Any unlawful acts that involve a computer and a network is defined as cybercrime.
Types of cybercrime
Cybercrime can be classified into four major categories.
- Cybercrime against person.
- Cybercrime against property.
- Cybercrime against government.
- Cybercrime against society.
Cybercrime against person
Cyberstalking means unwanted or obsessive attention by an individual or group toward another person through the use of computer technology such as the Internet, e-mails, SMS, webcams, phone calls, websites, or even videos.
- Hacking is gaining unauthorized access over a computer system with the intent of personal gain or misuse.
- Cracking means digitally removing the copyright protection code of a computer program or software.
- Defamation is the technique of damaging the reputation of someone using a computer or electronic service and the Internet.
- Identity theft occurs when someone steals your identity and pretends to be you to access resources such as credit cards, bank accounts, and other benefits in your name.
- Online fraud is the act of stealing confidential details (such as bank details, personal details, card details) of a victim using phishing and spamming for gaining or withdrawing money from the victim’s account.
- Child pormograplıy involves the use of electronic devices and services to create, distribute, or access materials that sexually exploit minor children.
- Spoofing means imitate something while exaggerating its characteristic features with some personal gain or profit.
Cybercrime against property
Transferring virus into someone’s computer programs, disk drive, files, or booting sector of the hard drive using an e-mail attachment as a medium to slowing down or destroy the
- Cybersquatting refers to two or more persons claiming for the Same or approximately identical domain name or any service available on the Internet (such as a profile of Facebook, Twitter, Instagram).
- Cyber vandalism means destroying or damaging the data during the availability of a network service.
- Intellectual property crime is any illegal act by which the owner is deprived of his/her rights completely or partially.
- These crimes deal with copyrights, trademark, software piracy, infringement of patents, designs, source code, etc.
Cybercrime against government
- Cyberwarfare is an online conflict that involves politically motivated attacks on information and its related systems by hijacking or disabling the official websites, disrupting the network connection, stealing, or altering the classified information of government or financial institutions.
- Cyber terrorism is also an Internet-based attack that includes large-scale attacks to create havoc on computer networks using malware or Viruses, to attack governments and organizations.
Cybercrime against society
- Online gambling is defined as gaining money through gambling Over the Internet.
- It is also known as Internet gambling or i-Gambling.
- Cyber trafficking is defined as any illegal trading over the Internet using the computer and/or computer services.
Cyber-attack and its sources
- A cyber-attack is defined as a malicious attempt to damage or disrupt a computer network or system.
- Virus attacks hamper important work involved with data and documents.
- That is why it is the most powerful and vulnerable threat to computer users.
- It Is vital for every computer user to be aware of the software and programs that
can help to protect the personal computers from attacks.
- The major sources of cyber-attacks are highlighted as follows.
- Downloadable programs and files are one of the best possible sources of virus attacks.
- Any executable program and file are the major sources.
- If a user wants to download a program or file from the Internet, then the user needs to scan it before downloading it.
Pirated or cracked software
- Pirated or cracked software is illegal to download.
- Most people who download them from online sources are unaware that they may contain viruses and bug sources as well.
- These types o viruses and bugs are difficult to detect and remove.
- So, a user should always download original software from the appropriate source.
- Anyone can send you an e-mail attachment whether you know them or not.
- Clicking on unknown links or attachments can harm your computer.
- It is necessary to scan the e-mail attachment before downloading it.
- One of the easiest ways to get a virus in your device is through the Internet.
- Make sure to check the URL before accessing any website.
- For a secured URL, always look for https in it.
Booting from an unknown CD
- Malicious software can get into your device through an unknown CD.
- A good practice to be safe from malicious infection is to remove the CD when your device is not working at all.
- Your system could reboot the CD if it is not removed before switching off the computer.
Infected flash drives or disks
- Flash drives and disks are the main cause of spreading viruses.
- A Virus can also be copied from one computer to another when the user copies infected files using flash drives and disks.
- To prevent it, a user must scan it before transferring any files from an unknown user.
Symptoms of malware attack in Cybercrime
While these types of malware differ greatly in how they spread and infect computers, they all can produce similar symptoms.
