CYBER SECURITY

Module 2

CYBER-CRIME & CYBER LAW

Introduction:
• Cyber-crimes are the criminal activities carried out by cyber criminals through
cyberspace by using devices connected to the internet.
• Cyber-crimes are also called ‘computer crimes.

Classification of Cyber-crimes:
1. Cyber-crimes against individuals:
a. Cyberbullying & Online Harassment: receiving threats online (on emails, social
media, chat groups, etc.)
b. Cyberstalking: following an individual's activity over internet
c. Cyber defamation: spreading fake/false news about an individual on internet
d. Spamming: sending multiple copies of emails

2. Cyber-crime Against Property:

a. Intellectual Property crimes: unauthorized usage of copyrighted materials
(software piracy, trademark violation)
b. Data theft: stealing sensitive information from computers (aadhar, bank details)

3. Cyber-crime Against Organization:

a. Hacking: gaining unauthorized access via security breach
b. Denial Of Service (DoS): server is flooded with continuous bogus requests, so
that legitimate users cannot use the server
c. Virus attack: A computer virus spread & infect computer programs by
modifying them (virus, worms, logic bombs, trojan horse, etc)

4. Cyber-crime Against Society:

a. Cyber Terrorism: using computer resources to scare people & carry out
terrorism activities
b. Forgery: using high quality scanners and printers to forge currency notes,
revenue stamps, marks cards, documents, etc

5. Financial cyber-crimes:
a. Credit card fraud: unauthorized use of credit cards
b. Online banking fraud: unauthorized access to bank accounts & financial
transactions
c. Investment scams: offering fake financial investment opportunities

SHIVA KUMAR C, St. Philomena’s College 1

 CYBER SECURITY

Common cyber-crimes:
Cyber-crime targeting computers and mobiles:
These crimes encompass a wide range of illegal activities conducted using technology, often
with the goal of financial gain, data theft, or causing harm to individuals, organizations, or
governments.
• Malware Attacks: Malicious software (malware) is designed to infect computers and
mobile devices in order to steal data, damage systems or hold data hostage for a ransom.
• Data Breaches (Hacking): Cybercriminals steal sensitive information by gaining
unauthorized access to computer/mobile phone. These breaches can result in significant
financial losses and reputational damage.
• Identity Theft: Cybercriminals can steal personal information to commit fraud in
victims' names (creating fake accounts).
• Phishing: It involves tricking individuals into revealing sensitive information like
passwords, credit card numbers, or personal details by posing as a legitimate entity
through email, text messages, or fake websites.
• Denial Of Service (DoS): server is flooded with continuous bogus requests, so that
legitimate users cannot use the server.
• Protection/Security:
o Robust cybersecurity measures
o Regularly update software
o Use strong passwords
o Be cautious when clicking on links or downloading files
o Stay informed about the latest cyber threats and best practices

Cyber-crime against women and children:

It involves exploiting women & children by breaching their privacy in order to cause harm to
them. Cybercrimes against women and children are particularly concerning because they often
involve harassment, exploitation or abuse of vulnerable individuals.
• Cyberbullying & online harassment: Both women and children can be victims of
cyberbullying, which includes online harassment, threats, and intimidation.
Cybercriminals use social media, messaging apps, or other digital platforms to target
their victims.
• Cyberstalking: This involves persistent and unwanted online attention, often leading to
fear or emotional distress. Women and children can be targeted by cyber stalkers who
may threaten or harass them through digital means.
• Privacy Violations: Privacy breaches can occur when personal information or
photographs are shared without consent, affecting both women and children.
• Child Pornography: The distribution, possession, or creation of child pornography is
illegal and exploits children. Criminals often use the internet to share such material.
• Revenge Porn: Perpetrators may share explicit or intimate images or videos of women
without their consent, often as an act of revenge.

SHIVA KUMAR C, St. Philomena’s College 2

 CYBER SECURITY

• Protection/Security:
o Be aware of laws and initiatives implemented by the Government
o Raise awareness
o Provide support to victims
o Prosecute offenders.

