CCS340-CYBER SECURITY

Syllabus
UNIT I - INTRODUCTION
Cyber Security – History of Internet – Impact of Internet – CIA Triad; Reason for Cyber Crime –
Need for Cyber Security – History of Cyber Crime; Cybercriminals – Classification of Cybercrimes –
A Global Perspective on Cyber Crimes; Cyber Laws – The Indian IT Act – Cybercrime and
Punishment.
COURSE OBJECTIVES:
To learn cybercrime and cyberlaw
COURSE OUTCOMES:
CO1: Explain the basics of cyber security, cyber crime and cyber law (K2)
TextBook
1. Anand Shinde, “Introduction to Cyber Security Guide to the World of Cyber Security”, Notion
Press, 2021 (Unit 1)
2. Nina Godbole, Sunit Belapure, “Cyber Security: Understanding Cyber Crimes, Computer Forensics
and Legal Perspectives”, Wiley Publishers, 2011 (Unit 1)

1.1.What is Cyber Security?

The technique of protecting internet-connected systems such as computers, servers, mobile devices,
electronic systems, networks, and data from malicious attacks is known as cybersecurity.
Cybersecurity refers to the practice of protecting computer systems, networks, and data from
digital attacks.
We can divide cybersecurity into two parts one is cyber, and the other is security.

Cyber refers to the technology that includes systems, networks, programs, and data. And security is
concerned with the protection of systems, networks, applications, and information.

In some cases, it is also called electronic information security or information technology security.
Advantages
1.Protection of your business
2.Increased productivity
3.Insures Customer Confidence
4.Stops your website crashing
5.Protection of customers or client network.
Types of Cyber Security
Every organization's assets are the combinations of a variety of different systems. These systems have
a strong cybersecurity posture that requires coordinated efforts across all of its systems. Therefore, we
can categorize cybersecurity in the following sub-domains:

1. Network Security: It involves implementing the hardware and software to

secure a computer network from unauthorized access, intruders, attacks,
disruption, and misuse. This security helps an organization to protect its assets
against external and internal threats.
2. Application Security: It involves protecting the software and devices from
unwanted threats. This protection can be done by constantly updating the apps
to ensure they are secure from attacks. Successful security begins in the design
stage, writing source code, validation, threat modeling, etc., before a program
or device is deployed.
3. Information or Data Security: It involves implementing a strong data storage

UNIT 1 CYBER SECURITY Page 1

 mechanism to maintain the integrity and privacy of data, both in storage and
in transit.
4. Identity management: It deals with the procedure for determining the
level of access that each individual has within an organization.
5. Operational Security: It involves processing and making decisions on
handling and securing data assets.
6. Mobile Security: It involves securing the organizational and personal data
stored on mobile devices such as cell phones, computers, tablets, and other
similar devices against various malicious threats. These threats are
unauthorized access, device loss or theft, malware, etc.
7. Cloud Security: It involves in protecting the information stored in the digital
environment or cloud architectures for the organization. It uses various cloud
service providers such as AWS, Azure, Google, etc., to ensure security against
multiple threats.
8. Disaster Recovery and Business Continuity Planning: It deals with the
processes, monitoring, alerts, and plans to how an organization responds
when any malicious activity is causing the loss of operations or data. Its
policies dictate resuming the lost operations after any disaster happens to the
same operating capacity as before the event.
9. User Education: It deals with the processes, monitoring, alerts, and plans
to how an organization responds when any malicious activity is causing the
loss of operations or data. Its policies dictate resuming the lost operations
after any disaster happens to the same operating capacity as before the
event.
History of Cybersecurity
In the 1970’s, Robert Thomas, a researcher for BBN Technologies in Cambridge, Massachusetts,
created the first computer “worm”. It was called The Creeper. The Creeper, infected computers by
hopping from system to system with the message “I’M THE CREEPER: CATCH ME IF YOU CAN.”
Ray Tomlinson, the inventor of email, created a replicating program called The Reaper, the first
antivirus software, which would chase Creeper and delete it.
• Late in 1988, a man named Robert Morris had an idea: he wanted to test the size of the internet. To
do this, he wrote a program that went through networks, invaded Unix terminals, and copied itself.
The Morris worm was so aggressive that it slowed down computers to the point of being unusable. He
subsequently became the first person to be convicted under Computer Fraud and Abuse Act.
• From that point forward, viruses became deadlier, more invasive, and hard

1.2 History of the Internet

The Internet is a global network of interconnected computers that enables the exchange of
information and communication through standardized protocols like TCP/IP.

It facilitates access to a vast array of resources, services, and applications, including the World
Wide Web, email, and social media.

 1960s: The internet started as a medium for sharing information among government

UNIT 1 CYBER SECURITY Page 2

researchers. Computers were large and immovable, requiring physical travel or the use of
magnetic tapes for accessing information.

 Cold War Influence: The Soviet Union’s Sputnik satellite launch led to the U.S. Defense
Department's interest in resilient communication, leading to the development of ARPANET
(Advanced Research Projects Agency Network), which eventually evolved into the Internet.

Early Foundations (1960s)

The concept of interconnected networks was first explored in the 1960s.

Researchers aimed to create a communication system that could withstand disruptions,
especially in the context of the Cold War.

1.Packet Switching:
Packet switching, the basis of data transmission on the Internet, was independently developed
by Paul Baran and Donald Davies in the mid-1960s.

2.ARPANET (Advanced Research Projects Agency (ARPA)-1969):

Funded by the U.S. Department of Defense, ARPANET was the first operational network
using packet switching.

The first message was sent between UCLA and Stanford in October 1969.

Development of Protocols (1970s)

The 1970s saw the creation of foundational technologies and protocols.

1. Email (1971):

Ray Tomlinson introduced email, revolutionizing digital communication.

2. TCP/IP Protocols (1974):

Vint Cerf and Bob Kahn developed the Transmission Control Protocol/Internet
Protocol (TCP/IP), enabling computers to communicate reliably.

3. First International Connections (1973):

ARPANET connected with the United Kingdom and Norway, becoming a

global network.

Expansion and Standardization (1980s)

During the 1980s, the Internet began expanding beyond research institutions.
1. Domain Name System (DNS) (1983):

The DNS was introduced to simplify addressing, replacing numerical IP

addresses with domain names (e.g., .com, .org).

2. Transition to TCP/IP (1983):

UNIT 1 CYBER SECURITY Page 3

 ARPANET adopted TCP/IP as the standard, marking the modern Internet's
official birth.

3. Emergence of Commercial Use:

Networks like BITNET and CSNET connected universities and commercial

enterprises.

The World Wide Web Era (1990s)

The Internet became accessible to the general public, thanks to key innovations.
1. World Wide Web (1991):

Tim Berners-Lee introduced the WWW, combining HTML, HTTP, and URLs
to create an accessible platform.

2. First Web Browser (1993):

Mosaic, the first user-friendly web browser, allowed users to access websites
with text and images.

3. Commercialization:

The Internet was opened to commercial use, leading to the rise of e-commerce
and online businesses.

Modern Internet (2000s–Present)

The Internet transformed into an indispensable tool for communication, commerce, and
entertainment.
1. Social Media (2004):

Platforms like Facebook, Twitter, and YouTube reshaped how people connect
and share content.

2. Mobile Internet (2007):

The launch of smartphones, particularly the iPhone, made the Internet

accessible anytime, anywhere.

3. Cloud Computing (2010s):

Cloud services like AWS, Google Cloud, and Microsoft Azure enabled
businesses to scale operations globally.

4. Emergence of IoT (2010s):

The Internet of Things connected devices, revolutionizing industries like

healthcare and manufacturing.

UNIT 1 CYBER SECURITY Page 4

Year Event
1969 ARPANET established, first message sent.
1971 Email developed by Ray Tomlinson.
1973 First international connections on ARPANET.
1983 TCP/IP protocol adopted, DNS introduced.
1991 Tim Berners-Lee introduced the World Wide Web.
1993 Mosaic, the first graphical web browser, launched.
1998 Google founded, revolutionizing web search.
2004 Facebook launched, marking the rise of social media.
2007 iPhone launched, sparking the mobile Internet era.
2010s Cloud computing and IoT gain prominence.
2020s Widespread adoption of AI, 5G, and blockchain.

What is DNS (Domain Name System)?

1. DNS acts as the internet’s "phone book," converting IP addresses into simple,
memorable domain names.
2. Developed in 1983 by Paul Mockapetris and Jon Postel at the University of Southern
California.

What is TCP/IP (Transmission Control Protocol/Internet Protocol)?

3. TCP/IP is a set of protocols that governs how data is transmitted over the internet.
4. 1974: Invented by Bob Kahn and Vint Cerf, this technology allows computers to send
data packets in digital envelopes (called "Datagrams") to communicate across
networks.
5. IP (Internet Protocol): Works with TCP to route internet data and assigns a unique
IP address to each connected device, enabling the identification and location of
devices on the internet.

