Download
cyber threats n.
Skip this Video
Loading SlideShow in 5 Seconds..
Cyber Threats PowerPoint Presentation
Download Presentation
Cyber Threats

Cyber Threats

186 Vues Download Presentation
Télécharger la présentation

Cyber Threats

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Cyber Threats Ibrahim Salim Dept. of Computer Applications, MES College Marampally

  2. Why we about study Cyber Crime • Everybody is using COMPUTERS.. • From White Collar Criminals to Terrorist Organizations and from Teenagers to Adults • New generation is growing up with computers • Monetary transactions are moving on to the INTERNET

  3. What is cyber crime? • All crimes performed or resorted to by abuse of electronic media or otherwise, with the purpose of influencing the functioning of computer or computer system. • COMPUTER CRIME is any crime where • Computer is a target. • Computer is a tool of crime • Computer is incidental to crime Computer crime can be defined as crime against an organization or an individual in which the perpetrator of the crime uses a computer or computer enabled technology for all or part of the crime

  4. Cyber crime • Computer evidence can also be found in computer non-essential crime like murder, fraud, theft, forgery, rape etc. • Computer System can be a victim , tool or a witness in the crime • Interpol has broadly divided the computer crime in to different categories

  5. Interpol grouping • Category I : Unauthorized access Interception • Hacking • Interception • Time theft • Category II : Alteration of Computer Data • Logic Bomb • Trojan horse • Virus • Worm • Data diddling • Salami technique • Trap doors • Data Leakage

  6. Category III : Computer Related Frauds • Cash Dispensers • Computer Forgery • Program Manipulation • Program piracy • Fraud at Payment Points • Category IV : Unauthorized reproduction • Software Piracy • Category V : Computer Sabotage • Hardware sabotage • Software sabotage

  7. Category VI : Miscellaneous Computer Crimes • Theft of Trade secrets • Distribution of anti social material • Evades dropping and spying • Masquerading • Piggybacking and Tail gating • Scavenging and reuse • Scanning • Asynchronous attacks • Computer component thefts

  8. Proof • Computer generated document is also be considered as original. • Electronic record is also physical evidence that can be collected ,seized and analyzed using special tools called forensic tools comprising Hardware and Software • With forensic tool it is possible that no data is added or deleted from the suspect storage media during the forensic analysis. • It is possible to retrieve the electronic records though they are deleted using operating system.

  9. Crime….. • Crime itself has some essential elements to bring within the framework of crime. • Actus Reus • Mens Rea • In cyber crime it is easier to identify that the crime has been committed but difficult to prove it. There should be an act which is a result of human conduct. It is the result that the law tries to prevent Act should be accompanied with a state of guilty mind

  10. IT Act 2000

  11. IT Act • The Information Technology Act 2000 (ITA-2000)(IT ACT) is an Act of the Indian Parliament (No 21 of 2000) notified on October 17, 2000. • The UN General Assembly has adopted the Model Law on Electronic Commerce on 30 January • Following the UN Resolution India passed the Information Technology Act 2000 in May 2000 and notified it for effectiveness on October 17, 2000. • The Information technology Act 2000 has been substantially amended through the Information Technology Amendment Act 2008 which was passed by the two houses of the Indian Parliament on December 23, and 24, 2008. • Information technology Act 2000 consisted of 94 sections segregated into 13 chapters. Four schedules form part of the Act. • In the 2008 version of the Act, there are 124 sections (excluding 5 sections that have been omitted from the earlier version) and 14 chapters. Schedule I and II have been replaced. Schedules III and IV are deleted.

  12. IT ACT.. • ITAA 2008 (Information Technology Amendment Act 2008) as the new version of Information Technology Act 2000 is often referred has provided additional focus on Information Security. It has added several new sections on offences including Cyber Terrorism and Data Protection. • A set of Rules relating to Sensitive Personal Information and Reasonable Security Practices (mentioned in section 43A of the ITAA, 2008) was released in April 2011

  13. Criticism • The amendment was passed in an eventful Parliamentary session on 23rd of December 2008 with no discussion in the House. • Some of the cyber law observers have criticized the amendments on the ground of lack of legal and procedural safeguards to prevent violation of civil liberties of Indians. • There have also been appreciation about the amendments from many observers because it addresses the issue of Cyber Security. • Section 69 empowers the Central Government/State Government/ its authorized agency to intercept, monitor or decrypt any information generated, transmitted, received or stored in any computer resource if it is necessary or expedient so to do in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence or for investigation of any offence. • They can also secure assistance from computer personnel in decrypting data (see mandatory decryption), under penalty of imprisonment

  14. Penalty for damage • Section 43 deals with the penalties for damage done to a computer ,computer system or Computer Network or Computer Recourses(from now onwards Cyber Commodities) • If any person does not take permission from the owner or a person in charge of a computer and accesses or secure accesses to cyber commodities • If a person disrupts or causes disruption of any cyber commodities or if he denies or causes the denial of access to a cyber commodities by any means. • He may also try to provide any assistance to any person to facilitate access to any cyber commodities. • If he charges the service availed of by a person to the account of another person by tampering with or manipulating any cyber commodities.

