Module 1_ Introduction to Cyber Security.pptx

CYBER SECURITY Alifiya S haikh Assistant Professor TIMSCDR

Module 1: Introduction to Cyber Security

Topics in Module 1 Cybercrime and origins of the world Cybercrime and information security Classifications of cybercrime Cybercrime and the Indian ITA- 2000 Self learning Topic : A global Perspective on cybercrimes, Amendments to the Indian IT Act(2008).

Introduction to Cyber Security What is cybersecurity? Why is cybersecurity important? What are the elements of cybersecurity and how does it work? What are the benefits of cybersecurity? What are the different types of cybersecurity threats? Refer : https://www.itgovernance.co.uk/what-is-cybersecurity

Cyber Crime Cybercrime is a crime that involves a computer and a network . The computer may have been used in the commission of a crime, or it may be the target. Cybercrime may harm someone's security and financial health

Cyber Crime Definition “Cyber Crime” : criminal activity (such as fraud, theft, or distribution of child pornography) committed using a computer especially to illegally access, transmit, or manipulate data Crime committed using computer and the internet to steal data or information Ex : Stealing credit card information, Breaking into govt. website

is nothing but where the computer used as an object or subject of crime..

Cybercrime and origins of the world The first recorded cyber crime took place in the year 1820

Cyber Threat Evolution

Cybercrime and origins of the world 1834 – A couple of robbers hack the French Telegraph System and steal information from the stock market, essentially carrying out the first cyber attack in the world. 1957– Joe Engressia, a blind, 7-year-old boy with perfect pitch, hears a high-pitched whistle on a phone line and begins to whistle along to it at a 2600Hz speed, helping him communicate with phone lines and becoming the United States’ first phone hacker or “phone phreak.” 1969 – RABBITS Virus-The University of Washington Data Center downloads a program on a computer from an unknown user. The inconspicuous machine creates copies of itself before the machine overloads and ceases running (breeding like a rabbit). 1973 – A teller at a local New York bank used a computer to embezzle over $2 million dollars. 1978 – The first electronic bulletin board system came online and quickly became a preferred method of communication for the cyber world. It allowed fast, free exchange of knowledge including tips and tricks for hacking into computer networks.

Cybercrime and origins of the world The Brain Boot Sector Virus : Brain, the first PC virus, began infecting 5.2" floppy disks in 1986. As Securelist reports, it was the work of two brothers, Basit and Amjad Farooq Alvi, who ran a computer store in Pakistan. Tired of customers making illegal copies of their software, they developed Brain, which replaced the boot sector of a floppy disk with a virus. The virus, which was also the first stealth virus, contained a hidden copyright message, but did not actually corrupt any data. https://www.kaspersky.com/resource-center/threats/a-brief-history-of-computer-viruses-and-what-the-future-holds The History Of Cybercrime, From 1834 To Present : https://www.herjavecgroup.com/history-of-cybercrime/ (imp) https://www.le-vpn.com/history-cyber-crime-origin-evolution/

WHY WE ARE TALKING ABOUT CYBER SECURITY ?

Case 1: Internet Under Siege February 7 - 9, 2000 Yahoo!, Amazon, Buy.com, CNN.com, eBay, E*Trade, ZDNet websites hit with massive DOS Attacks received the attention of president Clinton and Attorney General Janet Reno. “A 15-year-old kid could launch these attacks, it doesn’t take a great deal of sophistication to do” – Ron Dick, Director NIPC, February 9 U.S. Federal Bureau of Investigation (FBI) officials have estimated the attacks caused $1.7 billion in damage

Case 2: Slammer Worm January 2003 Infects 90% of vulnerable computers within 10 minutes Effect of the Worm - Interference with elections - Cancelled airline flights - 911 emergency systems affected in Seattle - 13,000 Bank of America ATMs failed No malicious payload! Estimated ~$1 Billion in productivity loss

Case 3: WorldCom July 2002 WorldCom declares bankruptcy Problem WorldCom carries 13% - 50% of global internet traffic. About 40% of Internet traffic uses WorldCom’s network at some point October 2002 Outage affecting only 20% of WorldCom users snarls traffic around the globe Congressional Hearings Congress considers, but rejects, extension of FCC regulatory powers to prevent WorldCom shutdown Vulnerabilities are not just technical

Increasing Dependence We are increasingly dependent on the Internet: Directly –Communication (Email, IM, VoIP) –Commerce (business, banking, e-commerce, etc) –Control systems (public utilities, etc) –Information and entertainment –Sensitive data stored on the Internet Indirectly –Biz, Edu, Gov have permanently replaced physical/manual processes with Internet-based processes

Security Not A Priority Other design priorities often trump security: Cost Speed Convenience Open Architecture Backwards Compatibility

Cybersecurity Roadblocks No metrics to measure (in)security Internet is inherently international Private sector owns most of the infrastructure “Cybersecurity Gap”: a cost/incentive disconnect? –Businesses will pay to meet business imperatives –Who’s going to pay to meet national security imperatives?

