Cyber Security Assignment-1

1. Explain briefly Categorization of Cybercriminals

2. Explain briefly Cybercrime against an individual.
 Cybercrime against individuals primarily involves activities that
involve the use of the internet and computers as a tool to extract
private information from an individual, either directly or indirectly,
and disclose it on online platforms without the person’s consent
or illegally in order to degrade the person’s reputation or cause
mental or physical harm.
Types of Cybercrime against Individuals
Cybercrime may be broadly classified into three types:

1. Cybercrime against an individual is a type of cybercrime that occurs

in or through the use of the internet. Sexual, ethnic, religious, or other
forms of harassment exist.

2. Cybercrime against an individual’s property includes computer

wreckage, the destruction of other people’s property, the delivery of
destructive programs, trespassing, and unlawful possession of
computer information.

3. Cybercrime against the government, such as cyberterrorism or

plotting against the governmental activities

Examples of Cybercrime against Individual

1. Phishing and Scam:

Phishing is a sort of social engineering attack and cybercrime against

an individual where the attacker deceives them by sending phony
messages and emails in order to get sensitive information about the
user or to attempt to download malicious software and exploit it on the
target machine.

2. Theft of Identity:

Identity theft happens when a cybercriminal utilizes another person’s

personal information, such as credit card details or personal
photographs, to perpetrate fraud or a crime without their permission.

3. Ransomware Infection:
Ransomware attacks are a sort of cybercrime against individuals that
is fairly widespread. It is a sort of virus that may restrict users from
accessing all of their personal data on the device by encrypting it and
then demanding a ransom to get access.

4. Malware Attacks:

These are cyber crimes against individuals who use cell phones with
internet access and are sometimes tracked for their location, online
searches, usernames, and passwords input on their devices,
webcams, and so on.

5. Cyberstalking:

Cyberstalking is a type of cybercrime against an individual where

someone follows somebody on social media, online websites, or
search engines, exposing the user to a barrage of online messages or
emails threatening his or her safety.

6. Social Media Hacking:

Hacking on social media is a cybercrime against an individual when

someone creates a phoney account and gains the followers or friends
of the general public. This then provides the false account the ability to
send out mass emails to inboxes.

7. Web Jacking:

Digital marketing has become the new normal, enticing firms to create
their own websites. More website traffic suggests that more people
are aware of their products/services/brands.

Steps to avoid Cybercrime against Individuals

1. Making use of an internet security package: This helps
safeguard your private and financial information while you use the
internet by offering real-time protection against known and unknown
malware, such as viruses and ransomware.
2. Use secure passwords: Avoid using the same password across
many websites, and change it frequently. Make them challenging.
That entails utilizing a minimum of 10 different letters, numbers, and
symbols.

3.Disclosing private information: Never communicate or divulge

any sensitive information, including your bank account number, ATM
pin, password, or email address, over an unencrypted connection.

4. Not answering spam: Avoid visiting untrusted websites or clicking

on links sent to you by unknown or untrusted websites. Spams are the
most common form of cybercrime against the individual.

3. Explain briefly Cybercrime against an Organization.

4. Describe Email Spoofing.
How to identify a spoofed email
 The displayed sender name does not match the email address
 The information in the email signature, such as the telephone number, doesn’t align with what is known about the sender (i.e., the
sender is located in California but the phone number in the sig file has a Massachusetts area code)
 Check the email header for the RECEIVED line. It should match the email address that is displayed in the email
 Check the email header for RECEIVED-SPF. It should say Pass. If it says Fail or Softfail, the email may have been spoofed
 If the organization is using DKIM and DMARC, the AUTHENTICATION-RESULTS will show whether the email passed the
requirements of those protocols.

How to protect yourself from email spoofing

Use email security protocols

Email security protocols use domain authentication to reduce threats and spam. The
email security protocols in use today are Sender Policy Framework (SPF),
DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication,
Reporting, and Conformance (DMARC).

SPF detects forged sender addresses during the delivery phase, but it can only
detect them in the envelope of the email, which is used when an email is bounced.
However, when used in conjunction with DMARC authentication, SPF can detect a
forged “visible sender,” which is a technique that is commonly used in phishing and
spam.

