Institute of Chartered Accountants of India

Name: Babita Duragaram Mitharwal

Address: 301,3rd floor, Milan apartment,
railway station road, anjurphata Bhiwandi
Contact No: 9168763914
Registration No: WRO0660665
Name of IT Centre & Branch: THANE 12/17/219
Branch Code: WI020

Batch Code: Thane 12/17/219

Project Name: Cyber Crime

Date: 16 Dec,2017
Signature of Student: Babita
 CYBERCRIME

CYBER CRIME

Table of Contents
Introduction5
Page 2
 CYBERCRIME
Classification9
Fraud And Financial Crimes 9
Cyberterrorism 10
Cyberextortion 11
Computer as a target12
Computer as a tool13
Obscene or Offensive content14
Harassment15
Drug Trafficking18
Unauthorized Access & Hacking19
Web Hijacking20
Pornography21
Child Pornography21
Cyber Stocking22
Denial of Service Attack24
Virus Attack25
Software privacy 26
Salami Attacks27
Phishing 27
Sale of Illegal articles28
Online gambling28
Emails Spoofing29
Cyber Defamation30
Forgery30
Page 3
 CYBERCRIME
Theft of Information contain in Electronic Form31
Email Bombing31
Internet Time Theft31
Theft of Computer Systems31
Physical Damaging a computer system32
Breach of Privacy & Confidentiality32
Data Diddling33
E- Commerce / Investment Frauds33
Cyber Terrorism33
Counter Measures36
Technical37
Counter terrors – Social Network Analysis & Internet
Recognition39
Economic 42
Legal 43
Conclusion 45

Page 4
 CYBERCRIME
INTRODUCTION

"Cyberspace" is a very wider term. Most of us have a limited

knowledge of "Cyberspace" and the crimes occurring in
"cyberspace", known as cybercrime, which happens on computer
and the Internet, however, cybercrime has a severe potential for
remarkable impact on the lives of individuals and our society.
Therefore, a detailed introduction of cybercrime needs to be
understood. There are many terms used to describe cybercrime. The
former descriptions were "computer crime", "computer-related
crime" or "crime by computer". With the pervasion of digital
technology, some new terms like "high-technology" or
"information-age" crime were added to the definition. Cyber crime,
or computer related crime, is crime that involves a computer and
a network. The computer may have been used in the commission of
a crime, or it may be the target. Cybercrimes can be defined as:
"Offences that are committed against individuals or groups of

Page 5
 CYBERCRIME
individuals with a criminal motive to intentionally harm the
reputation of the victim or cause physical or mental harm, or loss, to
the victim directly or indirectly, using modern telecommunication
networks such as Internet (networks including but not limited to
Chat rooms, emails, notice boards and groups) and mobile phones
(Bluetooth/SMS/MMS)". Cybercrime may threaten a person or a
nation's security and financial health. Issues surrounding these types
of crimes have become high-profile, particularly those
surrounding hacking, copyright infringement, unwarranted mass-
surveillance, child pornography, and child grooming. There are also
problems of privacy when confidential information is intercepted or
disclosed, lawfully or otherwise.
Also, Internet brought other new terms, like "cybercrime" and
"net" crime and Other forms include "digital", "electronic",
"virtual", "IT", "High-tech" and Technology-enabled" crime.
However, on the one hand, each of them didn't cover the whole
meaning of cybercrime, because there is no incorporation of
networks. On the other hand, terms such as "high-tech" or
"electronic" crime might be too broad to specify that the crime is the
exact cybercrime, since other fields also have "hi-tech"
developments like nanotechnology and bioengineering. Currently,
although no one term has become totally dominant in use,
"cybercrime" is the term used most pervasively. In general,
cybercrime has three categories:
1. Target cybercrime: the crime in which a computer is the target of
the offense.
2. Tool cybercrime: the crime in which a computer is used as a tool
in committing the offense.
3. Computer incidental: the crime in which a computer plays a
minor role in committing the offense.
Page 6
 CYBERCRIME
Debarati Halder and K. Jaishankar further define cybercrime from
the perspective of gender and defined 'cybercrime against women'
as "Crimes targeted against women with a motive to intentionally
harm the victim psychologically and physically, using modern
telecommunication networks such as internet and mobile phones".
The history of cybercrime is short compared with traditional
crimes. The first published report of cybercrime occurred in the
1960s, when computers were large mainframe systems. Since
mainframes were not connected with other ones and only few people
can access them, the cybercrimes were always "insider"
cybercrimes, which means employment allowed them to access into
mainframe computers. Actually, in the 1960s and 1970s, the
cybercrime, which was "computer crime" in fact, was different from
the cybercrime we faced with today, because of no Internet in that
era. In following decades, the increasing of computer network and
personal computers transformed "computer crime" into real
cybercrime. Since Internet was invented, people began to exchange
information based on networks of computers, also keep data in
computer rather than paper. At the same time, the cybercrime was
not only restricted in target cybercrime, but expanded into tool
cybercrime and computer incidental. This process is similar to the
process of learning one language. In childhood, we learn language
itself; then, when we grow up and are good at it, we will use it to
communicate with each other but itself is not a prime element. In
general, current consensus on the classification of cybercrime is to
divide it into three categories that are said in the first paragraph
above. We can set another analogy: target cybercrime is like
crossword, which focuses on the magic of language itself; tool
cybercrime is similar to fraud or harassment on street or in other
face-to-face ways, but the place in which tool cybercrime happens
is not physical environment but cyberspace; computer incidental

