
Banking Fraud?
“Ifanybodylosesmoneyonlinetheendusersare
liableforthelossnotthebanks,unlesstheuser
provestothebankthatthefraudwas‘not’aresult
ofnegligence.Negligencemeansauser’ssystem
hadmaliciousprogrammethatstolecredentials
ortheuserloggedintoanunsafesystem.These
thingsareextremelydifficulttoprove.So,
ultimatelyitbecomesauserproblem.Thebanks
donottakeresponsibility.”
YashKS, Software Architect Qualysin aninterview
data security Breach
•About32lakhATMcardswerehit
bycyberattackinOctober2016.
•ATMcardsofthecustomerswere
blockeden-massetoavertfinancial
damage,butitraisesserious
concernsoversafetyofonline
bankinginIndia.
Who is Responsible In Case of a
Banking Fraud?
“Ifanybodylosesmoneyonlinetheendusersare
liableforthelossnotthebanks,unlesstheuser
provestothebankthatthefraudwas‘not’aresult
ofnegligence.Negligencemeansauser’ssystem
hadmaliciousprogrammethatstolecredentials
ortheuserloggedintoanunsafesystem.These
thingsareextremelydifficulttoprove.So,
ultimatelyitbecomesauserproblem.Thebanks
donottakeresponsibility.”
YashKS, Software Architect Qualysin aninterview
•PhishingisjustoneofthemanyfraudsontheInternet
tryingtofoolpeopleintopartingwiththeirmoney.
•Phishingreferstothereceiptofunsolicitedemailsbycustomersoffinancialinstitutions,
requestingthemtoentertheirusername,passwordorotherpersonalinformationtoaccess
theiraccountforsomereason.
•Thefraudsterthenhasaccesstothecustomer’sonlinebankaccountandtothefunds
containedinthataccount.
tryingtofoolpeopleintopartingwiththeirmoney.
•Phishingreferstothereceiptofunsolicitedemailsbycustomersoffinancialinstitutions,
requestingthemtoentertheirusername,passwordorotherpersonalinformationtoaccess
theiraccountforsomereason.
•Thefraudsterthenhasaccesstothecustomer’sonlinebankaccountandtothefunds
containedinthataccount.
Phishinginvolvesfraudulentlyacquiringsensitive
information(e.g.passwords,creditcarddetailsetc)
bymasqueradingasatrustedentity.
information(e.g.passwords,creditcarddetailsetc)
bymasqueradingasatrustedentity.
FACEBOOK PHISHING
Spear phishing
Phishing attempts directed at specific
individuals or companies
Phishing attempts directed at specific
individuals or companies
•UseoftheInternetorotherelectronic
meanstostalksomeone.
•Terminterchangeablyusedwithonline
harassmentandonlineabuse.
•Generallyinvolvesharassingor
threateningbehaviorthatanindividual
engagesinrepeatedly,suchasfollowinga
person,appearingataperson’shomeor
placeofbusiness,makingharassment
phonecalls,leavingwrittenmessagesor
objects,orvandalizingaperson’sproperty.
Cyber Stalking
meanstostalksomeone.
•Terminterchangeablyusedwithonline
harassmentandonlineabuse.
•Generallyinvolvesharassingor
threateningbehaviorthatanindividual
engagesinrepeatedly,suchasfollowinga
person,appearingataperson’shomeor
placeofbusiness,makingharassment
phonecalls,leavingwrittenmessagesor
objects,orvandalizingaperson’sproperty.
Cyber Stalking
Vishing is the criminal practice of
using social engineering and
Voice over IP (VoIP) to gain
access to private personal and
financial information from the
public for the purpose of financial
reward. The term is a
combination of “Voice” and
phishing. Vishing exploits the
public’s trust in landline
telephone services.
Vishing is typically used to
steal credit card numbers or
other information used in
identity theft schemes from
individuals.
using social engineering and
Voice over IP (VoIP) to gain
access to private personal and
financial information from the
public for the purpose of financial
reward. The term is a
combination of “Voice” and
phishing. Vishing exploits the
public’s trust in landline
telephone services.
Vishing is typically used to
steal credit card numbers or
other information used in
identity theft schemes from
individuals.
Pharmingisacyberattackintendedtoredirectawebsite'straffictoanother,
fakesite.Pharmingcanbeconductedeitherbychangingthehostsfileona
victim'scomputerorbyexploitationofavulnerabilityinDNSserversoftware.
DNSserversarecomputersresponsibleforresolvingInternetnamesinto
theirrealIPaddresses.CompromisedDNSserversaresometimesreferredto
as"poisoned".
fakesite.Pharmingcanbeconductedeitherbychangingthehostsfileona
victim'scomputerorbyexploitationofavulnerabilityinDNSserversoftware.