The Challenge A solution to this problem will require both the right technology and the right public policy . This is the cybersecurity challenge.

Cybercrime and information security

Cybersecurity Vs. Information Security Cybersecurity is concerned with protecting electronic devices and mobile devices against attacks in cyberspace. Information security (Info Sec) is concerned with protecting the confidentiality, integrity, and availability of information. Cybersecurity deals with the prevention of ransomware attacks and spyware injections and social media compromise. An example of an information security controls are intrusion detection systems and firewalls. The job of an information security officer is to understand and identify what confidential information is critical or could be the target of a physical or cyber attack . It's becoming increasingly common for the majority of business data and sensitive information to be sitting on a cloud provider like an AWS S3 bucket , laptop or somewhere else on the Internet. But a decade ago the majority of sensitive information was sitting in an office filing cabinet. This is where information security professionals originate from, physically securing data from unauthorized access by implementing access controls. Cybersecurity can also be described as a process of preventing cyberattacks by assuming a hacker's mindset. While information security focus on protecting data from threats.

The Parallels Between Information Security and Cyber Security Cyber security and information security are fundamental to information risk management . And while cyber security professionals are largely concerned with securing electronic data from cyber threats and data breaches , there are still forms of physical security in their job description. Just as information security professionals lock a cabinet full of personal information, cyber security professionals need physical security measures to ensure adequate data protection. You can't physically lock a laptop, but you can have security systems in place (like a keycard to get into an office) to prevent unauthorized access in the first place. Regardless of how your information is store, your organization needs adequate security controls in place to prevent unauthorized access . If you don't, your organization is an easy target for cybercrime and physical security breaches

CATEGORIZATION OF CYBER CRIME The Computer as a Target The computer as a weapon

Classifications of cybercrime (1) Cyber crime against Individual (2) Cyber crime Against Property (3) Cyber crime Against Organization (4) Cyber crime Against Society

Email spoofing A spoofed email is one in which the e-mail header is forged so that the mail appears to originate from one source but actually has been sent from another source.

Email Spoofing Reasons for email spoofing Hide the fake sender's real identity. Bypass spam filters and blocklists. Users can minimize this threat by blocklisting internet service providers (ISPs) and Internet Protocol (IP) addresses . Pretend to be a trusted individual -- a colleague or a friend to elicit confidential information. Pretend to be a reliable organization -- for example, posing as a financial firm to get access to credit card data. Commit identity theft by impersonating a targeted victim and requesting personally identifiable information (PII). Damage the sender's reputation. Launch and spread malware hidden in attachments. Conduct a man-in-the-middle (MitM) attack to seize sensitive data from individuals and organizations. Obtain access to sensitive data collected by third-party vendors.

Spamming Spamming means sending multiple copies of unsolicited mails or mass e-mails such as chain letters.Spamming is when one person or company sends an unwanted email to another person. Spam emails are the computer version of unwanted "junk mail" that arrives in a mailbox, such as advertising pamphlets and brochures.

Cyber Defamation This occurs when defamation takes place with the help of computers and/or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information. The tort of cyber defamation is an act of intentionally insulting, defaming or offending another individual or a party through a virtual medium. It can be both written and oral. Today Internet has given us an opportunity to share our opinions globally. We can easily post something and it gets viral just in few minutes. For example if you are against any government policy you’ll write your views and people who agree with you would start sharing it. But today what people fail to understand is that stating an OPINION is different from stating a FACT.

Harassment & Cyber stalking Cyber Stalking Means following an individual's activity over internet. It can be done with the help of many protocols available such as e- mail, chat rooms, user net groups.

Harassment Cyber-harassment, or cyber-bullying, can include things like: Checking your email without permission Impersonating you or hacking into your online accounts Spreading rumours about you, or Sharing photos or videos of you without your consent. Cyber-harassment is not just about being teased – it’s repeated behaviour that is designed to humiliate, control or scare the person being targeted. It’s not legal, and it’s not OK.