Encrypt emails

DKIM uses public and private keys to prove that a sender is who they say they are.
Each message that goes out through SMTP needs a pair of keys that match a public
DNS record, which is verified by the receiving mail server.

Deploy an email security gateway

Email security gateways, or Secure Email Gateways, are a collection of

technologies that work on a network level to block emails that do not meet security
policy requirements. An email security gateway scans all incoming and outbound
email and may also include capabilities like malware blocking, spam filtering,
content filtering, and email archiving. Because these protective actions occur at the
network level, users are not impacted at all.

Use an antimalware solution

Antimalware may detect and block spoofed emails before they reach their targets’
inboxes. It’s important to keep antimalware software up to date because attackers
are alert to newly-identified vulnerabilities and act quickly to exploit them.

5. Discuss briefly about Spamming.

Types of Spam
Spam can range from annoying emails to different types of internet spam, like social
media comments full of excessive links or even sensationalist headlines in media
outlets and on other websites that you can’t seem to not see.
Here are the main types of spam you can find online:
Spam emails
Spam emails are the most common type of spam you’re likely to encounter online.
They clog up your inbox and distract you from the emails you actually want to read.
Thankfully, most email clients allow you to report, filter, and block most spam emails.
SEO spam
Also known as “spamdexing,” SEO spam refers to the manipulation of search engine
optimization (SEO) methods to improve the rankings of a spammer’s website in
search engines. We can divide SEO spam into two broad categories:
Content spam
Some spammers cram their pages full of popular keywords to try and rank the pages
of their website higher when people make searches with those keywords. Others will
use existing content without permission to make their own pages seem more
substantial and unique.
Link spam
If you’ve come across a blog comment or forum post that’s filled with irrelevant links,
you’ve encountered link spam. The spammer is trying to exploit an SEO mechanic
known as “backlinking” to drive traffic to their page.
Social media spam
With the rise of social media, spammers have been quick to take advantage of all the
attention on those platforms, spreading their spam via bots and other sketchy
accounts. Most social media spam contains links to commercial pages, which aim to
increase traffic or revenue for a spammer’s website.
Spam text messages and spam calls
Some spammers send text messages (SMS), push notifications, or even call your cell
phone to get your attention. Spam messages can also take the form of instant
messages via popular messaging apps like WhatsApp, Skype, and Snapchat. It's best
to block spam texts and calls from suspected spammers, not answer weird texts, and
never click links on any spam messages.
Tech support scams
Tech support scams usually begin with a phone call from someone pretending to be an
IT professional from a legitimate company. The scammer will try to convince you
there’s something wrong with your computer and that if you give them remote access
they can fix it. Tech support scams can also start with malicious advertisements on
infected sites.
Current events scams
The deluge of sensationalist news published daily gives spammers the opportunity to
exploit headlines to capitalize on tragedies or political events. You might receive a
spam message or spam email asking you to contribute to a fundraising campaign that
isn’t legitimate.
Malware spam (malspam)
Malware spam is exactly what it sounds like: spam that includes malware. It’s usually
delivered to your computer or mobile device via a spam text message or spam email.
This type of spam can deliver almost any type of malware,
from ransomware to trojans to spyware.
 6. What are Salami Attack / Salami Technique?
A salami attack is a method of cybercrime that attackers or a hacker typically
used to commit financial crimes. Cybercriminals steal money or resources
from financial accounts on a system one at a time. Those who are found
guilty of such an attack face punishment under Section 66 of the IT Act.
Working of Salami attack:
During this kind of attack, an awfully insignificant change is introduced that goes
completely unnoticed. as an example, a bank accountant inserts a program, into the
bank’s servers, that deducts a satiny low amount of cash from the account of each
customer. No account holder will probably notice this Unauthorized debit, but the
bank accountant will make an outsized amount of cash each month. as an example,
an employee of a bank in the USA was terminated from his job. Disgruntled at
having been supposedly mistreated by his employers the person first introduced a
logic bomb into the bank’s systems.