DNSserversarecomputersresponsibleforresolvingInternetnamesinto
theirrealIPaddresses.CompromisedDNSserversaresometimesreferredto
as"poisoned".
02
01
03
SPIM
Spimis spam sent via instant messaging (IM).
The IMs could include spyware, keyloggers,
viruses, and links to phishing sites.
KEYLOGGERS
A keyloggeris a form of spyware
that records keystrokes as you
type. The information you type is
then saved to a file that the
hacker can access. If you are
surfing the web and visiting
banking and e-commerce sites, a
keyloggercan potentially record
your account and password
information
SPYWARE
This is software that a hacker
surreptitiously installs on your
computer to collect personal
information, such as which
websites you visit. It can also be
used to direct you to fake
websites, change your settings,
and take control of your
computer in other ways.
01
03
SPIM
Spimis spam sent via instant messaging (IM).
The IMs could include spyware, keyloggers,
viruses, and links to phishing sites.
KEYLOGGERS
A keyloggeris a form of spyware
that records keystrokes as you
type. The information you type is
then saved to a file that the
hacker can access. If you are
surfing the web and visiting
banking and e-commerce sites, a
keyloggercan potentially record
your account and password
information
SPYWARE
This is software that a hacker
surreptitiously installs on your
computer to collect personal
information, such as which
websites you visit. It can also be
used to direct you to fake
websites, change your settings,
and take control of your
computer in other ways.
Caller ID spoofing
CallerIDspoofingisthe
practiceofcausingthe
telephonenetworktodisplaya
numberontherecipient'scaller
IDdisplaywhichisnotthatof
theactualoriginatingstation.
Eg.www.crazycall.net
CallerIDspoofingisthe
practiceofcausingthe
telephonenetworktodisplaya
numberontherecipient'scaller
IDdisplaywhichisnotthatof
theactualoriginatingstation.
Eg.www.crazycall.net
IP
SPOOFING
IP spoofing refers to the creation of Internet
Protocol (IP) packets with a forged source IP
address.
Purpose is concealing the identity of the
sender or impersonating another computing
system.
Routers use the destination IP address to
forward packets, but ignore the source IP
address.
The source IP address is used only by the
destination machine, when it responds back
to the source.
Goal is to flood the victim with overwhelming
amounts of traffic, and the attacker does not
care about receiving responses to the attack
packets.
SPOOFING
IP spoofing refers to the creation of Internet
Protocol (IP) packets with a forged source IP
address.
Purpose is concealing the identity of the
sender or impersonating another computing
system.
Routers use the destination IP address to
forward packets, but ignore the source IP
address.
The source IP address is used only by the
destination machine, when it responds back
to the source.
Goal is to flood the victim with overwhelming
amounts of traffic, and the attacker does not
care about receiving responses to the attack
packets.
IP
SPOOFING
Packets with spoofed addresses are
thus suitable for such attacks.
They have additional advantages for
this purpose—they are more difficult
to filter since each spoofed packet
appears to come from a different
address, and they hide the true
source of the attack.
SPOOFING
Packets with spoofed addresses are
thus suitable for such attacks.
They have additional advantages for
this purpose—they are more difficult
to filter since each spoofed packet
appears to come from a different
address, and they hide the true
source of the attack.
IP
SPOOFING EXAMPLE
A Valid Source IP
SPOOFING EXAMPLE
A Valid Source IP
IP
SPOOFING EXAMPLE
A Spoofed Source IP
SPOOFING EXAMPLE
A Spoofed Source IP
Software piracy is theft of software through the
illegal copying of genuine programs or the
counterfeiting and distribution of products
intended to pass for the original. Retail revenue
losses worldwide are ever increasing due to this
crime.
This can be done in various ways-
End user copying
Source: http://beebom.com/wp
content/uploads/2012/06/software-piracy.gif
Hard disk loading Counterfeiting
Illegal downloads from the internet etc.
Software piracy
illegal copying of genuine programs or the
counterfeiting and distribution of products
intended to pass for the original. Retail revenue
losses worldwide are ever increasing due to this
crime.
This can be done in various ways-
End user copying
Source: http://beebom.com/wp
content/uploads/2012/06/software-piracy.gif
Hard disk loading Counterfeiting
Illegal downloads from the internet etc.
Software piracy
crime
InternetRelayChat(IRC)servershavechat
roomsinwhichpeoplefromanywheretheworld
cancometogetherandchatwitheachother.
Criminalsuseitformeetingcoconspirators.
Hackersuseitfordiscussingtheirexploits/
sharingthetechniques.Pedophilesusechat
roomstoalluresmallchildren.