  15. If he destroys deletes or alters any information in the computer resource or diminishes its value or utility or affects it injuriously by any means like steeling , concealing, destroying or altering or causes any person to steal.,.,..any computer source code used for a computer resource with an intention to cause damage. • Under all the above mentioned circumstances the person has to pay for the damage to the affected person by way of a compensation not exceeding one crore rupees

  16. Tampering with Source code : Sec 65 • “Computer Source Code" means the listing of programmes, computer commands, design and layout • Most important asset of software companies • Efforts or actions or commands given to a computer to alter /destroy in such a way that they cannot be used by the owner. • Whether intentional or mischievous act but punishable • The organizations should register its Source Code else it becomes difficult to prove the particular source code was their property.

  17. Hacking : Sec 66 • Hacking in simple terms means illegal intrusion into a computer system without the permission of the computer owner/user. • Latest development Hacking Wi-Fi • When a person dishonestly or frequently acts according to the act referred in Section 43 of this Act , he shall be liable for punishment

  18. Hacking.. • Section 66(A) prescribes punishment for sending offensive messages through computer resources or any communication device • Mens Rea :- with an ill intention of causing annoyance ,inconvenience danger obstruction ,insult , injury, criminal intimidation ,enmity , hatred and ill will.

  19. Section 66(B) && (C) • Person who knowingly receives or retains stolen computer resource or communication device. • When a person fraudulently and dishonestly uses another person’s unique identification features like electronic signature or password he attracts punishment.

  20. Section 66(D) && (E) • 66 D :- Impersonating somebody else if a person cheats via a computer • 66 E :- describes punishment for violating the privacy of a person by intentionally or knowingly capturing ,publishing or transmitting the image of a private area of any person without his/her consent.

  21. Section 66 F Cyber Terrorism • Who ever ,- • With intent to threat the unity ,integrity , security or sovereignty of India or to strike terror in the people or any section of the people by- • Denying or cause denial of access to any person authorized to access the computer resource or • Attempting penetrate or access a computer recourse without authorization • Introducing or causing to introduce any computer contaminant.

  22. Section 66 F Cyber Terrorism • Knowingly or intentionally penetrates or access computer resource and by means obtain access to data that is restricted for reasons of the security of the state or foreign relations or cause injury to public order decency or morality in relation contempt of court etc. • Who ever commits or conspires to cyber terrorism shall be punishable.

  23. Section 67 describes • punishment for a person publishes or transmits material that contain sexually explicit act or conduct in electronic form. • To prevent child pornography Act has given a separate section. • Section 67(B) deals with the punishment for publishing or transmitting of material depicting children in sexually explicit act in electronic form.

  24. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  25. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  26. Modifier is not entitled to do so or doesn’t have the consent of any person who can be entitled for it.

  27. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  28. Virus is a self replicating program which spreads throughout a computer system, attaching copies of itself to ordinary programs. • Popular computer viruses • Adware • Spyware • Denial of service • Spam mails • Botnet • Fast flux

  29. Virus • Malicious software that attaches itself to other software.. • Virus, • worms • Trojan Horse • Time bomb • Logic Bomb • Rabbit • Bacterium

  30. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  31. A male doctor took out naked videos during massage session and while conducting various beauty therapies , after that he showed the clipping to her and black mailed for have sex with him. • During this time too he took the video and then started distributing CDs for money.

  32. DENIAL OF SERVICE ATTACK • This is an act by the criminal who floods the bandwidth of the victim’s network or fill's his e-mail box with spam mail depriving him of the services he is entitled

  33. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  34. In forgery and counter feting of data the best example to cite will be when a person learns of a computer software and later detaches himself from organization to make copies of this popular package ,dressing them up to look like original and selling them.

  35. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  36. Pornography • Pornography is the first consistently successful ecommerce product. • The IT Act (Amendment) 2008,comes heavily on pornography via computer or electronic form. • When people who see or hear the matter contained and embodied in an electronic medium are exposed to any material which is lascivious and has its effect on them so that it depraves or corrupts the minds of the persons, such publisher of such material is liable for punishment under section 67.

  37. Predation • The likelihood of a young person being harmed by an online stranger in this way is quite rare, and most sexual solicitations are from peers. • The overwhelming majority of crimes against youth continue to take place in the “real world,” mostly by adults known to the children. • Just as in the real world, it’s neither possible nor desirable to completely isolate young people from adults, so the best protection against this type of manipulation and exploitation is critical thinking Sex offenders who use the Internet to seek underage victims have been widely characterized as “online predators.”

  38. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  39. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  40. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  41. Computer related offences • Unauthorized modification of data • Computer viruses • Blackmail • Forgery • Pornography • Threatening emails • Identity theft • Suppression of data • Program frauds • Fake profile • Bank fraud

  42. Lots of financial frauds has been committed with the help of identity theft. • Here the hacker comes to know the personal details of the victim an places himself in place and performs all the fraudulent activities. • One person modified the Kerala PSC admit card. • Installing key logging software in cyber cafes: avoid usage of transaction accounts at public place

  43. Nigerian fraud • Program frauds • Fake profile :- creating of fake addresses with fake name so as to mislead the victim and at the same time being successful in fraudulent activities. • Bank Fraud:- problems with private banks • ATMs doesn’t have CCTV