Financial frauds:
Financial frauds aim to steal money or financial information. Financial frauds can have
devastating consequences for individuals and the economy as a whole.
• Bank Frauds: They encompass various fraudulent activities including loan frauds,
cheque frauds, forged documents and unauthorized transactions. These frauds result in
substantial financial losses for banks and individuals.
• Credit card fraud: Criminals steal your credit card information or your physical card,
trick you into entering credit card information on a phishing website or email. Hackers
can also create a clone of your physical card using just your credit card numbers.
Hackers can also create a clone of your physical card.
• Stock Market Manipulation: Fraudsters manipulate stock prices, deceiving investors
and causing significant financial losses. It includes activities like price rigging,
spreading false information, insider trading and pump-and-dump schemes.
• Ponzi Schemes: They lure investors with fake promises of unusually high returns in a
short period of time. The fraudsters use funds from new investors to pay off earlier
investors, creating a false illusion of profitability.
• Fraudulent charities: Scammers use philanthropy as fraud. The scammer creates a fake
charity and collect “donations” that disappear along with him.
• Protection/Security:
o Protect your personal information
o Monitor financial activities
o Use strong passwords and enable two-factor authentication
o Stay informed about scams
o Keep your devices secure
o Be cautious with public Wi-Fi
o Verify before sharing information

Social Engineering Attacks:

It is the “technique to influence” & “persuasion to deceive” people to obtain the information.
It exploits the fact that people are the weak link in security.
Social engineers build the trust with the victim to gain unauthorized information/access. Their
goal is to fool someone into providing valuable information.
• Human based Social Engineering: Person to person interaction to obtain the
unauthorized information. Examples:

SHIVA KUMAR C, St. Philomena’s College 3

 CYBER SECURITY

o Impersonating an employee/valid user to take the advantage from the people

who are helpful.
o Posing as important user (CEO/Manager) who intimidates lower-level
employee in order to gain access to the system.
o Using a third person (an authorized source/person who cannot be contacted
for verification) & pretending to have permission to use a system.
o Calling help desk or tech support personnel to obtain the information since
they are trained to help users.
o Shoulder surfing, gathering information (usernames, passwords, etc) by
watching over a person’s shoulder while he/she logs into the system.
• Computer based Social Engineering: Attempts made to obtain the unauthorized
information by using computer/software/internet. Examples:
o Sending fake emails (pretending as a legitimate email) to a number of users
in order to make them reveal their sensitive information.
o Sending malicious email attachments to victim’s system which will be
automatically executed if the victim opens the attachment.
o Encouraging the victim to click on Pop-up windows (special offers or free
stuffs) so that the malicious code can be installed to the system.
• Effects of Social Engineering:
o Loss/altering of medical & healthcare information, corporate financial data,
electronic funds transfers, etc.
o Loss of customers
o Loss of funds
o Loss of trust
o Collapse of the organization
• Protection/Security:
o Providing training/awareness to the potential victims about the attacks
o Creating awareness on how attackers gain the trust of the victims
o Strict policies about service desk staff, not to ask/reveal sensitive information
o Educate potential victims to recognize social engineering attempt

Malware Attacks:
It includes the designing of malicious software to cause harm/damage to a computer, server,
client or computer network and/or infrastructure without end-user knowledge.
Cyber attackers create, use and sell malwares for many different reasons, but it is most
frequently used to steal personal, financial or business information.
Types of Malwares:
• Viruses: A virus infects a computer. It may corrupt files, destroy operating systems,
delete or move files, or deliver a payload at a specific date.
• Worms: A worm is a self-replicating malware, but instead of affecting local files, a
worm spreads to other systems and exhausts resources.
• Trojans/Trojan Horse: A Trojan is named after the Greek war strategy of using a Trojan
horse to enter the city of Troy. The malware masquerades as a harmless program, but it

SHIVA KUMAR C, St. Philomena’s College 4

 CYBER SECURITY

runs in the background stealing data, allowing remote control of the system, or waiting
for a command from an attacker to deliver the attack.
• Adware: Display ads (sometimes malicious ads) to the users as they work on their
computers or browse the web.
• Bots: Infected computers can become a part of a botnet used to launch a distributed
denial-of-service by sending extensive traffic to a specific host.
Protection/Security:
o Keep your operating system and applications updated
o Avoid clicking on popup, unknown links, etc
o Run a scan using the security software you have installed on your device regularly
o Beware of emails/phone calls requesting for personal information

