Más contenido relacionado


Chapter 3

  1. CHAPTER 3: CYBER CRIMES Network Security Ethics (NTC 1012) by HYMG
  2. Objectives • Definition of cyber crimes • Causes of cyber crimes • Impact of cyber crimes • Who commits cyber crimes • Types of cyber crimes • Preventing cyber crimes • Challenges of cyber crimes
  3. Definition Criminal (illegal) activities committed against or by the use of computer and the Internet Anybody who uses computer has the potential of being a cyber criminals Any crime where – • Computer is a target. • Computer is a tool of crime • Computer is incidental to crime
  4. Causes of Cyber Crimes The growth of the Internet New OS vulnerabilities Anonymity Lack of awareness of user
  5. Impact of Cyber Crimes
  7. Types of Cyber Crimes • Purpose: Greed Power Publicity Revenge Adventure Desire to access forbidden information Destructive mindset Examples: hack to steal info., destroy files, disrupt business, crash web sites, investigation etc. Illegal intrusion into computer system without the permission of the computer owner/user.
  8. Types of Cyber Crimes Examples: Attacker fills in the victim e-mailbox with spam mails that stops him from accessing the service. An attack whose purpose to disrupt computer access to an Internet service such as the web or e-mail.
  9. Types of Cyber Crimes Examples: Some stalkers keep on sending repeated e-mails asking for various kinds of favors or threaten the victim. Enter the chat room and frequently posting notes to the victim, making sure the victim is aware that he/she is being followed. Many times they will "flame" their victim (becoming argumentative, insulting) to get their attention. The repeated acts harassment or threatening behavior of the cyber criminal towards the victim by using Internet services or other electronic communication devices.
  10. Types of Cyber Crimes Getting one computer on a network to pretend to have the identity off another computer, usually one with special access privileges , so as to obtain access to the other computers on the network. Email spoofing: forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. IP spoofing: A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer indicating that the message is coming from a trusted host by spoofing the IP address of that machine.
  11. Types of Cyber Crimes The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. Examples: Pull out confidential information from the bank Scenario: Sara received an e-mail that directs her to visit a website where she is asked to update her personal information such as bank account numbers, credit card and passwords. The website, however is set up only to steal Sara’s information. Fraudulent attempt to get sensitive information by pretending to be a trustworthy entity usually through e-mail. - Web page spoofing
  12. Types of Cyber Crimes From: *****Bank [mailto:support@****] Sent: 08 June 2004 03:25 To: India Subject: Official information from ***** Bank Dear valued ***** Bank Customer! For security purposes your account has been randomly chosen for verification. To verify your account information we are asking you to provide us with all the data we are requesting. Otherwise we will not be able to verify your identity and access to your account will be denied. Please click on the link below to get to the bank secure page and verify your account details. Thank you. https://infinity.***** Phishing E-mail
  13. Types of Cyber Crimes Sniffer: program that able to capture any traffic traveling along the network segment to which it is connected.  monitor and analyze network traffic, detecting bottleneck and problems. Can be used legitimately or illegitimately to capture data being transmitted on a network Technique that monitors and analyzes network traffic, detecting bottlenecks and problems.
  14. Types of Cyber Crimes  Any network traffic that is transmitted in clear text is susceptible to sniffing. Telnet, FTP, and other clear-text sessions provide valuable information. The sniffer can capture a complete telnet and FTP session, including the user name and password.  Sniffed e-mail and HTTP traffic may yield actual passwords or clues that enable passwords to be guessed.  Sniffed e-mail may also yield confidential material, legal matters, or other information that should normally be encrypted.  Password sniffing: wiretapping on a network, to gain knowledge of passwords to capture and reveal password.  Anti-sniff: program that can detect sniffers.
  15. Types of Cyber Crimes • Anybody including children can log on to and access websites with pornographic contents with a click of a mouse. • Publishing, transmitting any material in electronic form is an offence under the provisions of Malaysian act. The sexually explicit depiction of persons, in words or images, created with the primary, proximate aim, and reasonable hope, of eliciting significant sexual arousal on the part of the consumer of such materials.
  16. Types of Cyber Crimes Typical action of viruses: • Display a message to prompt an action which may set of the virus • Erase files • Scramble data on a hard disk • Cause erratic screen behavior • Halt the PC • Just replicate itself! World’s worst virus attack: Love letter(2000), Melissa(1999), Anna Kournikova worm(2001), Nimda(2001), Klez(2001). Dissemination of malwares to potentially large numbers of programs on many machines that can cause harm.
  17. Types of Cyber Crimes Examples: Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original is termed as termed as software piracy. • End user copying - Friends loaning disks to each other, or organizations underreporting the number of software installations they have made. • Hard disk loading – Hard disk vendors loads pirated software • Counterfeiting - large-scale duplication and distribution of illegally copied software. • Illegal downloads from the Internet - By intrusion, cracking serial numbers etc.
  18. Types of Cyber Crimes Other words - the premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives. Example: Terrorist target the servers of sensitive ministries in the country with the intent of shutting down its critical computer system. Unlawful use of network resources to attack against computer system and information and cause violence against persons and property
  19. Types of Cyber Crimes Impact: could range from economic disruption through the interruption of financial networks and systems or used in support of a physical attack to cause further confusion and possible delays in proper response. Direct Cost Implications • Loss of sales during the disruption • Staff time, network delays, intermittent access for business users • Loss of intellectual property - research, pricing, etc. • Loss of critical communications in time of emergency Indirect Cost Implications • Loss of confidence and credibility in our financial systems • Tarnished relationships & public image globally • Strained business partner relationships - domestic and internationally • Loss of trust in the government and computer industry
  20. Challenges in Cyber Crimes
  21. Preventing Cyber Crimes
  22. Thank You