Page 7
 CYBERCRIME
including some electronic proof is saved in computer or the camera
captures the criminal withdrawing money in a bank. Generally,
these three categories are elaborated in the three following sections
and in each section some latest cases will be studied.
A report (sponsored by McAfee) estimates that the annual
damage to the global economy is at $445 billion; however, a
Microsoft report shows that such survey-based estimates are
"hopelessly flawed" and exaggerate the true losses by orders of
magnitude. Approximately $1.5 billion was lost in 2012 to online
credit and debit card fraud in the US. In 2016, a study by Juniper
Research estimated that the costs of cybercrime could be as high as
2.1 trillion by 2019.

CLASSIFICATION

Page 8
 CYBERCRIME

Computer crime encompasses a broad range of activities.

Fraud and financial crimes

Main article: Internet fraud
Computer fraud is any dishonest misrepresentation of fact
intended to let another to do or refrain from doing something which
causes loss. In this context, the fraud will result in obtaining a
benefit by:

• Altering in an unauthorized way. This requires little technical

expertise and is common form of theft by employees altering the

Page 9
 CYBERCRIME
data before entry or entering false data, or by entering unauthorized
instructions or using unauthorized processes;
• Altering, destroying, suppressing, or stealing output, usually
to conceal unauthorized transactions. This is difficult to detect;
• Altering or deleting stored data;
Other forms of fraud may be facilitated using computer systems,
including bank fraud, carding, identity theft, extortion, and theft of
classified information.
A variety of internet scams, many based on phishing and social
engineering, target consumers and businesses.

Cyberterrorism
Main article: Cyberterrorism
Government officials and information technology security
specialists have documented a significant increase in Internet
problems and server scans since early 2001. But there is a growing
concern among government agencies such as the Federal Bureau of
Investigations (FBI) and the Central Intelligence Agency (CIA) that
such intrusions are part of an organized effort by cyberterrorists,
foreign intelligence services, or other groups to map potential
security holes in critical systems.[9] A cyberterrorist is someone
who intimidates or coerces a government or an organization to
advance his or her political or social objectives by launching a

Page 10
 CYBERCRIME
computer-based attack against computers, networks, or the
information stored on them.
Cyberterrorism in general can be defined as an act of terrorism
committed through the use of cyberspace or computer resources
(Parker 1983). As such, a simple propaganda piece in the Internet
that there will be bomb attacks during the holidays can be
considered cyberterrorism. There are also hacking activities
directed towards individuals, families, organized by groups within
networks, tending to cause fear among people, demonstrate power,
collecting information relevant for ruining peoples' lives,
robberies, blackmailing etc.

Cyberextortion
Main article: Extortion
Cyberextortion occurs when a website, e-mail server, or computer
system is subjected to or threatened with repeated denial of service
or other attacks by malicious hackers. These hackers demand money
in return for promising to stop the attacks and to offer "protection".