InternetRelayChat(IRC)servershavechat
roomsinwhichpeoplefromanywheretheworld
cancometogetherandchatwitheachother.
Criminalsuseitformeetingcoconspirators.
Hackersuseitfordiscussingtheirexploits/
sharingthetechniques.Pedophilesusechat
roomstoalluresmallchildren.
•Skimmingisthetheftofcreditcardinformationusedinanotherwise
legitimatetransaction.
•Thethiefcanprocureavictim'screditcardnumberusingbasicmethodssuch
asphotocopyingreceiptsormoreadvancedmethodssuchasusingasmall
electronicdevice(skimmer)toswipeandstorehundredsofvictims’credit
cardnumbers.
•Commonscenariosforskimmingarerestaurantsorbarswheretheskimmer
haspossessionofthevictim'screditcardoutoftheirimmediateview.
SKIMMING
legitimatetransaction.
•Thethiefcanprocureavictim'screditcardnumberusingbasicmethodssuch
asphotocopyingreceiptsormoreadvancedmethodssuchasusingasmall
electronicdevice(skimmer)toswipeandstorehundredsofvictims’credit
cardnumbers.
•Commonscenariosforskimmingarerestaurantsorbarswheretheskimmer
haspossessionofthevictim'screditcardoutoftheirimmediateview.
SKIMMING
Alice
Bob
Eve
I’m
Bob!
I’m
Alice!
1. Eve assumes a man-in-the-
middle position through some
mechanism. For example, Eve could
use router hacking etc...
2. Eve can monitor traffic between
Alice and Bob without altering the
packets or sequence numbers.
3. At any point, Eve can assume the
identity of either Bob or Alice
through the Spoofed IP address.
This breaks the pseudo connection
as Eve will start modifying the
sequence numbers
Man in the Middle Attack
Bob
Eve
I’m
Bob!
I’m
Alice!
1. Eve assumes a man-in-the-
middle position through some
mechanism. For example, Eve could
use router hacking etc...
2. Eve can monitor traffic between
Alice and Bob without altering the
packets or sequence numbers.
3. At any point, Eve can assume the
identity of either Bob or Alice
through the Spoofed IP address.
This breaks the pseudo connection
as Eve will start modifying the
sequence numbers
Man in the Middle Attack
Website Defacement
Awebsitedefacementisan
attackonawebsitethat
changes thevisual
appearanceofthesiteora
webpage.
Hackersbreakintoaweb
serverandreplacethe
hostedwebsitewithoneof
theirown.
Awebsitedefacementisan
attackonawebsitethat
changes thevisual
appearanceofthesiteora
webpage.
Hackersbreakintoaweb
serverandreplacethe
hostedwebsitewithoneof
theirown.
Sending unwanted commercial e-mail, advertising
for products, services, and Web sites.
Spam can also be used as a delivery mechanism for
malicious software and other cyber threats.
SPAMMING
How Much Does it Cost to Receive Spam?
•Spamusesalargeamountofbandwidth.Thatcostis,ofcourse,passedalongtoyoueitherasahigher
InternetbillorasdecreasedperformanceatyourISP.
•Second,spamrequirestheattentionofISPs.Theymustattempttofilterit,respondtocustomercomplaints
regardingspam,andotherwisedevotetimetospamthatcouldbebetterspentimprovingcustomerserviceor
thetechnicalqualityoftheirISP.
•Finally,probablythemostsignificantcostofspamisthecosttothereceiverdealingwithitintermsoftheir
time.
for products, services, and Web sites.
Spam can also be used as a delivery mechanism for
malicious software and other cyber threats.
SPAMMING
How Much Does it Cost to Receive Spam?
•Spamusesalargeamountofbandwidth.Thatcostis,ofcourse,passedalongtoyoueitherasahigher
InternetbillorasdecreasedperformanceatyourISP.
•Second,spamrequirestheattentionofISPs.Theymustattempttofilterit,respondtocustomercomplaints
regardingspam,andotherwisedevotetimetospamthatcouldbebetterspentimprovingcustomerserviceor
thetechnicalqualityoftheirISP.
•Finally,probablythemostsignificantcostofspamisthecosttothereceiverdealingwithitintermsoftheir
time.
Posting your email address on auctions, bulletin
boards, chat rooms, or advertising.
Businessesmightsellyouremailaddressorotherpersonalinformation
toaspammer(however,legitimatebusinessesdonotdothis).
Spammers can use software programs to collect email addresses from
web sites.
boards, chat rooms, or advertising.
Businessesmightsellyouremailaddressorotherpersonalinformation
toaspammer(however,legitimatebusinessesdonotdothis).