1.3 Impact of Internet

Positive Impacts:
1. Enhanced Communication: The internet facilitates seamless communication
across geographical boundaries, connecting people worldwide through email,
social media, video conferencing, and instant messaging.
2. Access to Information: A vast repository of knowledge is readily available
online, providing access to research papers, news articles, educational
resources, and diverse perspectives.
3. E-commerce and Business: Online platforms have transformed the way
businesses operate, enabling e-commerce, remote work, digital marketing, and
global trade.

UNIT 1 CYBER SECURITY Page 5

 4. Education and Research: The internet empowers students and researchers
with access to online courses, libraries, databases, and collaborative tools.
5. Social and Cultural Exchange: It fosters connections between people with
shared interests, promotes cultural understanding, and provides a platform for
diverse voices to be heard.
6. Innovation and Technological Advancements: The internet has driven
innovation in various fields, from artificial intelligence and biotechnology to
renewable energy and space exploration.
Negative Impacts:
1. Misinformation and "Fake News": The ease of information sharing online
can contribute to the spread of misinformation, rumors, and propaganda.
2. Cybersecurity Threats: Online activities are vulnerable to cyberattacks,
including hacking, phishing, and data breaches, posing risks to personal and
financial security.
3. Privacy Concerns: The collection and use of personal data online raise
concerns about privacy and surveillance.
4. Addiction and Mental Health: Excessive internet use can lead to addiction,
social isolation, and negative impacts on mental health.
5. Digital Divide: Unequal access to the internet and digital literacy can
exacerbate existing inequalities.
6. Cyberbullying and Online Harassment: The anonymity of the internet can
facilitate cyberbullying, harassment, and online hate speech.

1.4 CIA Triad

When talking about network security, the CIA triad is one of the most important models which is
designed to guide policies for information security within an organization.
CIA stands for :
1. Confidentiality
2. Integrity
3. Availability

These are the objectives that should be kept in mind while securing a network.
Confidentiality[Not Allowing Unauthorized access]
1. Confidentiality means that only authorized individuals/systems can view sensitive or classified
information.
2. The data is being sent over the network should not be accessed by unauthorized individuals.
3. The attacker may try to capture the data using different tools available on the Internet and gain
access to your information.

UNIT 1 CYBER SECURITY Page 6

 4. A primary way to avoid this is to use encryption techniques to safeguard your data so that
even if the attacker gains access to your data, he/she will not be able to decrypt it.
5. Encryption standards include AES(Advanced Encryption Standard) and DES (Data Encryption
Standard). Another way to protect your data is through a VPN tunnel.
VPN stands for Virtual Private Network and helps the data to move securely over the network.

Example: Military secrets

Standard Measures to establish confidentiality

1. Data Encryption
2. Two factor authentication
3. Biometric Verification
4. Security tokens
Integrity[Truthfulness and Completeness of the data-Exact Data-Correct Data to right Person]
1. To make sure that data has not been modified.
2. Corruption of data is a failure to maintain data integrity.
3. To check if our data has been modified or not, we make use of a hash function.
4. We have two common types: SHA (Secure Hash Algorithm) and MD5(Message Direct 5).
5. Now MD5 is a 128-bit hash and SHA is a 160-bit hash if we’re using SHA-1.
6. There are also other SHA methods that we could use like SHA-0, SHA-2, and SHA-3.
7. Let’s assume Host ‘A’ wants to send data to Host ‘B’ to maintain integrity.
8. A hash function will run over the data and produce an arbitrary hash value H1 which is then
attached to the data.
9. When Host ‘B’ receives the packet, it runs the same hash function over the data which gives a hash
value of H2.
10. Now, if H1 = H2, this means that the data’s integrity has been maintained and the contents were

UNIT 1 CYBER SECURITY Page 7

not modified.
Example
Protecting the data from unauthorized access.
Zombie ComputerTaking the access of other computer’s control and spreading the virus.
Availability
This means that the network should be readily available to its users. This applies to systems and to
data.
To ensure availability, the network administrator should maintain hardware, make regular upgrades,
have a plan for fail-over, and prevent bottlenecks in a network.
Attacks such as DoS or DDoS may render a network unavailable as the resources of the network
get exhausted.
The impact may be significant to the companies and users who rely on the network as a business
tool. Thus, proper measures should be taken to prevent such attacks.

Threats to CIA is (Cybercrime)

1.5 Cybercrime and Reasons for Cybercrime

Definition
Cybercrime involves illegal activities committed using computers or the internet. It can include
hacking, data theft, fraud, and spreading malware.

UNIT 1 CYBER SECURITY Page 8

 CyberCrime
1. Any criminal activity that involves a computer ,network device or a network.
2. Most cybercrimes are carried out in order to generate profit for the cybercriminals.

1.6 Reasons for Cybercrime

1. Cybercrime targets rich people or rich organizations like casinos, banks, and financial firms where
a tremendous amount of money comes daily and hackers can easily hack sensitive information.

UNIT 1 CYBER SECURITY Page 9

2. It is an easy way to make big money. Catching these criminals is difficult.
3. The number of cybercrimes across the globe is increasing on a daily basis.
4. Various laws are required to safeguard the use of computers against various vulnerabilities.
Following are the various reasons listed for the vulnerability of computers:
5. Capacity to store data in comparatively small space-one unique characteristic of a computer is
that it can store your data in a considerable small space. This makes it easy for the criminal to steal
our data from the system and they use it for their own profit.
6. Negligence- This is a characteristic of human conduct. While protecting the computer system we
can make any negligence which makes it easy for the criminal to have access and control over your
computer system.
7. Easy to access- Due to the complex technology used, it is difficult to protect a computer system
from unauthorized access. Hackers can steal information that can fool biometric systems easily and
bypass firewalls need to be used to get past many security systems.
8. Loss of evidence- The data with the crime can be destroyed easily. So while investigating a
cybercrime, loss of evidence is a very common issue.
1.7 Importance of Cybersecurity (need of cybersecurity)
1.Protecting Sensitive Data:
With the increase in digitalization, data is becoming more and more valuable. Cybersecurity helps
protect sensitive data such as personal information, financial data, and intellectual property from
unauthorized access and theft.
2.Prevention of Cyber Attacks:
Cyber attacks, such as Malware infections, Ransomware, Phishing, and Distributed Denial of Service
(DDoS) attacks, can cause significant disruptions to businesses and individuals.
Effective cybersecurity measures help prevent these attacks, reducing the risk of data breaches, financial
losses and operational disruptions.

3.Safeguarding Critical Infrastructure

Critical infrastructure, including power grids, transportation systems, healthcare systems, and
communication networks, heavily relies on interconnected computer systems.
Protecting these systems from cyber threats is crucial to ensure the smooth functioning of essential services and
prevent potential disruptions that could impact public safety and national security.

4.Maintaining Business Continuity

Cyber attacks can cause significant disruption to businesses, resulting in lost revenue, damage to
reputation, and in some cases, even shutting down the business. Cybersecurity helps ensure business
continuity by preventing or minimizing the impact of cyber attacks.
5.Compliance with Regulations

UNIT 1 CYBER SECURITY Page 10

Many industries are subject to strict regulations that require organizations to protect sensitive data.
Failure to comply with these regulations can result in significant fines and legal action.
Cybersecurity helps ensure compliance with regulations such as HIPAA, GDPR, and PCI DSS.
6.Protecting National Security
Cyber attacks can be used to compromise national security by targeting critical infrastructure, government
systems, and military installations. Cybersecurity is critical for protecting national security and preventing cyber
warfare.
7.Preserving Privacy
In an era where personal information is increasingly collected, stored, and shared digitally, cybersecurity is
crucial for preserving privacy. Protecting personal data from unauthorized access, surveillance, and misuse helps
maintain individuals’ privacy rights and fosters trust in digital services.

1.8 History of Cyber Crime

Early Developments:
1834: The first recorded cybercrime occurred in France when thieves infiltrated(gain access) the
French telegraph system to steal financial market information.

1949: John von Neumann, a computer pioneer, theorized about self-replicating computer
programs, laying the groundwork for the concept of computer viruses.

1960s-1970s: Early forms of hacking emerged, often motivated by curiosity and a desire to explore
and understand computer systems.

1962: Allen Scherr launched a cyber attack against MIT computer networks, stealing passwords.

1971: The Creeper virus, a self-replicating program, was created, demonstrating the potential for
malicious software to spread.
The Rise of the Internet:
1980s-1990sThe widespread adoption of the internet significantly expanded the scope and impact of
cybercrime.
1988:The Morris worm, a self-replicating program, caused widespread disruption(disturbance) to
the internet, highlighting the vulnerability of interconnected systems.

1990s: The emergence of the World Wide Web and email led to new forms of cybercrime, including
phishing scams(fraudulent communication), spam(irrelevant), and malware attacks.

The Modern Era:

2000s-Present: Cybercrime has evolved into a sophisticated and lucrative(profitable) industry, with
organized criminal groups and nation-state actors playing a significant role.

Rise of botnets(Botnet -collection of computers linked together to perform a specific task): Large
networks of compromised computers are used to launch distributed denial-of-service (DDoS) attacks
and spam campaigns.
Data breaches(unauthorized parties access sensitive or confidential information, including personal
data): Large-scale data breaches have become increasingly common, exposing sensitive personal and
financial information.