Page 11
 CYBERCRIME
According to the Federal Bureau of Investigation, cyberextortions
are increasingly attacking corporate websites and networks,
crippling their ability to operate and demanding payments to restore
their service. More than 20 cases are reported each month to the FBI
and many go unreported in order to keep the victim's name out of
the public domain. Perpetrators typically use a distributed denial-of-
service attack.
An example of cyberextortion was the attack on Sony Pictures of
2014.
Main article: Cyberwarfare
The U.S. Department of Defense (DoD) notes that the cyberspace
has emerged as a national-level concern through several recent
events of geo-strategic significance. Among those are included, the
attack on Estonia's infrastructure in 2007, allegedly by Russian
hackers. "In August 2008, Russia again allegedly conducted
cyberattacks, this time in a coordinated and synchronized kinetic
and non-kinetic campaign against the country of Georgia. Fearing
that such attacks may become the norm in future warfare among
nation-states, the concept of cyberspace operations impacts and will
be adapted by warfighting military commanders in the future.

Computer as a target
These crimes are committed by a selected group of criminals. Unlike
crimes using the computer as a tool, these crimes require the
technical knowledge of the perpetrators. As such, as technology

Page 12
 CYBERCRIME
evolves, so too does the nature of the crime. These crimes are
relatively new, having been in existence for only as long as
computers have—which explains how unprepared society and the
world in general is towards combating these crimes. There are
numerous crimes of this nature committed daily on the internet:
Crimes that primarily target computer networks or devices
include:
• Computer viruses
• Denial-of-service attacks
• Malware (malicious code)

Computer as a tool
Main articles: Internet fraud, Spamming, Phishing, and Carding
(fraud)
When the individual is the main target of cybercrime, the
computer can be considered as the tool rather than the target. These
crimes generally involve less technical expertise. Human
weaknesses are generally exploited. The damage dealt is largely
psychological and intangible, making legal action against the
variants more difficult. These are the crimes which have existed for
centuries in the offline world. Scams, theft, and the likes have
existed even before the development in high-tech equipment. The
same criminal has simply been given a tool which increases his

Page 13
 CYBERCRIME
potential pool of victims and makes him all the harder to trace and
apprehend.
Crimes that use computer networks or devices to advance other
ends include:
• Fraud and identity theft (although this increasingly uses
malware, hacking or phishing, making it an example of both
"computer as target" and "computer as tool" crime)
• Information warfare
• Phishing scams
• Spam
• Propagation of illegal obscene or offensive content,
including harassment and threats
The unsolicited sending of bulk email for commercial purposes
(spam) is unlawful in some jurisdictions.
Phishing is mostly propagated via email. Phishing emails may
contain links to other websites that are affected by malware. Or, they
may contain links to fake online banking or other websites used to
steal private account information.

Obscen or offensive content

The content of websites and other electronic communications may

be distasteful, obscene or offensive for a variety of reasons. In some
instances these communications may be legal.
Page 14
 CYBERCRIME

The extent to which

these communications are
unlawful varies greatly
between countries, and
even within nations. It is a
sensitive area in which the courts can become involved in arbitrating
between groups with strong beliefs.
One area of Internet pornography that has been the target of the
strongest efforts at curtailment is child pornography, which is illegal
in most jurisdictions in the world.

Harassment

Whereas content may be offensive in a non-specific way,

harassment directs obscenities and derogatory comments at
specific individuals focusing for example on gender, race, religion,
nationality, sexual orientation. This often occurs in chat rooms,
through newsgroups, and by sending hate e-mail to interested
parties. Harassment on the internet also includes revenge porn.
There are instances where committing a crime using a computer
can lead to an enhanced sentence. For example, in the case of
United States v. Neil Scott Kramer, Kramer was served an
enhanced sentence according to the U.S. Sentencing Guidelines
Page 15
 CYBERCRIME
Manual §2G1.3(b)(3) for his use of a cell phone to "persuade,
induce, entice, coerce, or facilitate the travel of, the minor to
engage in prohibited sexual conduct." Kramer argued that this
claim was insufficient because his charge included persuading
through a computer device and his cellular phone technically is not
a computer. Although Kramer tried to argue this point, U.S.
Sentencing Guidelines Manual states that the term computer
"means an electronic, magnetic, optical, electrochemically, or other
high speed data processing device performing logical, arithmetic,
or storage functions, and includes any data storage facility or
communications facility directly related to or operating in
conjunction with such device."
Connecticut was the U.S. state to pass a statute making it a
criminal offense to harass someone by computer. Michigan,
Arizona, and Virginia and South Carolina have also passed laws
banning harassment by electronic means.
Harassment as defined in the U.S. computer statutes is typically
distinct from cyber bullying, in that the former usually relates to a
person's "use a computer or computer network to communicate
obscene, vulgar, profane, lewd, lascivious, or indecent language, or
make any suggestion or proposal of an obscene nature, or threaten
any illegal or immoral act," while the latter need not involve
anything of a sexual nature.
Although freedom of speech is protected by law in most
democratic societies (in the US this is done by the First
Amendment), it does not include all types of speech. In fact spoken