Spammers can use software programs to collect email addresses from
web sites.
Itisanattempttomakeacomputerresourceunavailabletoitsintendedusers.
Denial of Service (DoS) Attack
•attemptsto"flood"anetwork,therebypreventinglegitimatenetwork
traffic
•attemptstodisruptconnectionsbetweentwomachines,thereby
preventingaccesstoaservice
•attemptstopreventaparticularindividualfromaccessingaservice
Denial of Service (DoS) Attack
•attemptsto"flood"anetwork,therebypreventinglegitimatenetwork
traffic
•attemptstodisruptconnectionsbetweentwomachines,thereby
preventingaccesstoaservice
•attemptstopreventaparticularindividualfromaccessingaservice
•A network of remotely controlled
systems used to coordinate
attacks and distribute malware,
spam, and phishing scams.
•Bots (short for “robots”) are programs that are secretly installed on a targeted
system allowing an unauthorized user to remotely control the compromised
computer for a variety of malicious purposes.
Botnets
systems used to coordinate
attacks and distribute malware,
spam, and phishing scams.
•Bots (short for “robots”) are programs that are secretly installed on a targeted
system allowing an unauthorized user to remotely control the compromised
computer for a variety of malicious purposes.
Botnets
•PingofDeathattackinvolvedsending
IPpacketsofasizegreaterthan65,535
bytestothetargetcomputer.
•IPpacketsofthissizeareillegal,but
hackerscanbypassthisbycleverly
sendingthepacketsinfragments.
Whenthefragmentsareassembledon
thereceivingcomputer,theoverall
packetsizeistoogreat.Thiswillcause
abufferoverflowandcrashthedevice.
PING OF DEATH
IPpacketsofasizegreaterthan65,535
bytestothetargetcomputer.
•IPpacketsofthissizeareillegal,but
hackerscanbypassthisbycleverly
sendingthepacketsinfragments.
Whenthefragmentsareassembledon
thereceivingcomputer,theoverall
packetsizeistoogreat.Thiswillcause
abufferoverflowandcrashthedevice.
PING OF DEATH
Teardrop Attack
Teardrop attacks target
vulnerability in the way
fragmented IP packets
are reassembled.
In the teardrop attack, the
attacker's IP puts a confusing
offset value in the second or
later fragment.
If the receiving operating
system does not have a
plan for this situation, it
can cause the system to
crash.
Teardrop attacks target
vulnerability in the way
fragmented IP packets
are reassembled.
In the teardrop attack, the
attacker's IP puts a confusing
offset value in the second or
later fragment.
If the receiving operating
system does not have a
plan for this situation, it
can cause the system to
crash.
Teardrop Attack
SQL Injection Attacks
•AttemptstopassSQLcommands(statements)throughawebapplicationforexecutionby
thebackenddatabase.
•ThroughSQLInjection,thehackermayinputspecificallycraftedSQLcommandswiththe
intentofbypassingtheloginformbarrierandseeingwhatliesbehindit.
•AttemptstopassSQLcommands(statements)throughawebapplicationforexecutionby
thebackenddatabase.
•ThroughSQLInjection,thehackermayinputspecificallycraftedSQLcommandswiththe
intentofbypassingtheloginformbarrierandseeingwhatliesbehindit.
How to ensure Android Security?
Keep your device updated!
•TheOEM(OriginalEquipmentManufacturer)ofthe
deviceusuallysendsOTA(over-the-air)updates
everymonthoronceintwomonthswhichfixesthe
currentsecuritypatches.
Deny Permissions
•InAndroid6.0andabove,youhavetheauthorityto
denypermissiontoapps.
•A web app andAndroidapp to locate lost or
stolen device.
Android Device Manager
Keep your device updated!
•TheOEM(OriginalEquipmentManufacturer)ofthe
deviceusuallysendsOTA(over-the-air)updates
everymonthoronceintwomonthswhichfixesthe
currentsecuritypatches.
Deny Permissions
•InAndroid6.0andabove,youhavetheauthorityto
denypermissiontoapps.
•A web app andAndroidapp to locate lost or
stolen device.
Android Device Manager
500,000 Hacked Zoom Accounts Being Sold on
Dark Web
April 2020
Unprecedented level of growth in the past
month due to coronavirus
The sudden growth has led to several
privacy and security concerns surrounding
Zoom
More than 500,000 Zoom accounts are being offered for sale on the dark web and
hacker forums for 0.0020 cents each, and in some cases accounts are given away for
free.
As a result, Google, SpaceX, NASA, Standard Chartered, Siemens, all Taiwanese Government
Agencies and Australian DefenceForce lost trust in the app and banned the useof Zoom App.