Ransomware attacks: Malicious software encrypts victims' data and demands a ransom for its
release.

Cyber espionage(spying): Nation-state actors engage in cyber espionage(spying) to steal intellectual

property and sensitive government information.

The Internet of Things (IoT): The increasing connectivity of devices creates new vulnerabilities and
attack surfaces.

UNIT 1 CYBER SECURITY Page 11

TimeLine

1834: First recorded cybercrime in France.

1949:John von Neumann theorizes about self-replicating computer programs.

1962: Allen Scherr launches a cyber attack against MIT.

1971: The Creeper virus is created.

1988:The Morris worm causes widespread internet disruption.

1990s: Emergence of the World Wide Web and email, leading to new forms of cybercrime.

2000s-Present: Rise of botnets, data breaches, ransomware, cyber espionage, and IoT-related threats.

1.9 Cybercriminals
Definition
Cybercrime involves such activities as child pornography(sexually explicit material like
images ,videos or text),credit card fraud, cyberstalking(harassment) ,defaming another
online, gaining unauthorized access to computer systems ,ignoring copyright, software
licensing and trade mark protection, overriding encryption to make illegal copies, software
piracy and stealing another’s identity to perform criminal acts.
Type I:Cybercriminals - hungry for recognition
1. Hobby hackers
2. IT professionals(social engineering is one of the biggest threats)
3. Politically motivated hackers
4. Terrorist organizations.
Type-II CyberCriminals – not interested in recognition
1. Psychological perverts(someone who distorts or corrupts something from its original
or intended purpose.)
2. Financially motivated hackers
3. State-sponsored hacking(national espionage- refers to the systematic use of spies to
get military or political secrets, sabotage(deliberate actions to harm an organization’s
physical or virtual infrastructure)
4. Organized criminals.
3.Type III Cybercriminals-the insiders
1. Former employees seeking revenge.
2. Competing companies using employees to gain economic advantage through
damage or theft.
1.10 Classification of Cybercrimes
Definition of Crime
A crime is an act or behavior that violates the law and is punishable by the government. It
can harm individuals, property, or society as a whole.

When classifying cybercrimes, they can be grouped into broad categories (general
classifications) and narrow categories (specific offenses).
Cybercrimes are broadly categorized into different types based on their nature, targets, and
intent.
When classifying cybercrimes, they can be grouped into broad categories (general
classifications) and narrow categories (specific offenses). Here's an overview:

UNIT 1 CYBER SECURITY Page 12

Broad Classification of Cybercrimes

The classification of cybercrimes can be understood in both a broad sense and a narrow
sense based on their scope, impact, and the way they are categorized.

1. Broad Sense Classification of Cybercrimes

In a broader perspective, cybercrimes encompass all forms of illegal activities that involve
computers, networks, and digital devices. These can be classified into the following
categories:
A. Cybercrimes Against Individuals
1. Identity Theft – Stealing personal information for fraudulent activities.
2. Cyberstalking & Harassment – Using digital means to stalk, bully, or
threaten individuals.
3. Phishing & Fraud – Deceptive emails, websites, or messages to steal sensitive
data.
4. Online Defamation & Trolling – Spreading false information or abusive
comments online.
B. Cybercrimes Against Property
1. Hacking & Unauthorized Access – Illegally accessing computers or
networks.
2. Data Theft & Espionage – Stealing sensitive business or government data.
3. Ransomware & Malware Attacks – Encrypting or damaging systems for
ransom.
4. Software Piracy & Intellectual Property Theft – Illegal copying or
distribution of digital content.
C. Cybercrimes Against Society & Government
1. Cyberterrorism – Attacks on critical infrastructure or government networks.
2. Cyber Warfare – State-sponsored or politically motivated cyberattacks.
3. Online Human & Drug Trafficking – Using the internet for illegal trade.
4. Fake News & Misinformation – Spreading false information to manipulate
public opinion.

UNIT 1 CYBER SECURITY Page 13

 2. Narrow Sense Classification of Cybercrimes

A more specific or narrow classification focuses on the technical aspects and the method of
execution of cybercrimes:
A. Computer-Related Crimes
1. Unauthorized System Access – Breaking into systems without permission.
2. Data Interference – Altering, deleting, or destroying electronic data.
3. System Sabotage – Disrupting or damaging IT infrastructure.
B. Internet-Related Crimes
1. Phishing & Online Scams – Fraudulent activities using emails or fake
websites.
2. Cyberbullying & Defamation – Online harassment and spreading false
statements.
3. Dark Web Activities – Illegal transactions in drugs, weapons, or human
trafficking.
C. Financial Cybercrimes
1. Credit Card Fraud – Stealing financial details for unauthorized transactions.
2. Cryptocurrency Fraud – Using digital currencies for illegal activities.
3. Online Banking Fraud – Manipulating digital banking systems for theft.
D. Content-Related Crimes
1. Child Pornography & Exploitation – Distributing or accessing illegal
content.
2. Hate Speech & Extremism – Spreading violent or harmful ideologies online.
3. Piracy & Copyright Infringement – Illegal sharing of copyrighted material.

In a broad sense, cybercrimes include all illegal activities involving computers, the internet, and
digital networks.

In a narrow sense, they are categorized based on the method of attack, such as hacking,
phishing, online fraud, and digital content crimes.
E-Mail Spoofing

A spoofed E-Mail is one that appears to originate from one source but actually has been
sent from another source.
1. For example, let us say, Roopa has an E-Mail address [email protected]. Let us say her
boyfriend Suresh and she happen to have a show down.
2. Then Suresh, having become her enemy, spoofs her E-Mail and sends obscene/vulgar
messages to all her acquaintances.
3. Since the E-Mails appear to have originated from Roopa, her friends could take offense and
relationships could be spoiled for life.

UNIT 1 CYBER SECURITY Page 14

 Spamming

1. People who create electronic Spam are called spammers.

2. Spam is the abuse of electronic messaging systems (including most broadcast media, digital
delivery systems) to send unsolicited bulk messages indiscriminately.
3. Although the most widely recognized form of Spam is E-Mail Spam, the term is applied to
similar abuses in other media:
instant messaging Spam, Usenet newsgroup Spam, web search engine Spam,
Spam in blogs, wiki Spam, online classified ads Spam, mobile phone messaging Spam,
Internet forum Spam, junk fax transmissions, social networking Spam, file sharing
network Spam, video sharing sites, etc.

Spamming is difficult to control because it has economic viability advertisers have no

operating costs beyond the management of their mailing lists, and it is difficult to hold
senders accountable for their mass mailings.

Spammers are numerous; the volume of unwanted mail has become very high because the
barrier to entry is low.
The costs, such as lost productivity and fraud, are borne by the public and by Internet
service providers (ISPs), who are forced to add extra capacity to cope with the overflow.

Spamming is widely detested, and has been the subject of legislation in many jurisdictions -
for example, the CAN-SPAM Act of 2003.
Another definition of spamming is in the context of "search engine spamming."
In this context, spamming is alteration or creation of a document with the intent to deceive
an electronic catalog or a filing system.
Some web authors use "subversive(individual) techniques" to ensure that their site appears
more frequently or higher number in returned search results - this is strongly discouraged
by search engines and there are fines/ penalties associated with the use of such subversive

UNIT 1 CYBER SECURITY Page 15

 techniques.
Those who continually attempt to subvert or Spam the search engines may be permanently
excluded from the search index.
Therefore, the following web publishing techniques should be avoided:
4. Repeating keywords;
5. use of keywords that do not relate to the content on the site;
6. use of fast meta refresh;
7. redirection;
8. IP Cloaking(Hiding);
9. use of colored text on the same color background;
10. tiny text usage;
11. duplication of pages with different URLs;
12. hidden links;
13. use of different pages that bridge to the same URL (gateway pages).

Cyberdefamation

Cyberdefamation is a cognizable offense. (Known Mistake).

Defamation
Whoever, by words either spoken or intended to be read, or by signs or by visible representations,
makes or publishes any complaint concerning any person intending to harm, or knowing or
having reason to believe that such imputation will harm, the reputation of such person, is said,
except in the cases hereinafter expected, to defame that person."
Cyberdefamation happens when the above takes place in an electronic form.
In other words, "cyberdefamation" occurs when defamation takes place with the help of computers
and/or the Internet, for example, someone publishes defamatory matter about someone on a
website or sends an E-Mail containing defamatory information to all friends of that person.
According to the IPC Section 499:
1. It may amount to defamation to impute(represent) anything to a deceased(died) person, if
the imputation would harm the reputation of that person if living, and is intended to be
hurtful to the feelings of his family or other near relatives.
2.It may amount to defamation to make an imputation concerning a company or an
association or collection of persons as such.
3.An imputation in the form of an alternative or expressed ironically, may amount to
defamation.
4. An imputation harms a person's reputation only if it lowers their moral, intellectual,
professional, or social standing in the eyes of others or causes them to be viewed as
disgraceful.
1. Libel is written defamation and slander is oral defamation.
2. When determining whether or not defamation has taken place, the only issue to
consider is whether a person of ordinary intelligence in society would believe
that the words would indeed injure the person's reputation.
Even if there is no (apparent) damage to a person's reputation, the person who made the
allegations may still be held responsible for defamation.