Page 16
 CYBERCRIME
or written "true threat" speech/text is criminalized because of
"intent to harm or intimidate", that also applies for online or any
type of network related threats in written text or speech. The US
Supreme Court definition of "true threat" is "statements where the
speaker means to communicate a serious expression of an intent to
commit an act of unlawful violence to a particular individual or
group".

Page 17
 CYBERCRIME

Drug trafficking

Darknet markets are used to buy and sell recreational drugs online.
Some drug traffickers use encrypted messaging tools to
communicate with drug mules. The dark web site Silk Road was a
major online marketplace for drugs before it was shut down by law
enforcement (then reopened under new management, and then shut
down by law enforcement again). After Silk Road 2.0 went down,
Silk Road 3 Reloaded emerged. However, it was just an older
marketplace named Diabolus Market, that used the name for more
exposure from the brand's previous success.

Page 18
 CYBERCRIME

Unauthorized Access and Hacking.

Unauthorized access means any kind of access without the

permission of either of the rightful or person in charge of the
computer, computer system or computer network. Hacking means
an illegal intrusion into a computer system and/or network. Every
act committed towards breaking into a computer and/or network is
hacking. Hackers write or use readymade computer programs to
attack the target computer. They possess the desire to destruct and
they get the kick out of such destruction. Some hackers hack for
personal monetary gains, such as to stealing the credit card
information, transferring money from various bank accounts to their
own account followed by withdrawal of money. Government
websites are the most targeted sites for the hackers. A hacker is an
unauthorized user who attempts to or gains access to an information
system. Hacking is a crime even if there is no visible damage to the
system, since it is an invasion in to the privacy of data. There are
different classes of Hackers.
a) White Hat Hackers- They believes that information sharing is
good, and that it is their duty to share their expertise by facilitating
access to information. However there are some white hat hackers
who are just joy riding" on computer systems.

Page 19
 CYBERCRIME
b) Black Hat Hackers- They cause damage after intrusion. They may
steal or modify data or insert viruses or worms which damage the
system. They are also called crackers.
c) Grey Hat Hackers- Typically ethical but occasionally violates
hacker ethics Hackers will hack into networks, stand-alone
computers and software. Network hackers try to gain unauthorized
access to private computer networks just for challenge, curiosity,
and distribution of information. Crackers perform unauthorized
intrusion with damage like stealing or changing of information or
inserting malware (viruses or worms).

Web Hijacking.
Web hijacking means taking forceful control of website of others.
In this case the owner of the website loses control over his website
and its content.

Page 20
 CYBERCRIME

Pornography.
Pornography means showing sexual acts in order to cause sexual
excitement. The definition of pornography also includes
pornographic websites, pornographic magazines produced using
computer and the internet pornography delivered over mobile
phones.

Child Pornography.
The Internet is being highly used as a medium to sexually abuse
children. The children are viable victim to the cybercrime.
Computers and internet having become a necessity of every
household, the children have got an easy access to the internet. There
is an easy access to the pornographic contents on the internet.
Page 21
 CYBERCRIME
Pedophiles lure the children by distributing pornographic material
and then they try to meet them for sex or to take their nude
photographs including their engagement in sexual positions.
Sometimes pedophiles contact children in the chat rooms posing as
teenagers or a child of similar age and then they start becoming
friendlier with them and win their confidence. Then slowly
pedophiles start sexual chat to help children shed their inhibitions
about sex and then call them out for personal interaction. Then starts
actual exploitation of the children by offering them some money or
falsely promising them good opportunities in life. The pedophiles
then sexually exploit the children either by using them as sexual
objects or by taking their pornographic pictures in order to sell those
over the internet.