Dark Web
April 2020
Unprecedented level of growth in the past
month due to coronavirus
The sudden growth has led to several
privacy and security concerns surrounding
Zoom
More than 500,000 Zoom accounts are being offered for sale on the dark web and
hacker forums for 0.0020 cents each, and in some cases accounts are given away for
free.
As a result, Google, SpaceX, NASA, Standard Chartered, Siemens, all Taiwanese Government
Agencies and Australian DefenceForce lost trust in the app and banned the useof Zoom App.
Europe’s Largest Private Hospital
Operator Fresenius Hit by Ransomware
Ranked 258
th
on the Forbes Global 2000
•Thecompanyprovidesproductsandservicesfordialysis,hospitals,andinpatientand
outpatientcare,withnearly40percentofthemarketsharefordialysisintheUnitedStates.
•ThisisworrisomebecauseCOVID-19causesmanypatientstoexperiencekidneyfailure,
whichhasledtoashortageofdialysismachinesandsupplies.
Apparentculprit-theSnakeransomware,
arelativelynewstrainfirstdetailedearlier
thisyearthatisbeingusedtoshakedown
largebusinesses,holdingtheirITsystems
anddatahostageinexchangeforpayment
inadigitalcurrencysuchasbitcoin.
Operator Fresenius Hit by Ransomware
Ranked 258
th
on the Forbes Global 2000
•Thecompanyprovidesproductsandservicesfordialysis,hospitals,andinpatientand
outpatientcare,withnearly40percentofthemarketsharefordialysisintheUnitedStates.
•ThisisworrisomebecauseCOVID-19causesmanypatientstoexperiencekidneyfailure,
whichhasledtoashortageofdialysismachinesandsupplies.
Apparentculprit-theSnakeransomware,
arelativelynewstrainfirstdetailedearlier
thisyearthatisbeingusedtoshakedown
largebusinesses,holdingtheirITsystems
anddatahostageinexchangeforpayment
inadigitalcurrencysuchasbitcoin.
Exposed dataof 22 million users
Data Breach at
Unacademy
May 2020
Hackers kept user records for sale at $2,000
•Usernamesandhashedpasswords
•Dateofjoining,Lastlogindate
•Accountstatus
•emailaddresses,firstandlastnames,and
otheraccountprofiledetails.
Compromised information included
Data Breach at
Unacademy
May 2020
Hackers kept user records for sale at $2,000
•Usernamesandhashedpasswords
•Dateofjoining,Lastlogindate
•Accountstatus
•emailaddresses,firstandlastnames,and
otheraccountprofiledetails.
Compromised information included
Cybersecurity: Fighting a Threat That
Causes Billions of Damage
2014
$800M
2019
$3.5B
2025
(Expected)
$27B
*
Atlas VPN Estimations
Causes Billions of Damage
2014
$800M
2019
$3.5B
2025
(Expected)
$27B
*
Atlas VPN Estimations
India–Ranked #3 among top 20 Cyber Crime Victims
(as per FBI Report, 2019)
Phishingand similar ploys,
personal data breach, romance
fraud and spoofing
(Most Common Internet Crimes)
27,248
Registered cases of
cyber crime
2901
Victims
(3
rd
Most Impacted
Country in the World)
(as per FBI Report, 2019)
Phishingand similar ploys,
personal data breach, romance
fraud and spoofing
(Most Common Internet Crimes)
27,248
Registered cases of
cyber crime
2901
Victims
(3
rd
Most Impacted
Country in the World)
&
C VID-19 CYBERTHREATS
ProlificandopportunisticcriminalsaretakingadvantageoftheCOVID-19coronaviruspandemicto
launchavarietyofcyberattacks.
Knownmalwarewhichhadbeenrelativelydormantwerere-detectedsincetheoutbreakbegan,taking
newformsorusingCOVID-19toboosttheirsocialengineeringtactics.Theseinclude:
Maliciousdomains:Therehasbeenanincreaseofdomainsregisteredwiththekeywords
‘COVID’or‘corona’,totakeadvantageofthegrowingnumberofpeoplesearchingfor
informationaboutCOVID-19.Manyoftheseareconsideredtobedevelopedwithmalicious
intent–asoftheendofMarch,2,022maliciousand40,261high-risknewlyregistereddomains
werediscovered,accordingtoPaloAltoNetworks.
C VID-19 CYBERTHREATS
ProlificandopportunisticcriminalsaretakingadvantageoftheCOVID-19coronaviruspandemicto
launchavarietyofcyberattacks.