Cyber-stalking If someone keeps contacting you on Facebook or any kind of online site and it’s making you scared and upset, it sounds like you’re being stalked. Stalking is illegal. The person could get dangerous. Stalking includes following someone around or leaving messages on their phone or online, and deliberately trying to make them feel scared. You should contact the police and get their advice. Save any messages or emails to show the police if necessary. Stalking can also involve threats or sexual comments. The stalker often tries to make the person they’re stalking feel intimidated and scared. Stalking a girlfriend, boyfriend or ex, or someone else is against the law in Victoria. Stalking someone online is also against the law.

Credit Card Fraud As the name suggests, this is a fraud that happens by the use of a credit card. This generally happens if someone gets to know the card number or the card gets stolen.

How credit card fraud happens Credit card fraud occurs when an unauthorized person gains access to your information and uses it to make purchases. Here are some ways fraudsters get your information: Lost or stolen credit cards Skimming your credit card, such as at a gas station pump Hacking your computer Calling about fake prizes or wire transfers Phishing attempts, such as fake emails Looking over your shoulder at checkout Stealing your mail

Intellectual Property crimes These include Software piracy: Illegal copying of programs, distribution of copies of software. Copyright infringement: Using copyrighted material without proper permission. Trademarks violations: Using trademarks and associated rights without permission of the actual holder. Theft of computer source code: Stealing, destroying or misusing the source code of a computer

IMPACT OF INTELLECTUAL PROPERTY CRIME Infringements of intellectual property rights reduce the revenues of the affected businesses. The resulting adverse social and economic effects include the loss of jobs and livelihoods. There are also other costs. As counterfeit goods are produced without regard to EU health and safety standards, they may be dangerous for consumers. Government revenue is also affected by counterfeiting and piracy, which can stifle investment and innovation, hinder economic growth and reduce the creation of wealth. In addition, the criminal groups involved in intellectual property crime often use the profits to finance other illegal activities.

Internet time theft It refers to the theft in a manner where the unauthorized person uses internet hours paid by another person. The authorized person gets access to another person's ISP user ID and password, either by hacking or by illegal means without that person's knowledge.

Unauthorized Accessing of Computer: Accessing the computer/network without permission from the owner. It can be of 2 forms: a) Changing/deleting data: Unauthorized changing of data. b) Computer voyeur: The criminal reads or copies confidential or proprietary information, but the data is neither deleted nor changed.

Denial Of Service When Internet server is flooded with continuous bogus requests so as to denying legitimate users to use the server or to crash the server. https://us-cert.cisa.gov/ncas/tips/ST04-015

What are common denial-of-service attacks? There are many different methods for carrying out a DoS attack. The most common method of attack occurs when an attacker floods a network server with traffic. In a Smurf Attack , the attacker sends Internet Control Message Protocol broadcast packets to a number of hosts with a spoofed source Internet Protocol (IP) address that belongs to the target machine. The recipients of these spoofed packets will then respond, and the targeted host will be flooded with those responses. A SYN flood occurs when an attacker sends a request to connect to the target server but does not complete the connection through what is known as a three-way handshake—a method used in a Transmission Control Protocol (TCP)/IP network to create a connection between a local host/client and server. The incomplete handshake leaves the connected port in an occupied status and unavailable for further requests. An attacker will continue to send requests, saturating all open ports, so that legitimate users cannot connect. Individual networks may be affected by DoS attacks without being directly targeted. If the network’s internet service provider (ISP) or cloud service provider has been targeted and attacked, the network will also experience a loss of service.

DOS

DDOS A distributed denial-of-service (DDoS) attack occurs when multiple machines are operating together to attack one target. DDoS attackers often leverage the use of a botnet—a group of hijacked internet-connected devices to carry out large scale attacks. Attackers take advantage of security vulnerabilities or device weaknesses to control numerous devices using command and control software. Once in control, an attacker can command their botnet to conduct DDoS on a target. In this case, the infected devices are also victims of the attack. Botnets—made up of compromised devices—may also be rented out to other potential attackers. Often the botnet is made available to “attack-for-hire” services, which allow unskilled users to launch DDoS attacks.

DDOS DDoS allows for exponentially more requests to be sent to the target, therefore increasing the attack power. It also increases the difficulty of attribution, as the true source of the attack is harder to identify. DDoS attacks have increased in magnitude as more and more devices come online through the Internet of Things (IoT) (see Securing the Internet of Things ). IoT devices often use default passwords and do not have sound security postures, making them vulnerable to compromise and exploitation. Infection of IoT devices often goes unnoticed by users, and an attacker could easily compromise hundreds of thousands of these devices to conduct a high-scale attack without the device owners’ knowledge.