Page 22
 CYBERCRIME

Cyber Stalking
In general terms, stalking can be termed as the repeated acts of
harassment targeting the victim such as following the victim,
making harassing phone calls, killing the victims pet, vandalizing
victims property, leaving written messages or objects. Stalking may
be followed by serious violent acts such as physical harm to the
victim. Cyber stalking means repeated acts of harassment or
threatening behavior of the cybercriminal towards the victim by
using internet services. Both kinds of stalkers i.e., Online & Offline
have desire to control the victims life. How do Cyber Stalkers
operate?
a) They collect all personal information about the victim such as
name, family background, telephone numbers of residence and work
place, daily routine of the victim, address of residence and place of
work, date of birth etc. If the stalker is one of the acquaintances of
the victim he can easily get this information. If stalker is a stranger
to victim, he collects the information from the internet resources
such as various profiles, the victim may have filled in while opening
the chat or e-mail account or while signing an account with some
website.
b) The stalker may post this information on any website related to
sex-services or dating services, posing as if the victim is posting this
information and invite the people to call the victim on her telephone
numbers to have sexual services. Stalker even uses very filthy and
obscene language to invite the interested persons.

Page 23
 CYBERCRIME
c) People of all kind from nook and corner of the World, who come
across this information, start calling the victim at her residence
and/or work place, asking for sexual services or relationships.
d) Some stalkers subscribe the e-mail account of the victim to
innumerable pornographic and sex sites, because of which victim
starts receiving such kind of unsolicited e-mails.
e) Some stalkers keep on sending repeated e-mails asking for
various kinds of favors or threaten the victim.
f) In online stalking the stalker can make third party to harass the
victim.
g) Follow their victim from board to board. They hangout on the
same as their victim, many times posting notes to the victim, making
sure the victim is aware that he/she is being followed. Many times
they will flame their victim (becoming argumentative, insulting) to
get their attention.
h) Stalkers will almost always make contact with their victims
through email. The letters may be loving, threatening, or sexually
explicit. He will many times use multiple names when contacting
the victim.
i) Contact victim via telephone. If the stalker is able to access the
victim telephone, he will many times make calls to the victim to
threaten, harass, or intimidate them.
j) Track the victim to his/her home.

Page 24
 CYBERCRIME

Denial of service Attack.

This is an attack in which the criminal floods the bandwidth of the

victim network or fills his e-mail box with spam mail depriving him
of the services he is entitled to access or provide. This kind of attack
is designed to bring the network to crash by flooding it with useless
traffic. Another variation to a typical denial of service attack is
known as a Distributed Denial of Service (DDoS) attack wherein the
perpetrators are many and are geographically widespread. Many
DoS attacks, such as the Ping of Death and Teardrop attacks, exploit
limitations in the TCP/IP protocols. For all known DoS attacks,
there are software fixes that system administrators can install to limit
the damage caused by the attacks. But, like Virus, new DoS attacks
are constantly being dreamed up by Hacker.

Page 25
 CYBERCRIME

Virus Attacks.

Viruses are the programs that have the capability to infect other
programs and make copies of it and spread into other program.
Programs that multiply like viruses but spread from computer to
computer are called as worms. These are malicious software that
attaches them to other software. Virus, worms, Trojan horse, Time
bomb, Logic Bomb, Rabbit and Bacterium are the malicious.
Viruses usually affect the data on a computer, either by altering or
deleting it. On the other hand worms merely make functional copies
of them and do this repeatedly till they eat up all the available.
Trojan horse is a program that acts like something useful but do the
things that are quiet damping. Trojans come in two parts, a Client
part and a Server part. When the victim (unknowingly) runs the
server on its machine, the attacker will then use the Client to connect
Page 26
 CYBERCRIME
to the Server and start using the Trojan. TCP/IP protocol is the usual
protocol type used for communications, but some functions of the
Trojans use the UDP protocol as well.

Software Piracy.

Software piracy refers to the illegal copying of genuine programs

or the counterfeiting and distribution of products intended to pass
for the original. This kind of crimes also include copyright
infringement, trademarks violations, theft of computer source code,
patent violations etc. Domain names are also trademarks and
protected by ICANN domain dispute resolution policy and also
under trademark laws. Cyber squatters register domain name
Page 27
 CYBERCRIME
identical to popular service provider name to attract their users and
get benefit from them.