Knownmalwarewhichhadbeenrelativelydormantwerere-detectedsincetheoutbreakbegan,taking
newformsorusingCOVID-19toboosttheirsocialengineeringtactics.Theseinclude:
Maliciousdomains:Therehasbeenanincreaseofdomainsregisteredwiththekeywords
‘COVID’or‘corona’,totakeadvantageofthegrowingnumberofpeoplesearchingfor
informationaboutCOVID-19.Manyoftheseareconsideredtobedevelopedwithmalicious
intent–asoftheendofMarch,2,022maliciousand40,261high-risknewlyregistereddomains
werediscovered,accordingtoPaloAltoNetworks.
&
C VID-19 CYBERTHREATS
Data-harvestingmalware:Data-harvestingmalwaresuchasRemoteAccessTrojan,info
stealers,spywareandbankingTrojansinfiltratesystems,usingCOVID-19relatedinformation
asaluretocompromisenetworks,stealdata,divertmoneyandbuildbotnets.
Onlinescamsandphishing:CybercriminalsarecreatingfakewebsitesrelatedtoCOVID-
19toenticevictimsintoopeningmaliciousattachmentsorclickingphishinglinks,resultingin
identityimpersonationorillegalaccesstopersonalaccounts.Also,TrendMicroreportedthat
nearlyonemillionspammessageshavelinkedtoCOVID-19sinceJanuary2020.
C VID-19 CYBERTHREATS
Data-harvestingmalware:Data-harvestingmalwaresuchasRemoteAccessTrojan,info
stealers,spywareandbankingTrojansinfiltratesystems,usingCOVID-19relatedinformation
asaluretocompromisenetworks,stealdata,divertmoneyandbuildbotnets.
Onlinescamsandphishing:CybercriminalsarecreatingfakewebsitesrelatedtoCOVID-
19toenticevictimsintoopeningmaliciousattachmentsorclickingphishinglinks,resultingin
identityimpersonationorillegalaccesstopersonalaccounts.Also,TrendMicroreportedthat
nearlyonemillionspammessageshavelinkedtoCOVID-19sinceJanuary2020.
&
C VID-19 CYBERTHREATS
Vulnerabilityofworkingfromhome:Threatactorsareexploitingvulnerabilitiesof
systems,networks,andapplicationsusedbybusinesses,governmentsandschoolsto
supportstaffwhoarenowworkingremotely.Asthegrowingnumberofpeoplerelyingon
onlinetoolsoverburdensthesecuritymeasuresputinplacepriortothevirusoutbreak,
offenderssearchformorechancesofexposuretostealdata,makeaprofitorcause
disruption
Disruptivemalware(ransomwareandDDoS):Cybercriminalsaredeployingdisruptive
malwarelikeransomwareagainstcriticalinfrastructureandresponseinstitutionssuchas
hospitalsandmedicalcentres,whichareoverwhelmedwiththehealthcrisis.Such
ransomwareorDDoSattacksdonottypicallyaimtostealinformation,butpreventitfrom
accessingcriticaldataordisruptthesystem,exacerbatinganalreadydiresituationinthe
physicalworld.
C VID-19 CYBERTHREATS
Vulnerabilityofworkingfromhome:Threatactorsareexploitingvulnerabilitiesof
systems,networks,andapplicationsusedbybusinesses,governmentsandschoolsto
supportstaffwhoarenowworkingremotely.Asthegrowingnumberofpeoplerelyingon
onlinetoolsoverburdensthesecuritymeasuresputinplacepriortothevirusoutbreak,
offenderssearchformorechancesofexposuretostealdata,makeaprofitorcause
disruption
Disruptivemalware(ransomwareandDDoS):Cybercriminalsaredeployingdisruptive
malwarelikeransomwareagainstcriticalinfrastructureandresponseinstitutionssuchas
hospitalsandmedicalcentres,whichareoverwhelmedwiththehealthcrisis.Such
ransomwareorDDoSattacksdonottypicallyaimtostealinformation,butpreventitfrom
accessingcriticaldataordisruptthesystem,exacerbatinganalreadydiresituationinthe
physicalworld.
EXPECTED FUTURE DEVELOPMENTS
Online scams, phishing and BECwill surge due to the economic downturn
and shift in business landscape, generating new criminal activities.
Threat actors will target individuals’ personal information through the
spoofing and exploitation of digital content providers.
Governments,businessesandschoolswillcometorelyononline
connectivityandvirtualcommunicationstoolsasemployeescontinueto
workfromhome,increasingtheirvulnerabilitiesandpresentingmore
opportunitiesforcybercriminalstoexploit.
Criminals will take advantage of the underground market to look for
‘cybercrime-as-a-service’ given the ease of accessand low cost.
Online scams, phishing and BECwill surge due to the economic downturn
and shift in business landscape, generating new criminal activities.