Ransomware Attack:
A ransomware attack is a malware that encrypts personal information and documents while
demanding a ransom amount to decrypt them.
Once the files are encrypted or locked behind a password, a text file is available to the victim,
explaining how to make the ransom payment and unlock the files for it.
Types of Ransomwares:
• Locker ransomware: It is a type of malware that blocks standard computer functions
from being accessed until the ransom amount is paid to the attackers. It shows a lock
screen that doesn't allow the victim to use the computer.
• Crypto ransomware: This ransomware encrypts the local files and documents on the
computers. Once the files are encrypted, finding the decryption key is impossible unless
the ransomware variant is old and the keys are already available on the internet.
• Scareware: It is a fake software that claims to have detected a virus or other issue on
your computer and directs you to pay to resolve the problem. Some scareware locks the
computer, while others flood the screen with pop-up alerts without damaging files.
Protection/Security:
o Back up your data at regular intervals
o Keep the system updated with latest operating system & antivirus software
o Keep yourself updated with the website 'nomoreransom.org' which has a
collection of decryption tools for most well-known ransomware packages

Zero-day attack:
• A zero-day attack takes place when hackers exploit the weakness in the security system
before developers have a chance to address it.
• Zero-day attackers can steal data, corrupt files, take control of devices, install malware
or spyware, and more.

SHIVA KUMAR C, St. Philomena’s College 5

 CYBER SECURITY

• The term "zero-day" refers to the fact that the vendor or developer has only just learned
of the flaw – which means they have “zero days” to fix it.
• Common targets:
o Government departments
o Large enterprises
o Individuals with access to valuable business data, such as intellectual property
o Hardware devices, firmware and Internet of Things (IoT).
• Protection/Security:
o Keep the system updated with latest operating system & software
o Use only essential applications
o Always use a firewall

Zero click attack:

• Zero-click attacks require no action from the victim & hence even the most advanced
users can fall prey for these types of attacks. They are also called interaction-less or
fully remote attacks.
• With a zero-click attack, the software can be installed on a device without the victim
clicking on any link. As a result, zero-click malware or no-click malware is much more
dangerous.
• The target of a zero-click attack can be anything from a smartphone to a desktop
computer and even an IoT device
• Protection/Security:
o Keep your operating system, firmware, and apps on all your devices up to date
o Only download apps from official stores
o Delete any apps you no longer use
o Use your device password protection
o Use strong authentication to access accounts, especially critical networks
o Use strong passwords

Reporting of cyber-crimes:
• Contact Your Local Law Enforcement: Report it to your local police department or law
enforcement agency. They can investigate the incident and take appropriate action.
• Report to a National Cybersecurity Agency: In our country, there are dedicated agencies
responsible for handling cybercrimes. Ex: Computer Emergency Response Team-India
(CERT-In), National Cyber Security Coordinator (NCSC), National Investigation
Agency (NIA), etc.
• Report to the Appropriate Online Platforms: Report the incident to the platform on
which cybercrime occurred. They may have mechanisms to address various online
crimes and can take action against the responsible parties.
• Report to Anti-Fraud Organizations: There are organizations like the Anti-Phishing
Working Group (APWG) and the Anti-Malware Testing Standards Organization
(AMTSO) that collect information about cyber threats and work with law enforcement.
Reporting incidents to these organizations can help in identifying trends and patterns.

SHIVA KUMAR C, St. Philomena’s College 6

 CYBER SECURITY

• Report to Financial Institutions: Contact your bank or financial institution immediately

in case of financial fraud. They can help you secure your accounts.
• Report to Internet Service Providers (ISPs): If you have evidence against cybercrimes
involving an IP address, contact the relevant Internet Service Provider (ISP). They may
take action against the offender or provide assistance to law enforcement.
• Document the Incident: Make sure to document all evidence related to the cybercrime,
including emails, messages, screenshots, IP addresses, and any other relevant
information. This documentation can be crucial for investigations.
• Use Online Reporting Portals: Many countries and regions have online reporting portals
where you can report cybercrimes. These portals may be managed by government
agencies or law enforcement.
• Consider Legal Advice: In some cases, it may be necessary to seek legal advice or
consult with a cybersecurity expert to understand the best course of action and to help
with the investigation.
• Protect Yourself: While reporting the cybercrime, take steps to secure your online
presence, change passwords, update security settings, and install or update security
software to prevent further incidents.