Salami Attacks.

These attacks are used for the commission of financial crimes.

The key here is to make the alteration so insignificant that in a single
case it would go completely unnoticed. E.g. a bank employee inserts
a program, into the bank servers, that deducts a small amount of
money (say Rs. 5 a month) from the account of every customer. No
account holder will probably notice this unauthorized debit, but the
bank employee will make a sizable amount of money every month.

Phishing.
Phishing is the act of sending an e-mail to a user falsely claiming
to be an established legitimate enterprise in an attempt to scam the
user into surrendering private information that will be used for
identity theft. The e-mail directs the user to visit a web site where
they are asked to update personal information, such as passwords
and credit card, social security, and bank account numbers that the
legitimate organization already has. The Web site, however, is
bogus and set up only to steal the user information. By spamming
large groups of people, the phisher counted on the e-mail being read
by a percentage of people who actually had listed credit card
numbers with legitimately.

Page 28
 CYBERCRIME
Sale of illegal articles.

This category of cybercrimes includes sale of narcotics, weapons

and wildlife etc., by posting information on websites, auction
websites, and bulletin boards or simply by using email
communication.

Online gambling.

There are millions of websites; all hosted on servers abroad, that

offer online gambling. In fact, it is believed that many of these
websites are actually fronts for money laundering. Cases of hawala
transactions and money laundering over the Internet have been
reported.

Email spoofing.
Page 29
 CYBERCRIME

E-mail spoofing is e-mail activity in which the sender addresses

and other parts of the e-mail header are altered to appear as though
the email originated from a different source. E-mail spoofing is
sending an e-mail to another person in such a way that it appears
that the e-mail was sent by someone else. A spoof email is one that
appears to originate from one source but actually has been sent from
another source. Spoofing is the act of electronically disguising one
computer as another for gaining as the password system. It is
becoming so common that you can no longer take for granted that
the e-mail you are receiving is truly from the person identified as the
sender. Email spoofing is a technique used by hackers to
fraudulently send email messages in which the sender address and
other parts of the email header are altered to appear as though the
email originated from a source other than its actual source. Hackers
use this method to disguise the actual email address from which
phishing and spam messages are sent and often use email spoofing
in conjunction with Web page spoofing to trick users into providing
personal and confidential information.

Cyber Defamation.

When a person publishes defamatory matter about someone on a

website or sends e-mails containing defamatory information to all
of that person friends, it is termed as cyber defamation.

Page 30
 CYBERCRIME

Forgery.

Computers, printers and scanners are used to forge counterfeit

currency notes, postage and revenue stamps, mark sheets etc. These
are made using computers, and high quality scanners and printers.

Theft of information contained in electronic form.

This includes theft of information stored in computer hard disks,

removable storage media etc.

Email bombing.
Page 31
 CYBERCRIME

Email bombing refers to sending a large number of emails to the

victim resulting in the victim’s email account (in case of an
individual) or mail servers (in case of a company or an email service
provider) crashing.

Internet time theft.

Internet time refers to usage by an unauthorized person of the

Internet hours paid for by another person.

Theft of computer system.

This type of offence involves the theft of a computer, some part(s)

of a computer or a peripheral attached to the computer.

Physically damaging a computer system.

This crime is committed by physically damaging a computer or

its peripherals.

Page 32
 CYBERCRIME
Breach of Privacy and Confidentiality.

Privacy refers to the right of an individual/s to determine when,

how and to what extent his or her personal data will be shared with
others. Breach of privacy means unauthorized use or distribution or
disclosure of personal information. Confidentiality means non-
disclosure of information to unauthorized or unwanted persons. In
addition to Personal information some other type of information
which useful for business and leakage of such information to other
persons may cause damage to business or person, such information
should be protected. Generally for protecting secrecy of such
information, parties while sharing information forms an agreement
about the procedure of handling of information and to not to disclose
such information to third parties or use it in such a way that it will
be disclosed to third parties. Many times party or their employees
leak such valuable information for monitory gains and causes breach
of contract of confidentiality. Special techniques such as Social
Engineering are commonly used to obtain confidential information.

Page 33
 CYBERCRIME

Data diddling.

Data diddling involves changing data prior or during input into a

computer. The information is changed from the way it should be
entered by a person typing in the data, a virus that changes data, the
programmer of the database or application, or anyone else involved
in the process of having information stored in a computer file. It also
includes automatic changing the financial information for some time
before processing and then restoring original information.