1. The law on defamation attempts to create a workable balance between two

equally important human rights:

UNIT 1 CYBER SECURITY Page 16

 2. The right to an unimpaired reputation and the right to freedom of expression.
In a cyber society, both these interests are increasingly important.
3. Protection of reputation is arguably even more important in a highly
technological society, because one may not even encounter an individual or
organization other than through the medium of the Internet
4. Some courts have held that the plaintiff must also have to show that the
defamatory statements were unlawful and that it must not be for the defendant
to justify his conduct by showing that the statements were in accordance with
law. India's first case of cyberdefamation, at the Delhi Court, assumed
jurisdiction over a matter where a corporate reputation was being defamed
through E-Mails and passed an important ex-parte injunction.

Internet Time Theft

Such a theft occurs when an unauthorized person uses the Internet hours paid for by
another person. Basically, Internet time theft comes under hacking because the person who
gets access to someone else's ISP user ID and password, either by hacking or by gaining
access to it by illegal means, uses it to access the Internet without the other person's
knowledge.

However, one can identify time theft if the Internet time has to be recharged often, even
when one's own use of the Internet is not frequent.
The issue of Internet time theft is related to the crimes conducted through "identity theft.

Salami Attack/Salami Technique

Salami Attack/Salami Technique

These attacks are used for committing financial crimes. The idea here is to make the
alteration so insignificant that in a single case it would go completely unnoticed; for
example a bank employee inserts a program, into the bank's servers, that deducts a small
amount of money (say 2/- or a few cents in a month) from the account of every customer.
No account holder will probably notice this unauthorized debit, but the bank employee
will make a sizable amount every month.

Data Diddling

A data diddling attack involves altering raw data just before it is processed by a
computer and then changing it back after the processing is completed.
Electricity Boards in India have been victims to data diddling programs inserted when
private parties computerize their systems.

Forgery
1. Counterfeit currency notes, postage and revenue stamps, marksheets, etc. can
be forged using sophisticated computers, printers and scanners. Outside many
colleges there are criminals asking the sale of fake marksheets or even degree
certificates. These are made using computers and high quality scanners and
printers.

UNIT 1 CYBER SECURITY Page 17

 2. In fact, this is becoming a booming business involving large monetary
amount given to student gangs in exchange for these bogus but authentic
looking certificates.

Web Jacking

Web jacking occurs when someone forcefully takes control of a website (by cracking the
password and later changing it). Thus, the first stage of this crime involves "password
sniffing." The actual owner of the website does not have any more control over what appears
on that website.

Newsgroup Spam/Crimes Emanating from Usenet Newsgroup

1. This is one form of spamming. The word "Spam" was usually taken to mean excessive
multiple posting (EMP).
2. The start of Google Groups, and its large Usenet archive, has made Usenet more
attractive to spammers than ever.
3. Spamming of Usenet newsgroups(Online discussion forum) actually predates E-
Mail Spam.
4. The first widely recognized Usenet Spam titled Global Alert for All: Jesus is Coming
Soon (though not the most famous) was posted on 18 January 1994 by Clarence L.
Thomas IV, a sysadmin at Andrews University.
5. It was a fundamentalist religious tract claiming that "this world's history is coming to a
climax."
6. The newsgroup posting Bor Serdar Argic also appeared in early 1994, posting tens of
thousands of messages to various newsgroups.

Industrial Spying/Industrial Espionage

1. Spying is not limited to governments. Corporations, like governments, often spy on

the enemy.
2. The Internet and privately networked systems provide new and better opportunities for
espionage.
3. "Spies" can get information about product finances, research and development and
marketing strategies, an activity known as "industrial spying."
4. However, cyberspies rarely leave behind a trail. Industrial spying is not new; in fact it
is as old as industries themselves.
5. The use of the Internet to achieve this is probably as old as the Internet itself.
6. Traditionally, this has been the reserved hunting field of a few hundreds of highly
skilled hackers, contracted by high-profile companies or certain governments via the
means of escrow organizations (it is said that they get several hundreds of thousands
of dollars, depending on the "assignment").
With the growing public availability of Trojans and Spyware, even low-skilled individuals are
now inclined to generate high volume profit out of industrial spying. This is referred to as
"Targeted Attacks" (which includes "Spear Phishing"). This aspect of Industrial Spying is the
one to be addressed in the fight against cybercrime.
UNIT 1 CYBER SECURITY Page 18
Organizations subject to online extortion tend to keep quiet about it to avoid negative publicity
about them. Not surprisingly, this also applies very well to organizations that are victim of focused
attacks aiming at stealing corporate data, Intellectual Property or whatever else that may yield a
competitive advantage for a rival company.

One interesting case is the famous Israeli Trojan story," where a software engineer in London
created a Trojan Horse program specifically designed to extract critical data gathered from
machines infected by his program. He had made a business out of selling his Trojan Horse
program to companies in Israel. which would use it for industrial spying by planting it into
competitors' networks. The methods used to inoculate the Trojan Horse were varied and
sometimes quite inventive, ranging from simple E-Mail traps to the mailing of promotional CDs
infected with the evil program!

There are also the E-Mail worms automating similar "data exfiltration features." For example,
the main characteristic of mass mailing worm is to scan the hard drive of infected machines for all
files with the following extensions: .pdf, .doc, .dwg, .sch, .pcb, .dwt, .dwf, .max, .mdb.
Such files arc uploaded on an FTP server owned by the cybercrooks, with the aim of stealing as
much IP as possible wherever it can be and then selling it to people who are ready to pay for it.
There are two distinct business models for cybercrime applied to industrial spying: Selling Trojan-
ware and Selling Stolen Intellectual Property.

Hacking

Although the purposes of hacking are many, the main ones are as follows:
1. Greed;
2. power;
3. publicity;
4. revenge;
5. adventure;
6. desire to access forbidden information;
7. destructive mindset.
Every act committed toward breaking into a computer and/or network is hacking and it is an
offense.

Hackers write or use ready-made computer programs to attack the target computer.
They possess the desire to destruct and they get enjoyment out of such destruction. Some
hackers hack for personal monetary gains, such as stealing credit card information,
transferring money from various bank accounts to their own account followed by
withdrawal of money.
They extract money from some corporate giant threatening him to publish the stolen
information that is critical in nature. Government websites are hot on hackers' target lists and
attacks on Government websites receive wide press coverage.

For example, according to the story posted on December 2009, the NASA site was hacked via
SQL Injection. Hackers, crackers and phreakers are some of the oft-heard terms. The original
meaning of the word "hack" meaning an elegant, witty or inspired way of doing almost
anything originated at MIT.

UNIT 1 CYBER SECURITY Page 19

The meaning has now changed to become something associated with the breaking into or
harming of any kind of computer or telecommunications system.
Some people claim that those who break into computer systems should ideally be called
"crackers" and those targeting phones should be known as "phreaks".

Online Frauds
In Spoofing websites and E-Mail security threats, fraudsters create authentic looking
websites that are actually nothing but a spoof.
The purpose of these websites is to make the user enter personal information which is then
used to access business and bank accounts.
Fraudsters are increasingly turning to E-Mail to generate traffic to these websites.
This kind of online fraud is common in banking and financial sector.
There is a rise in the number of financial institutions' customers who receive such E-Mails
which usually contain a link to a spoof website and mislead users to enter user ids and
passwords on the pretence that security details can be updated or passwords changed.
It is wise to be alert and careful about E-Mails containing an embedded link, with a request
for you to enter secret details.
It is strongly recommended not to input any sensitive information that might help criminals to
gain access to sensitive information, such as bank account details, even if the page appears
legitimate.
In virus based E-Mails, the warnings may be genuine, so there is always a dilemma whether
to take them lightly or seriously.
A wise action is to first confirm by visiting an antivirus site such as McAfee, Sophos or
Symantec before taking any action, such as forwarding them to friends and colleagues.

Lottery frauds are typically letters or E-Mails that inform the recipient that he/she has won a
prize in a lottery.
To get the money, the recipient has to reply, after which another mail is received asking for
bank details so that the money can be directly transferred.
The E-Mail also asks for a processing fee/handling fee. Of course, the money is never
transferred in this case; the processing fee is swindled and the banking details are used for
other frauds and scams.

"Spoofing" means illegal intrusion, posing as a genuine user.

A hacker logs-in to a computer illegally, using a different identity than his own. He is able to
do this by having previously obtained the actual pass- word. He creates a new identity by
fooling the computer into thinking that the hacker is the genuine system operator and then
hacker then takes control of the system. He can commit innumerable number of frauds using
this false identity.