Modus Operandi of Cyber Criminals:

Modus operandi is the method acquired by any criminal for committing a crime successfully.
Common forms of modus operandi:
• Sending Annoying Messages
o Annoying, Insulting, Misleading, Defaming messages are often sent using mobile
phones in bulk.
o Such messages could result in misperception among people resulting in fights/riots.
o Innocent people often fall in traps of cyber criminals for SMS of lottery, Emails of
prize money & false promise for jobs.
o Sending Multimedia messages to defame the identity of a person.
o Pornography and cyber bullying.
o Obscene videos are often captured in remote places without the knowledge of the
victim for future exploitation.

• Making Offensive calls

o Offenders can also harass others by making offensive calls to them.
o Anonymous calls are used by the criminals as an effective tool in making extortion
or threatening call. Stalkers use this method to exploit victims.
o Landlines having no Caller Ids are also a threat as the victims do not get to know
the identity of cyber stalkers & cyber bullies.
o Calls made by spoofing the mobile number can hide the actual location of the caller
are used for terrorism, demanding ransom or blackmailing purposes.
o Cyber Criminals operating from overseas and indulged in forgery are hard to trace
without the co-operation of international agencies.

SHIVA KUMAR C, St. Philomena’s College 7

 CYBER SECURITY

Remedial and mitigation measures

• Remedial Measures:
o Incident Response: To quickly identify, contain, and mitigate the impact of the attack,
which includes isolating affected systems, restoring backups, and applying patches or
security updates.
o Forensic Investigation: Engaging professional forensic investigators to identify the
source and extent of the cybercrime & gather evidence.
o Data Recovery: Victims should have backups in place to restore affected systems and
minimize data loss.

• Mitigation measures:
o Strong Security Practices: Implement robust security measures, such as firewalls,
antivirus software, etc. to protect against cyber threats.
o Regular Updates and Patching: Keeping the software, operating systems and firmware
up to date with the latest security patches.
o Employee Education: Create awareness and providing training programs to
employees to educate them about common cyber threats and safe practices.
o Multi-factor Authentication (MFA): Implementing MFA adds an extra layer of
security, making it harder for cyber criminals to gain unauthorized access.
o Data Encryption: Encrypting sensitive data (both in transit and at rest) to ensure the
data remains unreadable and unusable even if it is intercepted/stolen.

Legal perspective of cybercrime:

• Information Technology Act, 2000: In India, cybercrime is primarily governed by the
Information Technology Act, 2000 (IT Act), which was established to address various
cyber offenses & provide a legal framework.
• Cyber Crimes: The IT Act defines penalties & punishment for several cyber offenses,
such as unauthorized access to computer systems, data theft, identity theft, hacking,
cyberstalking, cyberbullying, phishing, spreading of malicious software, and more.
• Penalties and Punishments: The IT Act prescribes penalties and punishments
(imprisonment, fines, or both) depending on the severity of the offense.
• Cyber Crime Investigation Cells: India has established cybercrime investigation cells
at both national and state levels, such as the Cyber Crime Investigation Cell (CCIC)
and Cyber Crime Police Stations.
• Reporting Cyber Crimes: Cybercrimes can be reported to the local police station, the
nearest cybercrime investigation cell or through online on Cyber Crime Reporting
Portal (www.cybercrime.gov.in).
• Digital Evidence: The IT Act recognizes electronic records such as emails, chat logs, or
computer forensic reports as digital evidence in court proceedings.
• International Cooperation: India has signed agreements and treaties with several
countries to facilitate cooperation in investigating cyber criminals across borders.
• Amendments and Updates: The IT Act has undergone amendments over the years to
address emerging cyber threats and strengthen cybercrime provisions.

SHIVA KUMAR C, St. Philomena’s College 8

 CYBER SECURITY

Sections under the Indian Penal Code (IPC):