Electronic / Investment Frauds

An offering that uses false or fraudulent claims to solicit
investments or loans, or that provides for the purchase, use, or trade
of forged or counterfeit securities. Merchandise or services that were
purchased or contracted by individuals online are never delivered.
The fraud attributable to the misrepresentation of a product
advertised for sale through an Internet auction site or the non-
delivery of products purchased through an Internet auction site.
Investors are enticed to invest in this fraudulent scheme by the
promises of abnormally high profits.

Cyber Terrorism

Page 34
 CYBERCRIME

Targeted attacks on military installations, power plants, air traffic

control, banks, trail traffic control, telecommunication networks are
the most likely targets. Others like police, medical, fire and rescue
systems etc.
Cyber terrorism is an attractive option for modern terrorists for
several reasons.

A) It is cheaper than traditional terrorist methods.

B) Cyber terrorism is more anonymous than traditional terrorist
methods.
C) The variety and number of targets are enormous.
D) Cyber terrorism can be conducted remotely, a feature that is
especially appealing to terrorists.
E) Cyber terrorism has the potential to affect directly a larger
number of people.

Page 35
 CYBERCRIME

COUNTER MEASURES

Cyber crime, or computer crime, refers to any crime that

involves a computer and a network. The computer may have been
used in the commission of a crime, or it may be the target. Netcrime
refers, more precisely, to criminal exploitation of the Internet. Issues
surrounding this type of crime have become high-profile,
particularly those surrounding hacking, copyright infringement,
identity theft, childpornography, and child grooming. There are also

Page 36
 CYBERCRIME
problems of privacy when confidential information is lost or
intercepted, lawfully or otherwise.
On the global level, both governments and non-state actors
continue to grow in importance, with the ability to engage in such
activities as espionage, and other cross-border attacks sometimes
referred to as cyber warfare. The international legal system is
attempting to hold actors accountable for their actions, with the
International Criminal Court among the few addressing this threat.
A cyber countermeasure is defined as an action, process,
technology, device, or system that serves to prevent or mitigate the
effects of a cyber attack against a victim, computer, server, network
or associated device. Recently there has been an increase in the
number of international cyber attacks. In 2013 there was a 91%
increase in targeted attack campaigns and a 62% increase in security
breaches.
A number of countermeasures exist that can be effectively
implemented in order to combat cyber-crime and increase security.

Page 37
 CYBERCRIME

Technical.

There are a variety of different technical countermeasures that

can be deployed to thwart cybercriminals and harden systems
against attack. Firewalls, network or host based, are considered the
first line of defense in securing a computer network by setting
Access Control Lists (ACLs) determining which what services and
traffic can pass through the check point.
Page 38
 CYBERCRIME
Antivirus can be used to prevent propagation of malicious code.
Most computer viruses have similar characteristics which allow for
signature based detection. Heuristics such as file analysis and file
emulation are also used to identify and remove malicious
programs. Virus definitions should be regularly updated in addition
to applying operating system hot fixes, service packs, and patches
to keep computers on a network secure.
Cryptography techniques can be employed to encrypt
information using an algorithm commonly called a cipher to mask
information in storage or transit. Tunneling for example will take a
payload protocol such as Internet Protocol (IP) and encapsulate it
in an encrypted delivery protocol over a Virtual Private Network
(VPN), Secure Sockets Layer (SSL), Transport Layer Security
(TLS), Layer 2 Tunneling Protocol (L2TP), Point-to-Point
Tunneling Protocol (PPTP), or Internet Protocol Security (IPSec)to
ensure data security during transmission. Encryption can also be
employed on the file level using encryption protocols like Data
Encryption Standard (DES), Triple DES, or Advanced Encryption
Standard (AES)to ensure security of information in storage.
Additionally, network vulnerability testing performed by
technicians or automated programs can be used to test on a full-
scale or targeted specifically to devices, systems, and passwords
used on a network to assess their degree of secureness.
Furthermore, network monitoring tools can be used to detect
intrusions or suspicious traffic on both large and small networks.