Software Piracy
Cybercrime investigation cell of India defines "software piracy" as theft of software
through the illegal copying of genuine programs or the counterfeiting and distribution of
products intended to pass for the original.
There are many examples of software piracy: end-user copying - friends loaning disks to each
other, or organizations under-reporting the number of software installations they have made,
or organizations not tracking their software licenses; hard disk loading with illicit means -
hard disk vendors load pirated software; counterfeiting - large-scale duplication and
distribution of illegally copied software; illegal downloads from the Internet - by intrusion, by
UNIT 1 CYBER SECURITY Page 20
cracking serial numbers, etc.
Beware that those who buy pirated software have a lot to lose:
(a) getting untested software that may have been copied thousands of times over,
(b) the software, if pirated, may potentially contain hard-drive-infecting viruses,
(c) there is no technical support in the case of software failure, that is, lack of technical
product support available to properly licensed users,
(d) there is no warranty protection,
(e) there is no legal right to use the product, etc.

According to the Fourth Annual BSA and IDC Global Software Piracy Study, 14 in Asia
Pacific 55% of the software installed in 2006 on personal computers (PCs) was obtained
illegally, while software losses due to software piracy amounted to US$ 11.6 billion.
The Global Software Piracy Study mentioned covers all packaged software that runs on
personal computers, including desktops, laptops and ultra portables.
The study includes operating systems, systems software such as databases and security
packages, business applications and consumer applications such as PC games, personal
finance and reference software.
The BSA/IDC study of year 2006 did not include other types of software such as those which
run on servers or mainframes or software sold as a service.

It is shocking to know that 35% of the software installed in 2006 on PCs worldwide was
obtained illegally, amounting to nearly $40 billion in global losses due to software piracy.

Progress was seen in a number of emerging markets, most notably in China, where the piracy
rate dropped 10 percentage points in 3 years, and in Russia, where piracy fell seven
percentage points over 3 years.

Computer Sabotage

1.The use of the Internet to hinder the normal functioning of a computer system through the
introduction of worms, viruses or logic bombs, is referred to as computer sabotage.
2.It can be used to gain economic advantage over a competitor, to pro- mote the illegal
activities of terrorists or to steal data or programs for extortion purposes.
3.Logic bombs are event-dependent programs created to do something only when a certain
event (known as a trigger event) occurs.
4.Some viruses may be termed as logic bombs because they lie dormant all through the year
and become active only on a particular date (e.g., the Chernobyl virus and Y2K viruses(15).

E-Mail Bombing/Mail
.
E-Mail bombing refers to sending a large number of E-Mails to the victim to crash
victim's E-Mail account (in the case of an individual) or to make victim's mail servers
crash (in the case of a company or an E-Mail service provider).
Computer program can be written to instruct a computer to do such tasks on a repeated
basis. In recent times, terrorism has hit the Internet in the form of mail bombings.

By instructing a computer to repeatedly send E-Mail to a specified person's E-Mail address,

the cybercriminal can overwhelm the recipient's personal account and potentially shut down
entire systems. This may or may not be illegal, but it is certainly disruptive.

UNIT 1 CYBER SECURITY Page 21

 Usenet Newsgroup as the Source
of Cybercrimes

1. Usenet is a popular means of sharing and distributing information on the Web

with respect to specific topic or subjects.
2. Usenet is a mechanism that allows sharing information in a many-to-many manner.
3. The news- groups are spread across 30,000 different topics.
4. In principle, it is possible to prevent the distribution of specific newsgroup.
5. In reality, however, there is no technical method available for controlling the contents
of any newsgroup.
6. It is merely subject to self-regulation and net etiquette.
7. It is feasible to block specific news- groups, however, this cannot be considered as
a definitive solution to illegal or harmful content.
8. It is possible to put Usenet to following criminal use:
(i)Distribution/sale of pornographic material;
(ii)distribution/sale of pirated software packages; distribution of hacking
software;
(iii)sale of stolen credit card numbers.
(iv)sale of stolen data/stolen property.

Computer Network Intrusions

 Computer Networks pose a problem by way of security threat because people can get into
them from anywhere.
 The popular movie "War Games" illustrated an extreme but useful example of this.
 "Crackers" who are often misnamed "Hackers" can break into computer systems from
anywhere in the world and steal data, plant viruses, create backdoors, insert Trojan
Horses or change user names and passwords.
 Network intrusions are illegal, but detection and enforcement are difficult.
 Current laws are limited and many intrusions go undetected.
 The cracker can bypass existing password protection by creating a program to capture logon
IDs and passwords. The practice of "strong password" is therefore important.

Password Sniffing

 Password Sniffers are programs that monitor and record the name and password
of network users as they login, exposing security at a site.
 Whoever installs the Sniffer can then impersonate an authorized user and login to
access restricted documents.
 Laws are not yet set up to adequately prosecute a person for impersonating another

UNIT 1 CYBER SECURITY Page 22

 person online. Laws designed to prevent unauthorized access to information may be
effective in apprehending crackers using Sniffer programs.

Credit Card Frauds

1.Information security requirements for anyone handling credit cards have been increased
dramatically recently.
2.Millions of dollars may be lost annually by consumers who have credit card and calling card
numbers stolen from online databases.
3.Security measures are improving, and traditional methods of law enforcement seem to be
sufficient for prosecuting the thieves of such information.
4.Bulletin boards and other online services are frequent targets for hackers who want to access
large databases of credit card information. Such attacks usually result in the implementation of
stronger security systems.
5.Payment Card Industry Data Security Standard (PCI-DSS) is a set of regulations developed
jointly by the leading card schemes to prevent cardholder data theft and to help combat credit
card fraud
Identity Theft
1. Identity theft is a fraud involving another person's identity for an illegal purpose.
2. This occurs when a criminal uses someone else's identity for his/her own illegal
purposes. Phishing and identity theft are related offenses.
3. Examples include fraudulently obtaining credit, stealing money from the victim's bank
accounts, using the victim's credit card number, establishing accounts with utility
companies, renting an apartment or even filing bankruptcy using the victim's name.
The cybercrime personator can steal unlimited funds in the victim's name without the
victim even knowing about it for months, sometimes even for years!
4. Thus far, we have provided an overview of various types of well-known cybercrimes.
In most cybercrime forms, computers and/or other digital devices end up getting used
as one or a combination of the following:
i. As the tool for committing cybercrime;
ii. Crime involving attack against the computer;
iii. Use for storing information related to cybercrime/information useful
for committing cybercrime.

Narrow Classification of Cybercrimes

This involves a detailed breakdown of specific types of cybercrimes within the broader
categories:
Online Harassment

a. Cyberbullying
b. Cyberstalking
c. Online threats

UNIT 1 CYBER SECURITY Page 23

 Differences Between Phishing and Spear Phishing

Types of Hackers:
1. Hackers: The term hacker may refer to anyone with technical skills, however, it
typically refers to an individual who uses his or her skills to achieve unauthorized
access to systems or networks so as to commit crimes. The intent of the burglary
determines the classification of those attackers as white, grey, or black hats. White hat
attackers burgled networks or PC systems to get weaknesses so as to boost the
protection of those systems. The owners of the system offer permission to perform the
burglary, and they receive the results of the take a look at. On the opposite hand,
black hat attackers make the most of any vulnerability for embezzled personal,
monetary or political gain. Grey hat attackers are somewhere between white and black
hat attackers. Grey hat attackers could notice a vulnerability and report it to the
owners of the system if that action coincides with their agenda.
(a). White Hat Hackers – These hackers utilize their programming aptitudes for a
good and lawful reason. These hackers may perform network penetration tests in an
attempt to compromise networks to discover network vulnerabilities. Security
vulnerabilities are then reported to developers to fix them and these hackers can also
work together as a blue team. They always use the limited amount of resources
which are ethical and provided by the company, they basically perform pen testing
only to check the security of the company from external sources.
(b). Gray Hat Hackers – These hackers carry out violations and do seemingly
deceptive things however not for individual addition or to cause harm. These hackers
may disclose a vulnerability to the affected organization after having compromised
their network and they may exploit it .
(c). Black Hat Hackers – These hackers are unethical criminals who violate network
UNIT 1 CYBER SECURITY Page 24
 security for personal gain. They misuse vulnerabilities to bargain PC frameworks.
theses hackers always exploit the information or any data they got from the unethical
pen testing of the network.
2. Organized Hackers: These criminals embody organizations of cyber criminals,
hacktivists, terrorists, and state-sponsored hackers. Cyber criminals are typically
teams of skilled criminals targeted on control, power, and wealth. These
criminals are extremely subtle and organized, and should even give crime as a
service. These attackers are usually profoundly prepared and well- funded.
3. Internet stalkers: Internet stalkers are people who maliciously monitor the web
activity of their victims to acquire personal data. This type of cybercrime is
conducted through the use of social networking platforms and malware, that are able
to track an individual’s PC activity with little or no detection.
4. Disgruntled Employees: Disgruntled employees become hackers with a particular
motive and also commit cybercrimes. It is hard to believe that dissatisfied employees
can become such malicious hackers. In the previous time, they had the only option of
going on strike against employers. But with the advancement of technology there is
increased in work on computers and the automation of processes, it is simple for
disgruntled employees to do more damage to their employers and organization by
committing cybercrimes. The attacks by such employees brings the entire system
down.

