Types of Cyber Crimes and Security Threats

Transcription

1 SESSION 29 : Types of Cyber Crimes and Security Threats Computer crime, cyber crime, e-crime, hi-tech crime or electronic crime generally refers to criminal activity where a computer or network is the source, tool, target, or place of a crime. We will discuss about the various types of Cyber Crimes and Security Threats in this section. OBJECTIVES : Discuss the different types of Cyber Crimes and Security threats. Discuss the methods of Protection. Types of Cyber Crimes and Security Threats Computer crime is a general term that embraces such crimes as phishing, credit card frauds, bank robbery, illegal downloading, industrial espionage, child pornography, kidnapping children via chat rooms, scams, cyber terrorism, creation and/or distribution of viruses, Spam and so on. All such crimes are computer related and facilitated crimes. These categories are not exclusive and many activities can be characterized as falling in one or more category. Additionally, although the terms computer crime or cybercrime are more properly restricted to describing criminal activity in which the computer or network is a necessary part of the crime, these terms are also sometimes used to include traditional crimes, such as fraud, theft, blackmail, forgery, and embezzlement, in which computers or networks are used to facilitate the illicit activity. Computer crime or cyber crime can broadly be defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system),

2 data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud. Spam With almost half of all s being reported as unsolicited, it's no wonder spam tops the list of one of the most bothersome Internet irritations. New anti-spam laws are being passed in various countries which will hopefully limit the use of unsolicited electronic communications. The term spam refers to submitting the same message to a large group of individuals in an effort to force the message onto people who would otherwise choose not to receive this message. There are three main components to all types of spam: anonymity: the sender s identity and address are concealed mass mailing: spam is sent to a large number of recipients and in high quantities unsolicited: the individuals receiving spam would otherwise not have opted to receive it Common forms of spam include commercial advertising, usually for dubious products, such as get-rich-quick schemes, quasi-legal services, political messages, chain letters and fake spam used to spread viruses. There are many things you can do that will decrease the amount of spam in your inbox, including using a spam filter or a spam blocker. But there are also common sense ways

3 to prevent spam in your inbox and increase your address's security. Here are just a few: Never reply to or click on any links in a spam message Read your messages as text Preview your View message headers. Don't participate in forwards and ask your friends not to send you them Use a complicated address(funny but works) Read privacy policies before disclosing your address Keep your home or business address confidential Don't give your real address for registration Don't use your address as your screen name Disguise your address Use a spam filer or blocker Adjust your privacy settings Computer Fraud Computer fraud is any dishonest misrepresentation of fact intended to induce another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by: altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes; altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect; altering or deleting stored data; or altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes. This requires real programming skills and is not common.

4 Manipulating banking systems to make unauthorized identity theft with reference to ATM fraud. Phishing Phishing is one of the fastest growing crimes on the internet. In simple terms, Phishing is a scam employed by an individual attempting to persuade would-be victims into providing sensitive information. Phishing uses a combination of social engineering and technical subterfuge to lure the unsuspecting into financial ruin. This exploit originates via and typically requests account information, such as usernames or passwords, a situation that could easily lead to identity theft. Identity theft It is a serious crime badly affecting many individuals and organizations. Identity theft occurs when someone uses your personally identifying information (like your name, social security number, or credit card information) to pretend to be you. The identity thief does this for his own personal gain at the expense of his victim. This is fraud and it could result in serious consequences for the victim such as bad credit reports or even warrants for the victim's arrest, depending on what the thief chooses to do with the victim's personal information. Obscene or Offensive Content The contents of some of the websites and other electronic communications over the net can be really distasteful, obscene or offensive for a variety of reasons. In many countries such communications are considered illegal. It can be very troubling if your children are exposed to adult content. Harassment

5 This cyber crime encompasses all the obscenities and derogatory comments directed towards a specific individual or individuals focusing for example on gender, race, religion, nationality, and sexual orientation. Harassment is the cybercrime most commonly encountered in chat rooms or through newsgroups. Hacking - Spoofing and Sniffing Hacking is unauthorized use of computer and network resources. And the term 'hacker' can be used to describe enthusiasm for a game or sport, or, more recently, one's computer proficiency. More commonly, however, the term is used to describe a skilled computer user who uses this knowledge to gain an advantage over people who are less familiar with computing technology. Often times, a hacker's efforts are used to facilitate or perpetrate cyber crime. These are two other methods hackers and criminals can use to gain improper or illegal access to computer systems. Spoofing is becoming a common way to steal financial information through fake Web sites. The spoofed site is almost a mirror image of the real site and unless the unsuspecting user examines the spoof closely, he/she may inadvertently give out important personal and financial information. A sniffer is a type of eavesdropping program that monitors information traveling over a network. Sniffing is a popular way to grab information as it passes over transmission lines whether they are hard-wired or wireless. It is almost impossible to detect and encryption is about the only way to safeguard against it. Piracy