Page 39
 CYBERCRIME
Physical deterrents such as locks, card access keys, or biometric
devices can be used to prevent criminals from gaining physical
access to a machine on a network. Strong password protection both
for access to a computer system and the computer's BIOS are also
effective countermeasures to against cyber-criminals with physical
access to a machine.
Another deterrent is to use a bootable bastion host that executes
a web browser in a known clean and secure operating environment.
The host is devoid of any known malware, where data is never
stored on the device, and the media cannot be overwritten. The
kernel and programs are guaranteed to be clean at each boot. Some
solutions have been used to create secure hardware browsers to
protect users while accessing online banking.

Page 40
 CYBERCRIME
Counter-Terror Social Network Analysis and
Intent Recognition.

The Counter-Terror Social Network Analysis and Intent

Recognition (CT-SNAIR) project uses the Terrorist Action
Description Language (TADL) to model and simulate terrorist
networks and attacks. It also models links identified in
communication patterns compiled from multimedia data, and
terrorists’ activity patterns are compiled from databases of past
terrorist threats.[19] Unlike other proposed methods, CT-SNAIR
constantly interacts with the user, who uses the system both to
investigate and to refine hypotheses.
Multimedia data, such as voice, text, and network session data,
is compiled and processed. Through this compilation and
processing, names, entities, relationships, and individual events are
extracted from the multimedia data. This information is then used
to perform a social network analysis on the criminal network,
through which the user can detect and track threats in the network.
The social network analysis directly influences and is influenced
by the intent recognition process, in which the user can recognize
and detect threats. In the CT-SNAIR process, data and transactions
from prior attacks, or forensic scenarios, is compiled to form a
sequential list of transactions for a given terrorism scenario.
The CT-SNAIR process also includes generating data from
hypothetical scenarios. Since they are imagined and computer-
generated, hypothetical scenarios do not have any transaction data

Page 41
 CYBERCRIME
representing terrorism scenarios. Different types of transactions
combine to represent the types of relationships between
individuals.
The final product, or target social network, is a weighted
multiplex graph in which the types of edges (links) are defined by
the types of transactions within the social network. The weights
within these graphs are determined by the content-extraction
algorithm, in which each type of link is thought of as a separate
graph and “is fed into social network algorithms in part or as a
whole.” Links between two individuals can be determined by the
existence of (or lack of) the two people being mentioned within the
same sentence in the compiled multimedia data or in relation to the
same group or event.
The final component in the CT-SNAIR process is Intent
Recognition (IR). The goal of this component is to indicate to an
analyst the threats that a transaction stream might contain. Intent
Recognition breaks down into three subcategories: detection of
“known or hypothetical target scenarios,” prioritization of these
target scenarios, and interpretation “of the resulting detection.”

Economic.

The optimal level of cyber-security depends largely on the

incentives facing providers and the incentives facing perpetrators.
Providers make their decision based on the economic payoff and
Page 42
 CYBERCRIME
cost of increased security whereas perpetrators decisions are based
on the economic gain and cost of cyber-crime. Potential prisoner’s
dilemma, public goods, and negative externalities become sources
of cyber-security market failure when private returns to security
are less than the social returns. Therefore, the higher the ratio of
public to private benefit the stronger the case for enacting new
public policies to realign incentives for actors to fight cyber-crime
with increased investment in cyber-security.

Page 43
 CYBERCRIME

Legal.
In the United States a number of legal statutes define and detail
the conditions for prosecution of a cyber-crime and are used not
only as a legal counter-measure, but also functions as a behavioral
check against the commission of a cyber-crime. Many of the
provisions outlined in these acts overlap with each. Namely:
a) The Computer Fraud and Abuse Act.
b) The Digital Millennium Copyright Act.
c) The Electronic Communications Privacy Act.
Page 44
 CYBERCRIME
d) The Stored Communications Act.
e) Identity Theft and Aggravated Identity Theft.
f) Identity Theft and Assumption Deterrence Act.
g) Gramm-Leach-Bliley Act.
h) Internet Spyware Prevention Act.

Page 45
 CYBERCRIME

Page 46
 CYBERCRIME

Page 47
 CYBERCRIME

Conclusion
1. The key to protecting yourself is being aware.
2. Not all cybercriminals are “hackers.”
3. There is a whole other world that exists in cyberspace… make
sure that your information travels safely.
4. Technology is destructive only in the hands of people who do
not realize that they are one and the same process as the

Page 48
 CYBERCRIME

Page 49