1.10 A Global Perspective on Cybercrimes

In Australia, cybercrime has a narrow constitutional meaning as used in the Cyber Crime Act
2001, which details crimes against computer data and systems. However, a broad meaning
is given to cybercrime at an international level.
In the Council of Europe's (CoE's) Cyber Crime Treaty, cybercrime is used as an umbrella
term to refer to an array of criminal activity including offenses against computer data
and systems, computer-related offenses, content offenses and copyright offenses. This
wide definition of cybercrime over- laps in part with general offense categories that need not
be Information & Communication Technology (ICT)-dependent, such as white-collar
crime and economic crime.

White-collar crime refers to non-violent crimes committed by individuals in professional or

business settings, typically for financial gain, such as fraud, misuse, or insider trading.

Economic crime encompasses illegal activities aimed at achieving financial or economic

advantage, including corruption, tax avoidance, money laundering, and counterfeiting
(faking).
Figure 1.13 shows countries taking actions against Spam.
Although this status is from the International Telecommunication Union (ITU) survey con-
ducted in 2005, we get an idea about the global perspective.

The Spam legislation scenario mentions "none" about India as far as E-Mail legislation in
India is concerned.

UNIT 1 CYBER SECURITY Page 25

The legislation(regulation) refers to India as a "loose" legislation, although there is a mention
in Section 67 of Indian ITA 2000. See Table 1.7.

About 30 countries have passed some form of anti-Spam legislation (see Fig. 1.13). There
are also technical solutions by ISPs and end-users. However, in spite of this, so far there has
been no significant impact on the volume of Spam with spammers sending hundreds of
millions of messages per day.

The growing phenomenon is the use of Spam to support fraudulent(fake) and criminal
activities -- including attempts to capture financial information (e.g., account numbers and
passwords) by masquerading(hiding) messages as originating from trusted companies
("brand-spoofing" or "Phishing") - and as a vehicle to spread viruses and worms.

On mobile networks, a peculiar(unusual) problem is that of sending of bulk

unsolicited(unwanted) text messages aimed at generating traffic to premium-rate numbers.
As there are no national "boundaries" to such crimes under cybercrime realm, it requires
international cooperation between those who seek to enforce anti-Spam laws.

UNIT 1 CYBER SECURITY Page 26

Thus, one can see that there is a lot to do toward building confidence and security in the use
of ICTS (Information Communication Technology)and moving toward international
cooperation agenda.

This is because in the 21st century, there is a growing dependency on ICTs that span the
globe. There was a rapid growth in ICTs and dependencies that led to shift in perception
of cybersecurity threats in mid-1990s.
The linkage of cybersecurity and critical infrastructure protection has become a big issue
as a number of countries have began assessment of threats, vulnerabilities and started
exploring mechanisms to redress them.
Recently, there have been a number of significant developments such as

On August 4, 2006, the US Senate approved the Council of Europe (CoE) Convention on
Cyber Crime.
This agreement focuses on fighting cybercrimes like hacking, spreading harmful viruses,
online child exploitation, distributing racist(race on religion) content, and terrorist attacks
on infrastructure or financial systems.
It aligns with US constitutional rights, such as free speech and civil liberties, and does not
require any changes to existing US laws.

UNIT 1 CYBER SECURITY Page 27

On August 18, 2006, a news article highlighted concerns from Internet Service Providers
(ISPs) about strict rules requiring them to block suspicious websites.

European Union (EU) officials proposed this as part of a six-point plan to strengthen
antiterrorism efforts, aiming to shut down websites that promote terrorism.

It also emphasized that the government is responsible for monitoring phone calls,
internet, and email traffic for law enforcement, and must pay ISPs and telecom
companies for storing the data needed for this purpose.

The CoE Cyber Crime Convention (1997–2001) is an international agreement to fight online crimes
by making countries' laws similar, improving how crimes are investigated, and helping nations
work together. More than 40 countries have agreed to follow it.

1.11.Cyber laws
Cyber law, also known as internet law or digital law, signifies the legal regulations and frameworks
governing digital activities. It covers a large range of issues, including online communication, e-
commerce, digital privacy, and the prevention and prosecution(action) of cybercrimes.
Types of Cyber Law
1. Privacy Laws:
Privacy laws focus on protecting individuals' personal information from unauthorized access. They
establish guidelines for the responsible handling of personal data by organizations, ensuring
individuals' privacy rights are maintained.

2. Cybercrime Laws:
Cybercrime laws define and penalize various cybercrimes, ensuring legal consequences for
criminals. These laws play a crucial role in discouraging individuals from engaging in illegal online
activities and provide a legal framework for act against cybercriminals.

3. Intellectual Property Laws:

Intellectual property laws in the digital domain protect patents, copyrights, and trademarks from
unauthorized use. They provide a legal foundation for creators and innovators to protect their
digital assets.
4. E-commerce Laws:
E-commerce laws regulate online business transactions, defining rules for contracts, transactions,
and consumer protection. These laws contribute to the establishment of a secure and fair online
marketplace.
5. Cyber Defamation Laws:
Cyber defamation laws
address libel and slander in the digital space. They provide legal remedies for individuals or
entities whose reputations may be tarnished by false or damaging information circulated
online.
Cybersecurity Laws:
Cybersecurity laws establish standards for securing digital systems and data. These laws command
organizations to implement measures to protect against cyber threats, contributing to the overall
resilience of digital infrastructure.
Social Media Laws:
Social media laws address legal issues related to social media platforms, including user rights and

UNIT 1 CYBER SECURITY Page 28

content regulations. These laws aim to strike a balance between freedom of expression and the
prevention of online abuse or misinformation.

Cyber Contracts and E-signature Laws:

Governing the validity and enforceability of contracts formed online, cyber contracts and e-
signature laws provide legal certainty for electronic transactions.
They facilitate the growth of online commerce by ensuring the legal recognition of digital
agreements.
International Cyber Laws:
With the increasing prevalence of cross-border cybercrimes, international cyber laws address the need
for cooperation between nations. These laws facilitate collaboration in investigating and prosecuting
cybercriminals operating across borders.

Data Breach(Unauthorized data access) Notification Laws:

Mandating organizations to inform individuals and authorities in the event of a data breach of data
breach notification laws enhances transparency and accountability. They ensure prompt action in
response to security incidents, minimizing the potential impact on individuals and businesses.

1.12.Cybercrimes: An Indian Perspective

India has the fourth highest number of Internet users in the world.
According to the statistics posted on the site (http://www.iamai.in/), there are 45 million
Internet users in India, 37% of all Internet accesses happen from cybercafés(safe and
secure environment for user) and 57% of Indian Internet users are between 18 and 35
years.
The population of educated youth is high in India.
It is reported that compared to the year 2006, cybercrime under the Information Technology
(IT) Act recorded a whopping 50% increase in the year 2007.
A point to note is that the majority of criminals were under 30 years.
The maximum cybercrime cases, about 46%, were related to inci- dents of
cyberpornography, followed by hacking.
In over 60% of these cases, offenders were between 18 and 30 years, according to the "Crime
in 2007" report of the National Crime Record Bureau (NCRB).
Box 1.6 shows the Indian Statistics on cybercrimes.
Box 1.6 Cybercrimes: Indian Statistics

(A) Cybercrimes: Cases of Various Categories under ITA 2000

217 cases were registered under IT Act during the year 2007 as compared to 142 cases
during the previous year (2006), thereby reporting an increase of 52.8% in 2007 over 2006.

22.3% cases (49 out of 217 cases) were reported from Maharashtra followed by Karnataka
(40), Kerala (38) and Andhra Pradesh and Rajasthan (16 each).

45.6% (99 cases) of the total 217 cases registered under ITA 2000 were related to
obscene(related to sex) publication/transmission in electronic form, known as
cyberpornography.

86 persons were arrested for committing such offenses during 2007.

There were 76 cases of hacking with computer system during the year wherein 48 persons
were arrested.

UNIT 1 CYBER SECURITY Page 29

Out of the total (76) hacking cases, the cases relating to loss/damage of computer
resource/utility under Section 66(1) of the IT Act were 39.5% (30 cases) whereas the cases
related to hacking under Section 66(2) of IT Act were 60.5% (46 cases).

Maharashtra (19) and Kerala (4) registered maximum cases under Section 66(1) of the IT Act
out of total 30 such cases at the National level.
Out of the total 46 cases relating to hacking under Section 66(2), most of the cases (31) were
reported from Karnataka followed by Kerala (7) and Andhra Pradesh (3). 29.9% of the 154
persons arrested in cases relating to ITA 2000 were from Maharashtra (46) followed by
Karnataka and Madhya Pradesh (16 each).
The age-wise profile of persons arrested in cybercrime cases under ITA 2000 showed that
63.0% of the offenders were in the age group 18-30 years (97 out of 154) and 29.9% of the
offenders were in the age group 30-45 years (46 out of 154).
Tamil Nadu reported two offenders whose ages were below 18 years.

