CHAPTER 3:
CYBER CRIMES
Network Security Ethics (NTC 1012) by HYMG

Objectives
• Definition of cyber crimes
• Causes of cyber crimes
• Impact of cyber crimes
• Who commits cyber crimes
• Types of cyber crimes
• Preventing cyber crimes
• Challenges of cyber crimes

Definition
Criminal (illegal) activities committed against or by the use of
computer and the Internet
Anybody who uses computer has the potential of being a cyber
criminals
Any crime where –
• Computer is a target.
• Computer is a tool of crime
• Computer is incidental to crime

Causes of Cyber Crimes
The growth of the Internet
New OS vulnerabilities
Anonymity
Lack of awareness of user

Impact of Cyber Crimes

Who Commit?
INSIDERS
HACKERS
VIRUS
WRITERS
FOREIGN
INTELLIGENCE
TERRORISTS
TEENAGERS

Types of Cyber Crimes
• Purpose: Greed
Power
Publicity
Revenge
Adventure
Desire to access forbidden information
Destructive mindset
Examples: hack to steal info., destroy files, disrupt business,
crash web sites, investigation etc.
Illegal intrusion into computer system without the permission
of the computer owner/user.

Types of Cyber Crimes
Examples: Attacker fills in the victim e-mailbox with spam mails
that stops him from accessing the service.
An attack whose purpose to disrupt computer access to an
Internet service such as the web or e-mail.

Types of Cyber Crimes
Examples:
Some stalkers keep on sending repeated e-mails asking for
various kinds of favors or threaten the victim.
Enter the chat room and frequently posting notes to the victim,
making sure the victim is aware that he/she is being followed.
Many times they will "flame" their victim (becoming
argumentative, insulting) to get their attention.
The repeated acts harassment or threatening behavior of the
cyber criminal towards the victim by using Internet services or
other electronic communication devices.

Types of Cyber Crimes
Getting one computer on a network to pretend to have the
identity off another computer, usually one with special access
privileges , so as to obtain access to the other computers on
the network.
Email spoofing: forgery of an e-mail header so that the message appears to
have originated from someone or somewhere other than the actual source.
IP spoofing: A technique used to gain unauthorized access to computers,
whereby the intruder sends messages to a computer indicating that the
message is coming from a trusted host by spoofing the IP address of that
machine.

Types of Cyber Crimes
The act of sending an e-mail to a user falsely claiming to be an
established legitimate enterprise in an attempt to scam the user into
surrendering private information that will be used for identity theft.
Examples:
Pull out confidential information from the bank
Scenario: Sara received an e-mail that directs her to visit a website
where she is asked to update her personal information such as bank
account numbers, credit card and passwords. The website, however is
set up only to steal Sara’s information.
Fraudulent attempt to get sensitive information by pretending
to be a trustworthy entity usually through e-mail.
- Web page spoofing

Types of Cyber Crimes
From: *****Bank [mailto:support@****Bank.com]
Sent: 08 June 2004 03:25
To: India
Subject: Official information from ***** Bank
Dear valued ***** Bank Customer!
For security purposes your account has been randomly chosen for
verification. To verify your account information we are asking you to
provide us with all the data we are requesting. Otherwise we will not be
able to verify your identity and access to your account will be denied.
Please click on the link below to get to the bank secure page and verify
your account details. Thank you.
https://infinity.*****bank.co.in/Verify.jsp
Phishing E-mail

Types of Cyber Crimes
Sniffer: program that able to capture any traffic traveling along the
network segment to which it is connected.
 monitor and analyze network traffic, detecting bottleneck and
problems.
Can be used legitimately or illegitimately to capture data being
transmitted on a network
Technique that monitors and analyzes network traffic,
detecting bottlenecks and problems.

Types of Cyber Crimes
 Any network traffic that is transmitted in clear text is
susceptible to sniffing. Telnet, FTP, and other clear-text
sessions provide valuable information. The sniffer can capture
a complete telnet and FTP session, including the user name
and password.
 Sniffed e-mail and HTTP traffic may yield actual passwords or
clues that enable passwords to be guessed.
 Sniffed e-mail may also yield confidential material, legal
matters, or other information that should normally be
encrypted.
 Password sniffing: wiretapping on a network, to gain
knowledge of passwords to capture and reveal password.
 Anti-sniff: program that can detect sniffers.

Types of Cyber Crimes
• Anybody including children can log on to and access websites
with pornographic contents with a click of a mouse.
• Publishing, transmitting any material in electronic form is an
offence under the provisions of Malaysian act.
The sexually explicit depiction of persons, in words or images,
created with the primary, proximate aim, and reasonable hope,
of eliciting significant sexual arousal on the part of the
consumer of such materials.

Types of Cyber Crimes
Typical action of viruses:
• Display a message to prompt an action which may set of the virus
• Erase files
• Scramble data on a hard disk
• Cause erratic screen behavior
• Halt the PC
• Just replicate itself!
World’s worst virus attack: Love letter(2000), Melissa(1999), Anna Kournikova
worm(2001), Nimda(2001), Klez(2001).
Dissemination of malwares to potentially large numbers of
programs on many machines that can cause harm.

Types of Cyber Crimes
Examples:
Theft of software through the illegal copying of genuine
programs or the counterfeiting and distribution of products
intended to pass for the original is termed as termed as
software piracy.
• End user copying - Friends loaning disks to each other, or organizations
underreporting the number of software installations they have made.
• Hard disk loading – Hard disk vendors loads pirated software
• Counterfeiting - large-scale duplication and distribution of illegally copied
software.
• Illegal downloads from the Internet - By intrusion, cracking serial
numbers etc.

Types of Cyber Crimes
Other words - the premeditated use of disruptive activities, or the threat
thereof, against computers and/or networks, with the intention to cause
harm or further social, ideological, religious, political or similar
objectives, or to intimidate any person in furtherance of such objectives.
Example:
Terrorist target the servers of sensitive ministries in the country with the
intent of shutting down its critical computer system.
Unlawful use of network resources to attack against computer
system and information and cause violence against persons
and property

Types of Cyber Crimes
Impact: could range from economic disruption through the interruption
of financial networks and systems or used in support of a physical attack
to cause further confusion and possible delays in proper response.
Direct Cost Implications
• Loss of sales during the disruption
• Staff time, network delays, intermittent access for business users
• Loss of intellectual property - research, pricing, etc.
• Loss of critical communications in time of emergency
Indirect Cost Implications
• Loss of confidence and credibility in our financial systems
• Tarnished relationships & public image globally
• Strained business partner relationships - domestic and internationally
• Loss of trust in the government and computer industry

Challenges in Cyber Crimes

Preventing Cyber Crimes

Thank You