Types of Salami attacks:

 Salami Slicing: Salami Slicing occurs when the attackers/hacker get
customer information, like Bank/credit card details and other similar sort
of detail by using an online database the attacker/hacker deduct an awfully
touch of cash from each account as an example, suppose an
attacker/hacker withdraws ₹0.0001 from each checking account. Nobody
will notice so, an oversized sum is produced when one dollar is deducted
from each account holder at that bank and the attacker got a stack of cash.
 Penny Shaving: when the attackers/hacker steal money in small amounts.
By using rounding to the closest within the transactions. so, change is so
small so, nobody can detect such dough in a single transaction
Prevention From Salami attack:
Users are encouraged to oversee their weekly transactions and month-to-month bank
statements to shield their bank accounts from being hindered by a salami attack.
If you have got any issues with any strange charges on your account, contact your
bank.
Financial institutions, like banks, should also update their security so that the
attacker doesn’t become conversant in how the framework is meant. Banks should
advise customers on the due to report any money deduction that they weren’t tuned
in to.
real life examples
 Small “shavings” for Big gains!
 The petrol pump fraud

7. Discuss about Usenet Groups.

Usenet is the contraction of the User Network. It resembles just a Bulletin Board
System where users can post articles or posts on various topics.
A usenet is a collection of user-submitted articles or posts on various topics/subjects
that are posted to servers on world wide network.

Working of Usenet
The Usenet is built on the Network News Transfer Protocol (NNTP), a standard Internet
protocol in Request for Comments (RFC) 977 and has two components:
 A client/server portion that allows users running client software such as
Google Chrome to interact with the news servers by downloading a list of
available. Usenet newsgroups on the server, read existing messages in the
newsgroups, reply to existing messages, or post new messages.
  A server/server portion that allows news servers to establish communication
with each other, for the purpose of replicating messages from newsgroups.
For example, Microsoft Exchange Server fully supports NNTP.
Newsgroup
Each topic collection of posted notes is known as a Newsgroup. There are thousands of
newsgroups and it is also possible to form a new one. Many newsgroups are hosted on
Internet-connected servers but they can also be hosted from servers without the Internet.
Advantages of Newsgroups
 Newsgroups are similar in some ways to mailing lists, but they tend to have a
structure better than mailing lists, which makes it more likely that they will
be around for much longer than a mailing list.
 It is easy to find a newsgroup, and they sometimes have a moderator. A
moderator is one who makes sure that things stay on track and do not
disintegrate into something that is unpleasant socially.
 Most often than not, you will be able to find the FAQs (Frequently Asked
Questions) section on a newsgroup, which is always helpful for those who are
not sure about anything. These questions tend to be the ones that are asked
repeatedly and so negate the need for constantly answering the same
questions.
Disadvantages of Newsgroups
 A newsgroup is not as fast as an email or even a mailing list. Often there
might be a latency of at least a day, often longer, before a response is given.
 The information on the newsgroup is submitted by users who lack actual
knowledge about the domain on which they are posting the article, so you
need to be aware of this flaw, keep some alternatives ready for this and do a
bit of research first then only rely on it.
 A serious disadvantage to a newsgroup is that they can sometimes attract
people who you would not give the time of day to if you were to meet them in
person. This is especially worrying if children have access to newsgroups.

8. Explain briefly ITA 2000.

The Information Technology Act, 2000 also Known as an IT Act is an act proposed
by the Indian Parliament reported on 17th October 2000. This Information
Technology Act is based on the United Nations Model law
 CYBERCRIMES are punishable under two categories: the ITA 2000 and the
IPC
 207 cases under ITA 2000 in 2007
 339 cases recorded under IPC
The main objective of this act is to carry lawful and trustworthy electronic, digital
and online transactions and reduce cybercrimes. The IT Act has 13 chapters and 94
sections.
The IT Act, 2000 has two schedules:
 First Schedule –
Deals with documents to which the Act shall not apply.
 Second Schedule –
Deals with electronic signature or electronic authentication method.
The offences and the punishments in IT Act 2000 :
The offences and the punishments that falls under the IT Act, 2000 are as follows :-
1. Tampering with the computer source documents.
2. Directions of Controller to a subscriber to extend facilities to decrypt
information.
3. Publishing of information which is obscene in electronic form.
4. Penalty for breach of confidentiality and privacy.
5. Hacking for malicious purposes.
6. Penalty for publishing Digital Signature Certificate false in certain
particulars.
7. Penalty for misrepresentation.
8. Confiscation.
9. Power to investigate offences.
10.Protected System.
11.Penalties for confiscation not to interfere with other punishments.
12.Act to apply for offence or contravention committed outside India.
13.Publication for fraud purposes.
14.Power of Controller to give directions.
 This section of IT Act, 2000 states
that any act of destroying, altering or
stealing computer system/network or
deleting data with malicious
intentions without authorization
from owner of the computer is liable
for the payment to be made to owner
Section 43 as compensation for damages.