(B) Cybercrimes: Cases of Various Categories under IPC Section

A total of 339 cases were registered under IPC Sections during the year 2007 as
compared to 311 such cases during 2006, thereby reporting an increase of 9.0%.

Madhya Pradesh reported maximum number of such cases, nearly 46.6% of total cases (158
out of 339) followed by Andhra Pradesh 15.6% (53 cases) and Chhattisgarh 15.3% (52
cases). Majority of the crimes out of total 339 cases registered under IPC fall under two
categories, viz., Forgery (217) and Criminal Breach of Trust or Fraud (73).

Although such offenses fall under the traditional IPC crimes, these cases had the cyber
overtones wherein computer, Internet or its enabled services were present in the crime and
hence they were categorized as Cybercrimes under IPC.

The cyberforgery (217 cases) accounted for 0.33% out of the 65,326 cases reported under
cheating.
The cyberfrauds (73) accounted for 0.47% of the total Criminal Breach of Trust cases
(15,531).

The cyberforgery cases were the highest in Madhya Pradesh (133) followed by
Chhattisgarh (26) and Andhra Pradesh (22).
The cases of cyberfraud were highest in Madhya Pradesh (20) fol- lowed by Punjab (17) and
Andhra Pradesh (15).
A total of 429 persons were arrested in the country for Cybercrimes under IPC during 2007.
61.5% offenders (264) of these were taken into custody for offenses under "Cyberforgery,"
19.8% (85) for "Criminal Breach of Trust/Fraud" and 11.4% (49) for "Counterfeiting
Currency/Stamps."

States such as Madhya Pradesh (166). Anahra Pradesh (83), Chhattisgarh (82) and Punjab
(69) have reported higher arrests for cybercrimes registered under IPC.
The age-group-wise profile of the arrested persons showed that 55.2% (237 of 429) were in
the age group of 30-45 years and 29.4% (126 of 429) of the offenders were in the age group
of 18-30 years.
Only four offenders from Chhattisgarh were below 18 years of age.

UNIT 1 CYBER SECURITY Page 30

Crime head-wise and age-wise profile of the offenders arrested under Cybercrimes (IPC)
offenders involved in forgery cases were more in the age group of 30-45 (54.9%, 145
of 264). 57.6% of the persons arrested under Criminal Breach of Trust/Cyberfraud offenses
were in the age group 30-45 years (49 out of 85).
(C) Incidence of Cybercrimes in Cities
17 out of 35 mega cities did not report any case of cybercrime (neither under the IT Act nor
under IPC Sections) during the year 2007.
A total of 17 mega cities have reported 118 cases under IT Act and 7 mega cities reported 180
cases under various sections of IPC.
There was an increase of 32.6% (from 89 cases in 2006 to 118 cases in 2007) in cases under
IT Act as compared to previous year (2006), and an increase of 26.8% (from 142 cases in
2006 to 180 cases in 2007) of cases registered under vari- ous sections of IPC. Bengaluru
(40), Pune (14) and Delhi (10) have reported high incidence of cases (64 out of 118 cases)
registered under IT Act, accounting for more than half of the cases (54.2%) reported under
the Act.
Bhopal has reported the highest incidence (158 out of 180 cases) of cases reported under IPC
sections accounting for 87.8%.

The Indian Government is doing its best to control cybercrimes.

For example, Delhi Police have now trained 100 of its officers in handling cybercrime and
placed them in its Economic Offences Wing.
As at the time of writing this, the officers were trained for 6 weeks in computer hardware
and software, computer networks comprising data communication networks, network
protocols, wireless networks and network security.

1.13 The Indian IT Act

In India, the ITA 2000 was enacted after the United Nation General Assembly Resolution
A/RES/51/162 in January 30, 1997 by adopting the Model Law on Electronic Commerce
adopted by the United Nations Commission on International Trade Law.

This was the first step toward the Law relating to E-Commerce at inter- national level to regulate
an alternative form of commerce and to give legal status in the area of E-Commerce.
It was enacted taking into consideration UNICITRAL model of Law on Electronic Commerce (1996).

1.13.1 Hacking and the Indian Law(s)

Cybercrimes are punishable under two categories: the ITA 2000 and the IPC (see Tables 1.1 and
1.2).
A total of 207 cases of cybercrime were registered under the IT Act in 2007 compared to 142 cases
registered in 2006. Under the IPC too, 339 cases were recorded in 2007 compared to 311 cases in
2006.
There are some noteworthy provisions under the ITA 2000, which is said to be undergoing key
changes very soon (as at the time of writing this, Table 1.7).

UNIT 1 CYBER SECURITY Page 31

Box 1.7 Hacking and the ITA 2008
The number of Offenses to be monitored has increased.
According to cyberlaw experts, "Any criminal activity that uses a computer either as an
instrumentality, target or a means for continuing further crimes comes within the ambit(limit)
of cybercrime.
" Cases of Spam, hacking, cyberstalk- ing and E-Mail fraud are rampant(More spreading) and,
although cybercrimes cells have been set up in major cities, the problem is that most cases
remain unreported due to a lack of awareness.

In a situation like this, there are a number of relevant questions in the minds of a commoner: When
can consumers approach a cybercrime cell? What should the victims do? How does one maintain
security online?
Any and every incident of cybercrime involving a computer or electronic network can be reported to a
police station, irrespective of whether it maintains a separate cell or not..
The original ITA 2000 lists a number of activities that may be taken to constitute cybercrimes.
This includes tampering with computer source code, hacking, publishing or transmitting any

UNIT 1 CYBER SECURITY Page 32

information in electronic form that is lascivious, securing access to a protected system, and breach of
confidentiality and privacy.
In the original ITA 2000, the following is stated under CHAPTER XI (Offences):
1. Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to
the public or any person destroys or deletes or alters any information residing in a computer resource
or diminishes its value or utility or affects it injuriously by any means, commits hack.
2. Whoever commits hacking shall be punished with imprisonment up to 3 years, or with fine which
may extend up to 2 lakhs ( 200,000), or with both.

In the amendment to the IT Act 2000, now known as the ITA 2008, several offenses have been added
to the Act.
The modifications have now revealed a whole bundle of surprises which will make the cybercrime
police jump.
Existing Sections 66 and 67 (in the original ITA 2000) on hacking and obscene material have been
updated by dividing them into more crime-specific subsections, thereby making cybercrimes
punishable.

In Section 66, hacking as a term has been removed. This section has now been expanded to include
Sections 66A (offensive messages), 66B (receiving stolen computer), 66C (identity theft), 66D
(impersonation), 66E (voyeurism) and 66F (cyberterrorism). Section 66F is a new section of the ITA
2008 (recent amendments to the Indian ITA 2000).
It covers "Cyberterrorism" and makes it punishable with imprisonment up to life term. This may
cover hacking. DoS attacks, Port Scanning, spreading viruses. etc., if it can be linked to the object of
terrorizing people. Plan is also covered under the sec- tion. The offense is not bailable or
compoundable. .

The offences and the punishments in IT Act 2000 :

The offences and the punishments that falls under the IT Act, 2000 are as follows :-
1.Tampering with the computer source documents
2.Directions of Controller to a subscriber to extend facilities to decrypt information.
3.Publishing of information which is obscene in electronic form.
4.Penalty for breach of confidentiality and privacy.
5.Hacking for malicious purposes.
6.Penalty for publishing Digital Signature Certificate false in certain particulars.
7Penalty for misrepresentation.
8.Confiscation.
9.Power to investigate offences.
10.Protected System.
11.Penalties for confiscation not to interfere with other punishments.
12.Act to apply for offence or contravention committed outside India.
13.Publication for fraud purposes.
14.Power of Controller to give directions.

UNIT 1 CYBER SECURITY Page 33

Sections and Punishments under Information Technology Act, 2000 are as follows :

UNIT 1 CYBER SECURITY Page 34

 ST. PETER’S COLLEGE OF ENGINEERING AND TECHNOLOGY
AVADI, CHENNAI 600 054

QUESTION BANK

B.E.-Computer Science & Engineering

CCS340-Cyber Security (Regulations 2021)
Fourth Semester
COURSE OUTCOMES
Upon Completion of the course, the students will be able to
CO1 Explain the basics of cyber security, cybercrime and cyber law (K2)
CO2 Classify various types of attacks and learn the tools to launch the attacks (K2)
CO3 Apply various tools to perform information gathering (K3)
CO4 Apply intrusion techniques to detect intrusion (K3)
CO5 Apply intrusion prevention techniques to prevent intrusion (K3)

MAPPING BETWEEN CO AND PO, PSO WITH CORRELATION LEVEL 1/2/3

PO PO PO
PO1 PO2 PO3 PO4 PO5 PO6 PO7 PO8 PO9 PSO1 PSO2 PSO3
10 11 12
C214.1 3 3 3 3 3 1 1 - - - - 3 3 3 3
C214.2 3 3 3 3 3 3 3 - - - - 3 3 3 3
C214.3 3 3 3 3 3 3 3 - - - - 3 3 3 3
C214.4 3 3 3 3 3 3 3 - - - - 3 3 3 3
C214.5 3 3 3 3 3 3 3 - - - - 3 3 3 3

Unit – I

UNIT I INTRODUCTION 9
Cyber Security – History of Internet – Impact of Internet – CIA Triad; Reason for Cyber Crime – Need for
Cyber Security – History of Cyber Crime; Cybercriminals – Classification of Cybercrimes – A Global
Perspective on Cyber Crimes; Cyber Laws – The Indian IT Act – Cybercrime and Punishment.
Sl. No. Part – A (2 MARKS) KLevel CO
Questions with Answers
1 What is Cyber Security? K1 CO1
The technique of protecting internet-connected systems such as computers,
servers, mobile devices, electronic systems, networks, and data from
malicious attacks is known as cybersecurity.
Cybersecurity refers to the practice of protecting computer systems,
networks, and data from digital attacks.
2 List the advantages of CyberSecurity K1 CO1
1.Protection of your business
2.Increased productivity
3.Insures Customer Confidence
4.Stops your website crashing
5.Protection of customers or client network.
3 What are the three key components of the CIA triad in K1 CO1
network security?
The three key components of the CIA triad are:
Confidentiality – Protecting data from unauthorized access.