DDOS

How to Overcome the problem ? To reduce the effects of an attack on their network. Enroll in a DoS protection service that detects abnormal traffic flows and redirects traffic away from your network. The DoS traffic is filtered out, and clean traffic is passed on to your network. Create a disaster recovery plan to ensure successful and efficient communication, mitigation, and recovery in the event of an attack. It is also important to take steps to strengthen the security posture of all of your internet-connected devices in order to prevent them from being compromised. Install and maintain antivirus software. Install a firewall and configure it to restrict traffic coming into and leaving your computer (see Understanding Firewalls for Home and Small Office Use ). Evaluate security settings and follow good security practices in order to minimalize the access other people have to your information, as well as manage unwanted traffic (see Good Security Habits ).

How do you know if an attack is happening? Symptoms of a DoS attack can resemble non-malicious availability issues, such as technical problems with a particular network or a system administrator performing maintenance. However, the following symptoms could indicate a DoS or DDoS attack: Unusually slow network performance (opening files or accessing websites), Unavailability of a particular website, or An inability to access any website. The best way to detect and identify a DoS attack would be via network traffic monitoring and analysis. Network traffic can be monitored via a firewall or intrusion detection system. An administrator may even set up rules that create an alert upon the detection of an anomalous traffic load and identify the source of the traffic or drops network packets that meet a certain criteria.

Computer contamination / Virus attack A computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of it. Viruses can be file infecting or affecting boot sector of the computer. Worms, unlike viruses do not need the host to attach themselves to Refer : https://www.eecis.udel.edu/~portnoi/publications/pcvirus-eng.html

Email Bombing Sending large numbers of mails to the individual or company or mail servers thereby ultimately resulting into crashing. The term “email bombing” can also refer to flooding an email server with too many emails in an attempt to overwhelm the email server and bring it down, but that’s not the goal here—it would be challenging to bring down modern email accounts that use Google or Microsoft’s email servers, anyway. Instead of a denial-of-service (DOS) attack against the email servers you are using, the onslaught of messages is a distraction to hide the attacker’s true intentions.

Why Is This Happening to You? An email bombing is often a distraction used to bury an important email in your inbox and hide it from you. For example, an attacker may have gained access to one of your accounts on an online shopping website like Amazon and ordered expensive products for itself. The email bombing floods your email inbox with irrelevant emails, burying the purchase and shipping confirmation emails so you won’t notice them. An email bombing may also be used to gain control of your email address. If you have a coveted address—something straightforward with few symbols and a real name, for instance—the entire point may be to frustrate you until you abandon the address. Once you give up the email address, the attacker can take it over and use it for their purposes.

Salami Attack When negligible amounts are removed & accumulated in to something larger. These attacks are used for the commission of financial crimes.

Salami Attack : When negligible amounts are removed & accumulated in to something larger. These attacks are used for the commission of financial crimes.

Salami Attack Incidents In January 1993, four executives of a rental-car franchise in Florida were charged with defrauding at least 47,000 customers using a salami technique. In Los Angeles, in October 1998, district attorneys charged four men with fraud for allegedly installing computer chips in gasoline pumps that cheated consumers by overstating the amounts pumped. In 2008, a man was arrested for fraudulently creating 58,000 accounts which he used to collect money through verification deposits from online brokerage firms a few cents at a time. While opening the accounts and retaining the funds may not have been illegal by themselves, the authorities charged that the individual opened the accounts using false names (including those of cartoon characters), addresses, and social security numbers, thus violating the laws against mail fraud, wir e fraud, and bank fraud.

How to identify the salami attack a) The corporate has to update the security of the system as high as possible so that if the attacker is taking advantage of any loophole than that bug is patched and attack is avoided. b) Also those banks should advise customers on reporting any kind of money deduction that they aren’t aware that they were a part of. Whether a small or big amount, banks should encourage customers to come forward and openly tell them that this could mean that an act of fraud could very well be the scenario. c) Most Important according to me is that Customers should ideally not store information online when it comes to bank details, but of course they can’t help the fact that banks rely on a network that has all customers hooked onto a common platform of transactions that require a database. The safe thing to do is to make sure the bank/website is highly trusted and hasn’t been a part of a slanderous past that involved fraud in any way.