Threat actors will target individuals’ personal information through the
spoofing and exploitation of digital content providers.
Governments,businessesandschoolswillcometorelyononline
connectivityandvirtualcommunicationstoolsasemployeescontinueto
workfromhome,increasingtheirvulnerabilitiesandpresentingmore
opportunitiesforcybercriminalstoexploit.
Criminals will take advantage of the underground market to look for
‘cybercrime-as-a-service’ given the ease of accessand low cost.
DELHI POLICE
GUIDELINES IN
THE WAKE OF
RAMPANT
C VID-19
GUIDELINES IN
THE WAKE OF
RAMPANT
C VID-19
COMPUTER FORENSICS
Branch of digital forensic science pertaining to legal evidence found in computers and
digital storage media. The goal of computer forensics is to examine digital media in a
forensically sound manner with the aim of identifying, preserving, recovering,
analyzing and presenting facts and opinions about the digital information.
Branch of digital forensic science pertaining to legal evidence found in computers and
digital storage media. The goal of computer forensics is to examine digital media in a
forensically sound manner with the aim of identifying, preserving, recovering,
analyzing and presenting facts and opinions about the digital information.
Role of computer forensics professional: gather evidence to prove a suspect
committed a crime or violated a company policy
Investigate the
suspect’s computer
Preserve the evidence
on a different computer
Recovering the
evidences
Analyzing the
evidences
Collect evidence that can be offered in court or at a corporate inquiry
Preparing a Computer Investigation
committed a crime or violated a company policy
Investigate the
suspect’s computer
Preserve the evidence
on a different computer
Recovering the
evidences
Analyzing the
evidences
Collect evidence that can be offered in court or at a corporate inquiry
Preparing a Computer Investigation
Preparing a Computer Investigation
Cross-drive analysis
Aforensictechniquethatcorrelatesinformationfoundonmultipleharddrives.The
processcanbeusedtoidentifysocialnetworksandtoperformanomalydetection.
Live analysis
Theexaminationofcomputersfromwithintheoperatingsystemusingcustomforensics
orexistingsysadmintoolstoextractevidence.Eg.Thelogicalharddrivevolumemaybe
imaged(knownasaliveacquisition)beforethecomputerisshutdown.
Deleted files
Acommontechniqueusedincomputerforensicsistherecoveryofdeletedfiles.Modern
forensicsoftwarehavetheirowntoolsforrecoveringorcarvingoutdeleteddata.
Steganography
Oneofthetechniquesusedtohidedataisviasteganography,theprocessofhidingdata
insideofapictureordigitalimage.Computerforensicsprofessionalscanfightthisby
lookingatthehashofthefileandcomparingittotheoriginalimage(ifavailable.)While
theimageappearsexactlythesame,thehashchangesasthedatachanges.
Cross-drive analysis
Aforensictechniquethatcorrelatesinformationfoundonmultipleharddrives.The
processcanbeusedtoidentifysocialnetworksandtoperformanomalydetection.
Live analysis
Theexaminationofcomputersfromwithintheoperatingsystemusingcustomforensics
orexistingsysadmintoolstoextractevidence.Eg.Thelogicalharddrivevolumemaybe
imaged(knownasaliveacquisition)beforethecomputerisshutdown.
Deleted files
Acommontechniqueusedincomputerforensicsistherecoveryofdeletedfiles.Modern
forensicsoftwarehavetheirowntoolsforrecoveringorcarvingoutdeleteddata.
Steganography
Oneofthetechniquesusedtohidedataisviasteganography,theprocessofhidingdata
insideofapictureordigitalimage.Computerforensicsprofessionalscanfightthisby
lookingatthehashofthefileandcomparingittotheoriginalimage(ifavailable.)While
theimageappearsexactlythesame,thehashchangesasthedatachanges.
Analysis Tools
ANALYSIS
TOOLS
Helix
Encase
Hashkeeper
Wireshark
FTK
PTKForensics
ANALYSIS
TOOLS
Helix
Encase
Hashkeeper
Wireshark
FTK
PTKForensics
AGAINST CYBERCRIME
& FOR CYBERSECURITY
INDIAN COUNTERMEASURES
LAWS, EFFORTS, POLICIES, TECHNOLOGIES
& FOR CYBERSECURITY
INDIAN COUNTERMEASURES
LAWS, EFFORTS, POLICIES, TECHNOLOGIES
(Existing penal provisions for
different cybercrimes )
different cybercrimes )
Sections Relevant in IT Act, 2000and
Amendments
Cyber Attacks/Crime Brief Description
Cyber Stalking Stealthily following a person, 43, 66
tracking his internet chats. (Compensation and punishment of
three years with fine)
Intellectual Property Crime Source Code Tampering etc. 43, 65, 66
(Compensation and punishment of
three years with fine)
Salami Attack Deducting small amounts from an 43, 66
(Theft of data or account without coming in to (Compensation and punishment of
manipulating banking account) notice, to make big amount three years)
E-Mail Bombing Flooding an E-mail box with 43, 66
innumerable number of E-mails, to (Compensation and punishment of
disable to notice important three years)
message at times.