UNIT 1 CYBER SECURITY Page 35

 Integrity – Ensuring data remains accurate and unaltered.
Availability – Ensuring data and services are accessible when needed.
4 How does encryption help in maintaining confidentiality in K2 CO1
network security?
Encryption converts data into an unreadable format, ensuring that
even if an unauthorized person gains access to it, they cannot
understand the content without the correct decryption key.
Examples include AES (Advanced Encryption Standard) and
DES (Data Encryption Standard).
5 What are two major negative impacts of the internet on K2 CO1
society?
1. Misinformation and Fake News – The internet allows rapid
spread of false information, leading to public confusion and
misinformation.
2. Cybersecurity Threats – Users are vulnerable to hacking,
phishing, and data breaches, which can compromise personal and
financial security.
6 Define Cybercrime? K1 CO1
Cybercrime involves illegal activities committed using computers or the internet.
It can include hacking, data theft, fraud, and spreading malware.
7 Why we need of cybersecurity? K1 CO1
1.To Protect Sensitive Data:
2.Prevention of Cyber Attacks:
3.Safeguarding Critical Infrastructure
4.Maintaining Business Continuity
5.Compliance with Regulations
6.Protecting National Security
7.Preserving Privacy
8 Define Cyber Criminals K1 CO1
Cybercrime involves such activities as child pornography(sexually explicit
material like images, videos or text),credit card fraud,
cyberstalking(harassment) ,defaming another online, gaining unauthorized
access to computer systems ,ignoring copyright, software licensing and
trade mark protection, overriding encryption to make illegal copies,
software piracy and stealing another’s identity to perform criminal acts.
Type I:Cybercriminals-hungry for recognition
1. Hobby hackers
2. IT professionals(social engineering is one of the biggest
threats)
3. Politically motivated hackers
4. Terrorist organizations.
Type-II Cybercriminals –not interested in recognition
1. Psychological perverts(someone who distorts or corrupts
something from its original or intended purpose.)
2. Financially motivated hackers
3. State-sponsored hacking(national espionage- refers to the
systematic use of spies to get military or political secrets,
sabotage(deliberate actions to harm an organization’s

UNIT 1 CYBER SECURITY Page 36

 physical or virtual infrastructure )
4. Organized criminals.
3.Type III Cybercriminals-the insiders
1. Former employees seeking revenge.
2. Competing companies using employees to gain economic
advantage through damage or theft
9 Write the two types of Cybercrimes K1 CO1

10 Define Email Spoofing K1 CO1

A spoofed E-Mail is one that appears to originate from one source but
actually has been sent from another source.
11 Define Spamming K1 CO1
Spam is the abuse of electronic messaging systems (including most
broadcast media, digital delivery systems) to send unsolicited bulk
messages indiscriminately.
12 Define Cyber Defamation K1 CO1
Cyber defamation refers to the act of harming a person's or organization's
reputation by publishing false statements online through social media,
websites, emails, or other digital platforms. It is a legal offense in many
jurisdictions and can lead to civil or criminal consequences.
13 Define Salami Attack/Salami Technique K1 CO1
These attacks are used for committing financial crimes. The idea here is
to make the alteration so insignificant that in a single case it would go
completely unnoticed; for example a bank employee inserts a program,
into the bank's servers, that deducts a small amount of money (say 2/- or a
few cents in a month) from the account of every customer.
No account holder will probably notice this unauthorized debit, but
the bank employee will make a sizable amount every month.
14 Define Data Diddling K1 CO1
A data diddling attack involves altering raw data just before it is
processed by a computer and then changing it back after the
processing is completed.
15 What is Web Jacking? K1 CO1
Web jacking occurs when someone forcefully takes control of a website
(by cracking the password and later changing it). Thus, the first stage of
this crime involves "password sniffing." The actual owner of the website
does not have any more control over what appears on that website.

UNIT 1 CYBER SECURITY Page 37

 16 What is software Piracy and what is the punishment? K2 CO1
India: Under the Copyright Act, 1957, software piracy is punishable with
up to 3 years of imprisonment and a fine of ₹50,000 to ₹200,000.
17 What is Email-Bombing? K1 CO1
E-Mail bombing refers to sending a large number of E-Mails to the
victim to crash victim's E-Mail account (in the case of an individual)
or to make victim's mail servers crash (in the case of a company or an
E-Mail service provider).
Computer program can be written to instruct a computer to do such
tasks on a repeated basis. In recent times, terrorism has hit the Internet in
the form of mail bombings.
18 What is the punishment for hacking under the Indian IT Act? K2 CO1
Hacking is punishable by imprisonment of up to three years or a fine under
Section 66 of the IT Act.
19 What is intellectual property theft? K2 CO1
It involves stealing copyrighted materials, trademarks, or patents without
permission.
20 What is ransomware? K1 CO1
Ransomware is malware that encrypts data, demanding a ransom for
decryption.
21 What is Computer Network Intrusions? K1 CO1
Computer network intrusions are unauthorized access or breaches into a
network by hackers or malicious entities to steal, alter, or disrupt data
and systems. These intrusions can occur through malware, phishing,
weak passwords, or vulnerabilities in network security.
22 What is Password Sniffing? K1 CO1
Password sniffing is a hacking technique used to intercept and capture
passwords transmitted over a network. Attackers use special software or
tools to monitor and extract login credentials from unencrypted network
traffic, often exploiting insecure connections like public Wi-Fi.
23 Differentiate Cyberstalking, CyberBulling and CyberHarassment? K2 CO1

24 Differentiate Phishing and Spear Phishing K2 CO1

UNIT 1 CYBER SECURITY Page 38

 25 Define Hackers and Types of Hackers? K2 CO1

Part – B (13 MARKS)

Sl. No. Questions K-Level CO
1 Explain the CIA Triad in Cybersecurity. How does each component K2 CO1
contribute to securing an organization's data
2 Discuss the different types of cybersecurity. How does each type help in K5 CO1
protecting an organization’s assets?
3 What is the Domain Name System (DNS), and how does it work? Why is it K3 CO1
an essential part of the Internet?
4 Describe the history and evolution of the Internet. How did the development K3 CO1
of TCP/IP contribute to the growth of the modern Internet?
5 What are the major Cyber-Security threats faced by individuals and K4 CO1
organizations today? Suggest preventive measures to mitigate these threats
6 Write the need of Cyber-Security. Explain in detail K4 CO1
7 (i)Define the term Cyber-Stalking. How can we tackle this cyber crime?(6) K3 CO1
(ii)Explain the term phishing in detail(7)
8 Define Cybercriminals? Explain the types of Cybercriminals with example K4 CO1
9 Explain the Cybercrime in Narrow Sense and Broad Sense? K5 CO1
10 Explain the Global perspective of Cybercrime in detail K5 CO1

Part – C (15 MARKS)

1 Discuss the impact of the internet on society, economy, and individual K4 CO1
privacy, emphasizing cybersecurity challenges.
2 What are the main types of cybercrimes observed globally? Discuss K3 CO1
their impact on various sectors, including economy, security, and
privacy.
3 How the different countries’ cyber laws differ in their approach to K5 CO1
cybercrime? Compare and contrast the Indian IT Act with similar laws
in countries like the United States and the European Union
4 Discuss the provisions under the Indian Information Technology Act, K5 CO1
2000 (IT Act) with regard to cybercrimes and their punishments. How
effective is the Act in dealing with cybercrime in India?
UNIT 1 CYBER SECURITY Page 39
5 Analyze the legal and ethical implications of cybercrimes on individual K5 CO1
rights and data privacy. How can cyber laws balance the protection of
personal data with the need for security?
6 Evaluate the rule in Indian regulation, blocking of website or deletion of K5 CO1
content is described under which law.

UNIT 1 CYBER SECURITY Page 40