Hacking of a Computer System with

malicious intentions like fraud will be
punished with 3 years imprisonment
Section 66 or the fine of Rs.5,00,000 or both.

This section states publishing obscene

information or pornography or
transmission of obscene content in
public is liable for imprisonment up
to 5 years or fine of Rs. 10,00,000 or
Section 67 both.

9. Discuss Types of Cyber Attacks.

10. Explain briefly about Port Scanning.

Cyber-Attackers use various different methods to carry out the execution of Cyber-
Attacks on the computer network, depending on the ease through which the computer
network can be attacked on its vulnerability. Each type of Cyber-Attack is risky and
harmful in nature. Awareness about cyber crimes is very important for today’s young
generation to prevent cyber crimes from taking place and feel safe while using the
internet / cyber technology.
Here, we will discuss one such very harmful Cyber-Attack Port Scanning Attack.
Port Scan attack:
 A Port Scan attack is a dangerous type of Cyber-Attack revolving around
targeting open ports that are vulnerable to attack.
 A Port scan attack helps attackers to identify open points to enter into a cyber
network and attack the user.
 In this attack, Cyber-Attackers look for open ports in the network, which they
then aim to capture to send and receive information.
 Nmap, Netcat, and IP Scanning tools are used to scan ports for vulnerability
checks.
 The act of systematically scanning a computer's ports.
 Since a port is a place where information goes into and out of a computer, port
scanning identifies open doors to a computer.
 It is similar to a thief going through your neighborhood and checking every
door and window on each house to see which ones are open and which ones are
locked.
 There is no way to stop someone from port scanning your computer while you
are on the Internet because accessing an Internet server opens a port, which
opens a door to your computer.
  a port scan consists of sending a message to each port, one at a time. The kind
of response received indicates whether the port is used and can therefore be
probed for weakness.
 The result of a scan on a port is usually generalised into one of the following
categories:

1. Open or accepted
2. Closed or not listening
3. Filtered or blocked.

TYPES OF PORT SCANS :

 vanilla: the scanner attempts to connect to all 65,535 ports
 strobe: a more focused scan looking only for known services to exploit
 fragmented packets: the scanner sends packet fragments that get through
simple packet filters in a firewall
 UDP: the scanner looks for open UDP ports
 sweep: the scanner connects to the same port on more than one machine
 FTP bounce: the scanner goes through an FTP server in order to disguise the
source of the scan
 stealth scan: the scanner blocks the scanned computer from recording the port
scan activities.

Prevention:

The preventive ways for Port Scan attack are listed as follows :
 Secured Firewalls
 Strong Security Mechanisms

11. Discuss Classification of Social Engineering.

Social engineering is a manipulation technique that exploits human error to obtain private

information or valuable data. In cybercrime, the human hacking scams entice unsuspecting

users to disclose data, spread malware infections, or give them access to restricted systems.

Attacks can occur online, in-person, and by other interactions. Social engineering scams are

based on how people think and act.

Social engineering attackers have two goals:

1. Subversion: Interrupting or corrupting data due to loss or inconvenience.

2. Theft: Obtaining valuable items such as information, access

Classification of Social Engineering

1. Human-Based Social Engineering

needs interaction with humans; it means person-to-person contact and then
retrieving the desired information. People use human based social engineering
techniques in different ways;
the top popular methods are:
 Impersonating an employee or valid user
 Posing as an important user
 Using a third person
 Calling technical support
 Shoulder surfing
 Dumpster diving

Impersonation
 In this type of social-engineering attack, the hacker pretends to be an employee
or valid user on the system. A hacker can gain physical access by pretending to
be a janitor, employee, or contractor.
Posing as an important user
 In this type of attack, the hacker pretends to be a VIP or high-level manager
who has the authority to use computer systems or files.