Phishing Bank Financial Frauds in Electronic 43, 66, 66C
Banking (Compensation and punishment of
three years with fine)
Personal Data Theft Stealing personal data 43, 43A, 72A
(Compensation and punishment of
three years with fine)
Amendments
Cyber Attacks/Crime Brief Description
Cyber Stalking Stealthily following a person, 43, 66
tracking his internet chats. (Compensation and punishment of
three years with fine)
Intellectual Property Crime Source Code Tampering etc. 43, 65, 66
(Compensation and punishment of
three years with fine)
Salami Attack Deducting small amounts from an 43, 66
(Theft of data or account without coming in to (Compensation and punishment of
manipulating banking account) notice, to make big amount three years)
E-Mail Bombing Flooding an E-mail box with 43, 66
innumerable number of E-mails, to (Compensation and punishment of
disable to notice important three years)
message at times.
Phishing Bank Financial Frauds in Electronic 43, 66, 66C
Banking (Compensation and punishment of
three years with fine)
Personal Data Theft Stealing personal data 43, 43A, 72A
(Compensation and punishment of
three years with fine)
Identity Theft Stealing Cyberspace identity 43
information of individual (Compensation and punishment of
three years with fine)
Spoofing Stealing Credentials using, friendly 43, 66
and familiar GUI’s (Compensation and punishment of
three years with fine)
Data Theft Stealing Data Provisions under 43, 43A, 65,66
and 72
(Compensation and punishment of
three years with fine)
Worms Trojan Horses, Virus Different Hacking mechanisms 43, 66
etc. (Compensation and punishment of
three years with fine)
Sabotage of Computer Taking control of computer with 43, 66
the help of malware. (Compensation and punishment of
three years with fine)
DOS, DDOS Demat of Service Flooding a computer with Denial of 43, 66, 66F
Service Attacks, DDOS is (Compensation (up to life
Distributed DOS attack imprisonment under 66F)
Web Defacing Web Pages Defacing 43, 66
(Compensation and punishment of
three years with fine)
Logic Bomb Attack triggers on an event 43, 66
(Compensation and punishment of
three years with fine)
ATM fraud/EDI Financial fraud in ATM and e- 43, 66
information of individual (Compensation and punishment of
three years with fine)
Spoofing Stealing Credentials using, friendly 43, 66
and familiar GUI’s (Compensation and punishment of
three years with fine)
Data Theft Stealing Data Provisions under 43, 43A, 65,66
and 72
(Compensation and punishment of
three years with fine)
Worms Trojan Horses, Virus Different Hacking mechanisms 43, 66
etc. (Compensation and punishment of
three years with fine)
Sabotage of Computer Taking control of computer with 43, 66
the help of malware. (Compensation and punishment of
three years with fine)
DOS, DDOS Demat of Service Flooding a computer with Denial of 43, 66, 66F
Service Attacks, DDOS is (Compensation (up to life
Distributed DOS attack imprisonment under 66F)
Web Defacing Web Pages Defacing 43, 66
(Compensation and punishment of
three years with fine)
Logic Bomb Attack triggers on an event 43, 66
(Compensation and punishment of
three years with fine)
ATM fraud/EDI Financial fraud in ATM and e- 43, 66
TostrengthenthecybersecurityecosysteminIndia,theIndiangovernmenthas
launchedfollowinginitiatives:
•Cyber SurakshitBharat initiative
•Cyber SwachhtaKendra
•National Cyber Crime Reporting Portal
•National Critical Information Infrastructure Protection Centre
launchedfollowinginitiatives:
•Cyber SurakshitBharat initiative
•Cyber SwachhtaKendra
•National Cyber Crime Reporting Portal
•National Critical Information Infrastructure Protection Centre
To spread awareness,
build capacity as well as
enable government
departments on steps that
need to be taken to create a
Cyber Resilient IT setup.
build capacity as well as
enable government
departments on steps that
need to be taken to create a
Cyber Resilient IT setup.
To protect critical information of our country, which has an enormous impact
on national security, economic growth, or public healthcare.
on national security, economic growth, or public healthcare.
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 61
- Slides 80
- Age 512 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
41 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
45 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
40 views
14
Fertility awareness methods for women in the society
Isaiah47
38 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
37 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
39 views