1

Philippine College of Criminology 641 Sales Street in Sta. Cruz, Manila

Prepared By: Lover D. Madrilejos

Professor: Dr. Rodolfo Sebastian

INTRODUCTION 

Cyber-Crime

2

Crime and criminality have been associated with man since his fall. Crime remains elusive and ever strives to hide itself in the face of development. Different nations have adopted different strategies to contend with crime depending on their nature and extent. One thing is certain, it is that a nation with high incidence of crime cannot grow or develop. That is so because crime is the direct opposite of development. It leaves a negative social and economic consequence. 

What is Cyber Crime?

CYBERCRIME

Is defined as crimes committed on the internet using the computer as either a tool or a targeted victim. It is very difficult to classify crimes in general into distinct groups as many crimes evolve on a daily basis. Even in the real world, crimes like rape, murder or theft need not necessarily be separate. However, all cybercrimes involve both the computer and the person behind it as victims; it just depends on which of the two is the main target. Hence, the computer will be looked at as either a target or tool for simplicity’s sake. For example, hacking involves attacking the computer’s information and other resources. It is important to take note that overlapping occurs in many cases and it is impossible to have a perfect classification system.

Cyber-crime encompasses any criminal act dealing with computers and networks (called hacking). Additionally, cyber-crime also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber-crimes when the illegal activities are committed through the use of a computer and the Internet.

Crime ware

A type of malicious software that is designed to commit crimes on the Internet. Crimeware may be a virus, spyware or other deceptive piece of software that can be used to commit identity theft and fraud.

Cyberprise

 Slang term used to describe the merging of cyberspace and the enterprise.

The term cyberprise was first trademarked by the company Wall Data Inc., which used the word as its product name. Wall Data's Cyberprise is a suite of tools used for creating multiple online communities that include an enterprise's customers, vendors and partners. In 1999, Wall Data was acquired by NetManage, Inc.

What is Computer Crime?

• Any crime in which computer-related technology is encountered.

• The commission of illegal acts through the use of a computer or against a computer system.

Types of Computer Crime

• Business attacks

• Financial attacks

3

• Terrorist attacks

• Grudge attacks

• Fun attacks

Most Common Computer Crimes

• Fraud by computer manipulation

• Computer forgery

• Damage to or modifications of computer data or programs

• Unauthorized access to computer systems and service

• Unauthorized reproduction of legally protected computer programs

Computer Crimes Are Hard to Prosecute

• Lack of understanding

• Lack of physical evidence

• Lack of recognition of assets

• Lack of political impact

• Complexity of case

• Juveniles

Computer Criminals Are Hard to Catch

Multinational activity

No international laws for computer crimes

Complexity

Networked attacks hard to trace

Spam is Hostile

You pay for Spam, not Spammers

Email costs are paid by email recipients

Spam can be dangerous

Never click on the opt-out link!

May take you to hostile web site where mouse-over downloads an .exe

Tells spammers they found a working address

They won’t take you off the list anyway

4

What should you do?

Filter it out whenever possible

Keep filters up to date

If you get it, just delete the email

Wi-Fi High Jacking

60-70% wireless networks are wide open

Why are the Wi-Fi networks unprotected?

Most people say “Our data is boring”

But… criminals look for wireless networks to commit their crimes

And… the authorities will come knocking on your door…..

Protect your Computers!

Use anti-virus software and firewalls - keep them up to date

Keep your operating system up to date with critical security updates and patches

Don't open emails or attachments from unknown sources

Use hard-to-guess passwords. Don’t use words found in a dictionary? Remember that password cracking tools exist

Back-up your computer data on disks or CDs often

Don't share access to your computers with strangers

If you have a wi-fi network, password protect it

Disconnect from the Internet when not in use

Reevaluate your security on a regular basis

Make sure your employees and family members know this info too!

5

Internet Infrastructure in INDIA

The Complexity of Today’s Network

Changes Brought in IT Large network as backbone for

connectivity across the country Multiple Service providers for

providing links – BSNL, MTNL, Reliance, TATA, Rail Tel

Multiple Technologies to support network infrastructure CDMA, VSAT, DSL

Multiple Applications

6

Trends shaping the future

Ubiquitous computing, networking and mobility

Embedded Computing Security IPv6 VoIP

Cyber Threat Evolution

`

` ` `

` ` `

Network Infrastructure

Router

Extranet Servers

Servers

Laptops

Desktops

BranchOffices

Router

Router

Router

RouterUnmanaged Devices

Home Users

Remote Workers

BranchOffices

PerimeterNetwork

Internet

New PC

UnmanagedDevice

Intranet

InternetRouter

7

Trends of Incidents

Phishing

o Increase in cases of fast-flux phishing and rock-phish

o Domain name phishing and Registrar impersonation

o Crimeware

o Targeting personal information for financial frauds

o Information Stealing through social networking sites

Rise in Attack toolkits

o Toolkits like Mpack and Neospolit can launch exploits for browser and client-side vulnerabilities against users who visit a malicious or compromised sites

Global Attack Trend

VirusIdentity Theft

(Phishing)

Organized crime Data

Theft, DoS/DDoS

Malicious Code (Melissa) (Melissa)

2000 2003-04 2005-06 2007-08

Breaking Web sites

Advanced Worm /Trojan (I LOVE YOU)

1977 1995

8

Availability Authenticity AuthenticityINFORMATION

INFORMATION SECURITY

Top originating countries – Malicious code

9

Different Types of Cyber crime

Spam

• The most common type of cyber-crime is spam. While email spam laws are fairly new, there have been laws on the books regarding "unsolicited electronic communications" for many years.