Logic Bomb It is an event dependent program. As soon as the designated event occurs, it crashes the computer, release a virus or any other harmful possibilities. Logic bombs can also take effect on the target system upon a certain date — e.g. 2000, Y2K — and these are termed time bombs. “Some disgruntled developers have a way of ‘going out screaming’ when they leave or are terminated from a work setting. They insert logic bombs into company systems that, upon certain events or at certain times, execute malicious functions such as files deletions.”

What are the characteristics of a logic bomb virus? It lies dormant for a specific amount of time. Like a ticking time bomb, logic bombs aren’t meant to go off right away. That’s why people attacking from within a targeted system often use logic bombs — so they can cover their tracks. Logic bombs are subtle and can go undetected for years. Its payload is unknown until it triggers. A payload is the component of malware that carries out the malicious activity — basically, what sort of damage the malware is coded to inflict. The payload can result in anything from the spread of spam emails through an infected system or the theft of valuable data. It’s triggered by a certain condition. The detonator of the logic bomb is the condition that must be met. It’s this feature that lets logic code bombs go undetected for long periods of time. The trigger could be the deletion of an employee from the company payroll, or the date of an important event. Logic bombs with triggers related to dates or specific times are also known as time bombs.

Logic Bomb vs Time Bomb ?

Trojan Horse This is an unauthorized program which functions from inside what seems to be an authorized program, thereby concealing what it is actually doing.

Difference between Virus, Worm and Trojan Horse

Virus : Virus is a computer program or software that connect itself to another software or computer program to harm computer system. When the computer program runs attached with virus it perform some action such as deleting a file from the computer system. Virus can’t be controlled by remote. Worms : Worms is also a computer program like virus but it does not modify the program. It replicate itself more and more to cause slow down the computer system. Worms can be controlled by remote. Trojan Horse: Trojan Horse does not replicate itself like virus and worms. It is a hidden piece of code which steal the important information of user. For example, Trojan horse software observe the e-mail ID and password while entering in web browser for logging.

How do Trojans work? A user falls victim to a phishing or other social engineering attack by opening an infected email attachment or clicking on a link to a malicious website. A user sees a pop-up for a fake antivirus program that claims your computer is infected and invites you to run a program to clean it up. This is known as “scareware”. In reality, users are downloading a Trojan onto their device. A user visits a malicious website and experiences a drive-by download pretending to be helpful software. A user downloads a program whose publisher is unknown from an untrustworthy website. Attackers install a Trojan through exploiting a software vulnerability or through unauthorized access. Hackers create a fake Wi-Fi hotspot network that looks like one a user is trying to connect to. When the user connects to this network, they can be redirected to fake websites containing browser exploits that redirect any file they try to download.

EXAMPLE : The victim receives an official-looking email with an attachment. The attachment contains malicious code that is executed as soon as the victim clicks on the attachment. Because nothing bad happens and the computer continues to work as expected, the victim does not suspect that the attachment is actually a Trojan horse and his computing device is now infected. The malicious code resides undetected until a specific date or until the victim carries out a specific action, such as visiting a banking website. At that time, the trigger activates the malicious code and carries out its intended action. Depending upon how the Trojan has been created, it may delete itself after it has carried out its intended function, it may return to a dormant state or it may continue to be active.

Types of Trojans Trojans are classified according to the type of actions that they can perform on your computer. Trojan horse virus examples include: Backdoor : A backdoor Trojan gives malicious users remote control over the infected computer. They enable the author to do anything they wish on the infected computer – including sending, receiving, launching, and deleting files, displaying data, and rebooting the computer. Backdoor Trojans are often used to unite a group of victim computers to form a botnet or zombie network that can be used for criminal purposes. Exploit : Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that's running on your computer. Banker Trojan : Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems , and credit or debit cards.

Types of Trojans Clampi Trojan: Clampi –lies in wait for users to sign in to make a financial transaction, such as accessing online banking or entering credit card information for an online purchase. Clampi is sophisticated enough to hide behind firewalls and go undetected for long periods. Cryxos Trojan : Cryxos is commonly associated with so-called scareware or fake support call requests. Typically, victims receive a pop-up containing a message like "Your device has been hacked" or "Your computer is infected". The user is directed to a phone number for support. If the user calls the number, they are pressured to pay for assistance. In some cases, the user may be asked to give remote access of their machine to the “customer service agent”, potentially leading to device hijack and data theft. DDoS Trojan : These programs conduct DDoS (Distributed Denial of Service) attacks against a targeted web address. By sending multiple requests – from your computer and several other infected computers – the attack can overwhelm the target address, leading to a denial of service.