6 Internet piracy is the unlawful reproduction and/or distribution of any copyrighted digital file that can change hands over the Internet. This can be done with music files, videos and movies, e-books, software, and other materials. Those who engage in Internet piracy can often conduct their entire operation on the Internet, including advertising and sales. Internet piracy has become a worldwide crime problem, because of the relative ease with which it can be committed, even over long distances. Drug Trafficking Drug traffickers use the Internet as a medium for trading their illegal substances by sending out enciphered and other Internet Technology. Most of the drug traffickers can be found arranging their illegal deals at internet cafes, using courier websites for the delivery of illegal packages containing drugs, and sharing formulas for amphetamines in restricted-access chat rooms. Cyber Terrorism Due to the increase in cyber terrorism, the hacking into official websites or the crashing of official websites, government officials and Information Technology security specialists have recently begun a significant increase their mapping of potential security holes in critical systems in order to better protect information sensitive sites. Malware Malware in its many forms poses one of the biggest threats to internet users today. Malicious software can be divided into a number of different categories and includes computer viruses, worms, Trojans and spyware among others. It has the ability to hijack your web browser, redirect your search engine attempts, bombard your screen with popup advertisements and even monitor your activity. Because malware is often poorly scripted, it may cause your computer to become terribly slow and unstable. If it is not removed immediately, this type of program can eventually cause your system to become inoperable.

7 Most malware programs will reinstall themselves even after you think they have been removed. They typically hide deep within the Windows registry, making them difficult to manually remove. When this occurs, your computer may become so unstable that installing a malware removal tool may be impossible. Types of Malware The more you educate yourself on malicious software, the better off you'll be. Malware is not a virus. In fact, it consists of viruses, worms, Trojan horses, adware, rootkits and many other nasty infections. Some of these programs are more of an annoyance than anything, while others pose a serious threat to your computer. Regardless of the type, each of them offer their own unique security threat, and they should be avoided at all costs. Viruses The computer virus is the most infamous form of malware. It is a self replicating program that infects a system without authorization. A virus is often transmitted via but can also be distributed through various storage mediums such as a flash drive. Once installed, it will execute itself, infect system files, and attempt to propagate to other systems. Signs of a Computer Infection Your computer functions slower than normal Your computer responds slowly and freezes often Your computer restarts itself often You see uncommon error messages, distorted menus, and dialog boxes You notice applications on your computer fail to work correctly You fail to print correctly Types of Viruses Boot Sector viruses Program viruses Stealth viruses

8 Polymorphic viruses Macro Viruses Active X and Java Control Worms Though closely related, worms and viruses are two completely different types of malware. Both have the ability to self-replicate and propagate by attaching themselves to files. While a virus moves from machine to machine, a worm tends to leach onto network traffic and can be a corporation's worst nightmare. In no time, it can travel through the internet and inflict great damage from deleting files to creating backdoors that give its creator control of a system. Trojan Horses Similar to the mythical wooden horse used by the Greeks to invade Troy, the Trojan horse is a very deceptive program that appears harmless but is actually one of the most dangerous types of malware. It may arrive as a friendly attachment or present itself as a useful application on a website. Because it does not have the ability to self replicate, a Trojan cannot be classified as a virus. However, it does have the ability to deliver destructive payloads and unload viruses, worms or spyware. Spyware Spyware is a sneaky program that tracks and reports your computing activity without consent. While it isn't designed to inflict damage, spyware can terribly affect the performance of your computer over time. Spyware usually comes bundled with free software and automatically installs itself with the program you intended to use. Signs of spyware include sudden modifications to your web browser, redirects of your search attempts and the frequent displaying of pop-ups. In this instance, spyware can also be termed as adware which is essentially add-supported software that has the ability to track your activity. Rootkits

9 A rookit could be a single program or collection of programs designed to take complete control of a system. This type of malware is employed by hackers and gives them all the abilities of a system administrator from a remote location. Rootkits are very sophisticated as they make hackers very difficult to find. They are often used to infect other computers and enslave them as zombies, forcing them to attack other machines, distribute spam or steal passwords. When attempting to track a rootkit's creator, the search usually ends with the first zombie while the hacker goes undetected. Malware Protection Implementing malware protection is a critical step towards securing your computer and the sensitive information it contains. Whether it's a nasty virus, a slithery network worm or deceptive Trojan horse, these malicious programs will attempt to enter your system and stir up major chaos. It's a jungle of danger online, but you do not have to be a victim. The following tips will help you prevent infection and stay protected against the many faces of malware. Operating System Updates One way to keep your computer more secure is to frequently update the Windows operating system. Microsoft is always making improvements to the system, so by enabling the automatic update feature, you will receive the latest security patches for Windows and Internet Explorer. Anti-virus Anti-virus software is a must these days as viruses are one of the most common types of malware. There are several options available, ranging from free solutions like Norton and AVG Anti-virus to paid programs. These programs function best when they receive daily upgrades. Remember to only install one, as multiple anti-virus programs do not complement each other well.

10 Anti-spyware You can take malware protection one step further by installing anti-spyware software on your computer. Spyware is a huge problem on the net and often so sophisticated that a virus scanner will not detect it. Just as with your anti-virus program, your spyware tools should receive frequent updates to detect and destroy the latest threats. Protect Your Registry The registry is one of the most critical components of the Windows system. When malware is installed, it often settles and hides out in the registry, making it very difficult to locate. The best way to guard your registry is to install an anti-malware program. Malware protection softwares are essential for someone that frequently uses the internet. Protect Your Browser Malware primarily enjoys a reign of terror due to vulnerabilities in the Internet Explorer web browser. Though version 7.0 is more secure, you should take additional measures by increasing security settings and disabling Active X support. You can ensure better protection against malware by using a browser like Opera or Mozilla FireFox. These browsers offer a safer browsing experience and more features for personalization.