Fraud

• Credit fraud is another common form of cyber-crime. Certain computer viruses can log keystrokes on your keyboard and send them to hackers, who can then take your Social Security number, credit card number and home address. This information will be used by the hacker for his own means.

Cyber Bullying

• Harassment, or cyber bullying, is a growing problem among teenagers. Many countries in Europe and several states in the United States have laws to punish those who consistently harass somebody over the Internet.

Drug Trafficking

• Believe it or not, drug trafficking is happening over the Internet. Many traffickers use encrypted email or password-protected message boards to arrange drug deals.

Availability Authenticity AuthenticityINFORMATION

Three faces of cyber crime

• Organized Crime• Terrorist Groups• Nation States

10

Cyber terrorism

• There are many forms of cyber terrorism. Sometimes it's a rather smart hacker breaking into a government website, other times it's just a group of like-minded Internet users who crash a website by flooding it with traffic. No matter how harmless it may seem, it is still illegal.

Piracy

• Far and away the most talked about form of cybercrime is thievery. Yes, downloading music from peer-to-peer websites is illegal and therefore a form of cybercrime

Mail Bombing

• Similar in some ways to a DoS attack

• A stream of large-sized emails are sent to an address, overloading the destination account

• This can potentially shut-down a poorly-designed email system or tie up the telecom channel for long periods

• Defense: email filtering

Break-Ins

• Hackers are always trying to break-in into Internet-connected computers to steal info or plant malicious programs

• Defense: Intrusion detectors

Credit Card Fraud (1)

• A thief somehow breaks into an ecommerce server and gets hold of credit numbers and related info

• The thief then uses that info to order stuff on the Internet

Credit Card Fraud (2)

• Alternatively, the thief may auction the credit card info on certain Web sites setup just for that purpose

• Defense: Use single-use credit card numbers for your Internet transactions

Software Piracy (1)

• Using a piece of SW without the author’s permission or employing it for uses not allowed by the author is SW piracy

• For whatever reason, many computer users do not consider it to be a serious crime, but it is!

Software Piracy (2)

• Only the large rings of illegal SW distributors are ever caught and brought to justice

• Defense: Various authentication schemes. They, however, are seldom used as they generally annoy the genuine users

Industrial Espionage

• Spies of one business monitoring the network traffic of their competitors

11

• They are generally looking for info on future products, marketing strategies, and even financial info

• Defense: Private networks, encryption, network sniffers

Web Store Spoofing

• A fake Web store (e.g. an online bookstore) is built

• Customers somehow find that Web site and place their orders, giving away their credit card info in the process

• The collected credit card info is either auctioned on the Web or used to buy goods and services on the Web

Viruses (1)

• Self-replicating SW that eludes detection and is designed to attach itself to other files

• Infects files on a computers through:

• Floppy disks, CD-ROMs, or other storage media

• The Internet or other networks

Viruses (2)

• Viruses cause tens of billions of dollars of damage each year

• One such incident in 2001 – the LoveBug virus – had an estimated cleanup/lost productivity cost of US$8.75 billion

• The first virus that spread world-wide was the Brain virus, and was allegedly designed by someone in Lahore

One Way of Classifying Viruses

• Malicious

– The type that grabs most headlines

– May destroy or broadcast private data

– May clog-up the communication channels

– May tie-up the uP to stop it from doing useful work

• Neutral

– May display an annoying, but harmless message

• Helpful

– May hop from one computer to another while searching for and destroying malicious viruses

Anatomy of a Virus

A virus consists of 2 parts:

12

• Transmission mechanism

• Payload

Transmission Mechanism

• Viruses attach themselves to other computer programs or data files (termed as hosts)

• They move from one computer to another with the hosts and spring into action when the host is executed or opened

Payload

• The part of the virus that generally consists of malicious computer instructions

• The part generally has two further components:

• Infection propagation component:

• This component transfers the virus to other files residing on the computer

• Actual destructive component:

• This component destroys data or performs or other harmful operations

Commonsense Guidelines (1)

Download SW from trusted sites only

Do not open attachments of unsolicited emails

Use floppy disks and CDROMs that have been used in trusted computers only

When transferring files from your computer to another, use the write-protection notches

Commonsense Guidelines (2)

1. Stay away from pirated SW

2. Regularly back your data up

3. Install Antivirus SW; keep it and its virus definitions updated

Antivirus SW

1. Designed for detecting viruses & inoculating

2. Continuously monitors a computer for known viruses and for other tell-tale signs like:

1. Most – but, unfortunately not all – viruses increase the size of the file they infect

2. Hard disk reformatting commands

3. Rewriting of the boot sector of a hard disk

3. The moment it detects an infected file, it can automatically inoculate it, or failing that, erase it

Other Virus-Like Programs

1. There are other computer programs that are similar to viruses in some ways but different in some others

13

2. Three types:

1. Trojan horses

2. Logic- or time-bombs

3. Worms

Trojan Horses

1. Unlike viruses, they are stand-alone programs

2. The look like what they are not

3. They appear to be something interesting and harmless (e.g. a game) but when they are executed, destruction results

Logic- or Time-Bombs

1. It executes its payload when a predetermined event occurs

2. Example events:

1. A particular word or phrase is typed

2. A particular date or time is reached

Worms

1. Harmless in the sense that they only make copies of themselves on the infected computer

2. Harmful in the sense that it can use up available computer resources (i.e. memory, storage, processing), making it slow or even completely useless