• Section 292 deals with punishment for the sale of obscene materials either in the form
of a book, paper, drawing, writing, pamphlet, painting, etc., or sexually explicit acts
harming the surroundings.
• Section 354C deals with punishment for the offence of voyeurism, where an individual
watches or captures, or publicizes the image of a woman engaged in a private Act
without her consent.
• Section 354D deals with punishment for stalking both physical and cyberstalking.
• Section 379 deals with punishment for theft either electronically or physically.
• Section 411 deals with punishment for receiving any stolen property (computer, mobile
phone or data).
• Section 419 deals with punishment for fraud such as email phishing or password theft
for impersonating and collecting data for personal benefit.
• Section 420 deals with punishment for fraud cases especially ‘cheating and
dishonestly inducing delivery of property’.
• Section 465 deals with the punishment for forgery, email spoofing, preparation of
false documents, etc.
• Section 468 deals with the forgery of documents or electronic records for committing
other serious crimes such as cheating.
• Section 469 deals with punishment for forgery for the purpose of harming reputation.
• Section 500 deals with punishment for defaming a person which includes sending
abusive messages or defamatory content via email or any other electronic.
• Section 504 deals with punishment for insults, trying to provoke, or threatening
another person with the motive of affecting their peace via any electronic form of
communication.
• Section 506 deals with the ‘punishment for criminal intimidation’ when an individual
tries to intimidate another individual either physically or through electronic means.
• Section 509 deals with punishment for insulting the modesty of any woman, uttering
any word, making any sound or gesture, or exhibiting any object to woman, or
intrudes upon the privacy of such woman.
Sections under the Information Technology Act (IT Act):
• Section 43 (a-h) covers 8 punishable instances for the offender who accesses the
resources without the permission of the owner or any other person who is in charge of
a computer, computer system or computer network.
• Section 65 deals with punishment for tampering with computer source documents if
the attacker knowingly or intentionally conceals, destroys or alters any computer
source code used for a computer, computer programme, computer system/network.
• Section 66 (a-f) deals with punishments for computer-related offences such as
sending offensive messages, receiving stolen computer resources, identity theft,
cheating by impersonation, violation of privacy, and cyber-terrorism.
• Section 67 (a & b) deals with the punishments related to the publishing or transmitting
of obscene material containing sexually explicit act, etc., in an electronic format.

The punishments for all the offenses in the above-mentioned sections are imprisonment up to
five years, or fine up to five lakh rupees, or both.

SHIVA KUMAR C, St. Philomena’s College 9

 CYBER SECURITY

Cybercrime and offences

• Hacking: Unauthorized access to computer systems, networks, or devices to
manipulate, steal data, or disrupt operations.
• Identity Theft: Stealing personal information (such as Social Security numbers, credit
card details) to impersonate someone else, commit fraud, or gain access to financial
resources.
• Phishing and Spoofing: Sending deceptive emails or creating fake websites to trick
individuals into revealing sensitive information (passwords, financial data) or
downloading malware.
• Cyberbullying: Harassment, threats, or intimidation using digital platforms, often
directed at individuals, which can have serious emotional and psychological effects.
• Online Fraud: Illegitimate schemes to deceive individuals or entities for financial gain,
including investment scams, online shopping fraud, and auction fraud.
• Distributed Denial of Service (DDoS) Attacks: Overloading servers or networks with
excessive traffic to disrupt access, making websites or services unavailable to users.
• Cyber Espionage: Unauthorized access to confidential information or intellectual
property of governments, organizations, or individuals, often carried out by other
governments or corporate entities.
• Child Exploitation and Pornography: Using digital means to produce, distribute, or
possess child pornography or engage in illegal activities involving minors.
• Ransomware Attacks: Malicious software that encrypts files or systems, demanding
payment (usually in cryptocurrency) for decryption or to avoid data exposure.
• Cyberstalking: Persistent harassment or monitoring of an individual online, causing
fear or emotional distress.

Organizations dealing with Cybercrime and Cyber security in India:

• National Cyber Security Coordinator (NCSC): The NCSC operates under the Prime
Minister's Office and is responsible for coordinating all cybersecurity initiatives in the
country.
• Computer Emergency Response Team-India (CERT-In): CERT-In is the national nodal
agency under the Ministry of Electronics and Information Technology that deals with
cybersecurity incidents, response, and related issues.
• National Critical Information Infrastructure Protection Centre (NCIIPC): NCIIPC is
responsible for protecting critical information infrastructure in the country and
formulating policies and guidelines for securing these assets.
• National Investigation Agency (NIA): NIA deals with investigating and prosecuting
offenses affecting the sovereignty, security, and integrity of India, including
cybercrimes with national implications.
• State Police Cyber Cells: Many states have established specialized cyber cells within
their police departments to investigate and handle cybercrimes at the state level.

Case studies:
Home work.

SHIVA KUMAR C, St. Philomena’s College 10