Types of Trojans Downloader Trojan : Trojan-Downloaders can download and install new versions of malicious programs onto your computer – including Trojans and adware. Dropper Trojan : These programs are used by hackers to install Trojans or viruses – or to prevent the detection of malicious programs. Not all antivirus programs are capable of scanning all of the components inside this type of Trojan. FakeAV Trojan : Trojan-FakeAV programs simulate the activity of antivirus software. They are designed to extort money from you – in return for the detection and removal of threats, even though the threats they report are non-existent. GameThief Trojan : This type of program steals user account information from online gamers.

How to protect yourself against Trojans ? Be cautious about downloads. Be aware of phishing threats. Update your operating system’s software as soon as the updates are available. Don’t visit unsafe websites. Avoid clicking pop-ups and banners. Protect accounts with complex, unique passwords. Keep your personal information safe with firewalls. Back up regularly.

Data diddling Data Diddling is unauthorised altering of data before or during entry into a computer system, and then changing it back after processing is done. Using this technique, the attacker may modify the expected output and is difficult to track. In other words, the original information to be entered is changed, either by a person typing in the data, a virus that’s programmed to change the data, the programmer of the database or application, or anyone else involved in the process of creating, recording, encoding, examining, checking, converting or transmitting data. This is one of the simplest methods of committing a computer-related crime, because even a computer amateur can do it. Despite this being an effortless task, it can have detrimental effects. For example, a person responsible for accounting may change data about themselves or a friend or relative showing that they’re paid in full. By altering or failing to enter the information, they’re able to steal from the enterprise. Other examples include forging or counterfeiting documents and exchanging valid computer tapes or cards with prepared replacements. Electricity boards in India have been victims of data diddling by computer criminals when private parties were computerizing their systems.

Cybercrime and the Indian ITA- 2000

Cybercrime and the Indian ITA- 2000 The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) notified on 17 October 2000. It is the primary law in India dealing with cybercrime and electronic commerce . According to Section 65 of the Indian IT Act, a person who intentionally conceals or destroys or alters or intentionally or knowingly causes another to conceal, destroy or alter any computer source code used for a computer, computer program, computer system or network when the computer source code is required to be .

Introduction The Information Technology (IT) Act 2000 can be defined as :- an act passed by the Indian Parliament, contains cyber laws, provides legal framework, safeguards e-commerce and e-data interchange.

Objective To facilitate maintenance of electronic records. To facilitate legality to electronic transactions. To facilitate electronic filing. To amend various other acts.

Content The Information Technology Act, 2000 contains the following :- 13 chapters. 94 sections. 4 schedules.

Some of the important sections of the IT Act 2000 are :- Section 1 to 14 : Legal aspects for Digital Signature. Section 15 to 42 : License for Digital Signature Certificate. Section 43 to 47 : Penalties and compensation. Section 48 to 64 : Tribunals and appeal to High Court, etc. Section 65 to 79 : Offences. Section 80 to 94 : Miscellaneous Provisions.

ADVANTAGES Some advantages of the application of the IT Act 2000 are :- Helpful to promote e-commerce. Enhance the corporate business. Filling online forms. High penalty for cyber crime.

Sections https://en.wikipedia.org/wiki/Information_Technology_Act,_2000 GOOGLE DRIVE : https://drive.google.com/drive/folders/1r-NPAk_C7rnRNDBrEeCxne5ldDcSbUsz?usp=sharing

SELF STUDY A global Perspective on cybercrimes : Refer : https://cxloyalty.fi/news-resources/cybercrime-sos-a-global-perspective-on-cybercrime/ Amendments to the Indian IT Act(2008).

Tutorial No 1 : Two real life case study related to data diddling, salami attack and social engineering AND what precautions needs to be taken from these attacks.

Module 1_ Introduction to Cyber Security.pptx

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Module 1_ Introduction to Cyber Security.pptx

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Slide 31

Slide 32

Slide 33

Slide 34

Slide 35

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Slide 43

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Slide 49

Slide 50

Slide 51

Slide 52

Slide 53

Slide 54

Slide 55

Slide 56

Slide 57

Slide 58

Slide 59

Slide 60

Slide 61

Slide 62

Slide 63

Slide 64

Slide 65

Slide 66

Slide 67

Slide 68

Slide 69

Slide 70

Slide 71

Slide 72

Slide 73

Slide 74

Slide 75

Tags

Categories