Being a third party

 In this attack, the hacker pretends to have permission from an authorized
person to use the computer system. It works when the authorized person is
unavailable for some time.

Desktop support
 Calling tech support for assistance is a classic social-engineering technique.
 Help desk and technical support personnel are trained to help users, which
makes them good prey for social engineering attacks.

Shoulder surfing—
o Shoulder surfing is the technique of gathering passwords by watching over a
person’s shoulder while they log in to the system.

Dumpster diving
 Dumpster diving involves looking in the trash for information written on pieces
of paper or computer printouts.
 The hacker can often find passwords, filenames, or other pieces of confidential
information like SSN, PAN, Credit card ID numbers etc
2. Computer –Based Social Engineering
Computer-based social engineering uses computer software that attempts to
retrieve the desired information.
 Fake E-mails
  E-mail attachments
 Pop-up windows

Fake E-mails

 Phishing involves false emails, chats, or websites designed to impersonate real

systems with the goal of capturing sensitive data.

 A message might come from a bank or other well-known institution with the
need to “verify” your login information.

E-Mail attachments

Emails sent by scammers may have attachments that include malicious code inside the
attachment. Those attachments can include keyloggers to capture users’ passwords,
viruses, Trojans, or worms.

Pop-up windows

 Sometimes pop-up windows can also be used in social engineering attacks.

 Pop-up windows that advertise special offers may tempt users to

unintentionally install malicious software.
12. Explain briefly about Cloud Computing and its various types of Services.
Cloud Computing can be defined as the practice of using a network of remote
servers hosted on the Internet to store, manage, and process data, rather than a local
server or a personal computer. Companies offering such kinds of cloud
computing services are called cloud providers
Software as a Service(SaaS)

Software-as-a-Service (SaaS) is a way of delivering services and applications over

the Internet. Instead of installing and maintaining software, we simply access it via
the Internet, freeing ourselves from the complex software and hardware
management. It removes the need to install and run applications on our own
computers or in the data centers eliminating the expenses of hardware as well as
software maintenance.
SaaS provides a complete software solution that you purchase on a pay-as-you-
go basis from a cloud service provider.
Examples : Dropbox, Cisco Webex, PayPal

Advantages of SaaS
1. Cost-Effective: Pay only for what you use.
2. Reduced time: Users can run most SaaS apps directly from their web
browser without needing to download and install any software. This
reduces the time spent in installation and configuration and can reduce the
issues that can get in the way of the software deployment.
3. Accessibility: We can Access app data from anywhere.
4. Automatic updates: Rather than purchasing new software, customers rely
on a
5. Scalability: It allows the users to access the services and features on-demand.

Platform as a Service

PaaS is a category of cloud computing that provides a platform and environment to

allow developers to build applications and services over the internet. PaaS services
are hosted in the cloud and accessed by users simply via their web browser.
Examples : word press , Google App Engine

Advantages of PaaS:
1. Simple and convenient for users: It provides much of the infrastructure
and other IT services, which users can access anywhere via a web browser.
2. Cost-Effective: It charges for the services provided on a per-use basis thus
eliminating the expenses one may have for on-premises hardware and
software.
3. Efficiency: It allows for higher-level programming with reduced
complexity thus, the overall development of the application can be more
effective.
Infrastructure –as –a-service(IaaS):

the delivery of services like servers, storage, networks, operating systems on

request basis.

It totally depends upon the customer to choose its resources wisely and as per
need. Also, it provides billing management too.

It is like Amazon Web Services that provide virtual servers with unique IP addresses and blocks of
storage on demand.

Examples :

AWS

Microsoft Azure
Advantages of IaaS:
1. Cost-Effective: Eliminates capital expense and reduces ongoing cost and
IaaS customers pay on a per-user basis, typically by the hour, week, or
month.
2. Website hosting: Running websites using IaaS can be less expensive than
traditional web hosting.
3. Security: The IaaS Cloud Provider may provide better security than your
existing software.
4. Maintenance: There is no need to manage the underlying data center or
the introduction of new releases of the development or underlying
software. This is all handled by the IaaS Cloud Provider.