Computers that are infected with malware can exhibit any of the following symptoms:
- Increased CPU usage.
- Slow computer or web browser speed problems connecting to networks.
Freezing or crashing.
- Modified or deleted files.
- The appearance of strange files, programs, or desktop icons.
- Programs running, turning off, or reconfiguring themselves (malware will often reconfigure or turn off antivirus and firewall programs).
- Strange computer behavior.
- E-mails/messages being sent automatically and without the knowledge (a friend receives a strange e-mail from you that you did not send.
- The security applied to computers, as well as computer networks such as private and public networks, including the Internet, is called cybersecurity or IT security.
- Cybersecurity is the process of applying security measures to ensure confidentiality, integrity, and the availability of data.
Computer protection (countermeasures)
Computer protection is an action, device, procedure, or technique that reduces a threat, vulnerability, or an attack by eliminating or preventing it
Methods to provide protection from Cybercrime
Some primary methods to provide protection are as follows:
- System access control is a method that does not allow any unauthorized access to a system.
- Data access control is a method in which a user can monitor who can access what data and tor what purpose. A user can set the rules for the based-on-security level of other users.
- System and security administration monitors and allocates system resources such as disk space, performs backups, provides user access, manages user accounts, and system security functions.
- Secure by design means that the hardware and software have been designed from the ground up to be secure.
Components of computer security
The basic components of a computer security system are as follows:
- Confidentiality is the process of keeping data and information secret and hidden from threats.
- Integrity is the process of protecting data and information from being modified by unknown and unauthorized parties.
- The availability of information refers to ensuring that authorized parties are able to access the information when needed.
- Access control ensures that only authorized users can access resources.
- Authentication is a process that ensures and confirms a user’s identity.
- Non-repudiation means to ensure that a transferred message has been sent and received by the parties claiming to have sent and received the message.
- Privacy ensures that information is available only to those who have the right to use it.
- Steganography is the technique of hiding confidential information within any media.
It can be applied to images, video files, or audio files. It helps to maintain the confidentiality and integrity of data.
- Cryptography is a technique to provide message confidentiality In Greek, it means secret writing.
It involves the process of encryption and decryption. Some commonly used terms related to cryptography are as follows:
- The plaintext is the original message or data that as input.
- Encryption is the process of changing plaintext into ciphertext using an encryption algorithm.
- The ciphertext is the encrypted form of the message. It is the scrambled message produced as an output.
- Decryption is the process of changing cipher text into plain text using a decryption algorithm.
- The key also acts as input to the encryption algorithm. The exact substitutions and transformations performed by the algorithm depend on the key.
Thus, a key is a number or a set of numbers that the algorithm uses to perform encryption and decryption.
The solution to computer security & cybercrime threats
Some major solutions to prevent and protect computer security threats are described as follows.
- Antivirus programs are installed onto your computer and can scan and remove known viruses that you may have contracted.
- The software can also be set to automatically scan diskettes when inserted into the disk drive, scan files when downloaded from the Internet, or scan e-mail when received.
- Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worms, Trojan horses, spyware, and adware.
- Computer security, including protection from social engineering techniques, is commonly offered in products and services of antivirus software companies.
- Some major antivirus software is Quick-Heal, AVG, Kaspersky, Avira, Bit-defender, McAfee, Trend Micro, K7, and Norton.
- A digital certificate is an electronic passport that allows a person, computer, or organization to exchange information securely over the Internet using the Public Key Infrastructure (PKI).
- It is also referred to as a Public Key Certificate.
- A digital signature is an electronic form of a signature that is used to validate the authenticity and integrity of a message, software, or digital document.
- It is also known as an electronic signature.
- It is generally used in e-commerce, software distribution, financial transactions, and other situations that rely on forgery or tampering detection techniques.
- It protects private networks by securing gateway servers to external networks Such as the Internet.
- It guards any network against hacks, cyber-attacks, and other unauthorized user access.
- It can be a standalone machine or software in a router or server.
- Thus, it is classified into two types:
- Hardware firewall.
- Software firewall.
- Advanced firewalls operate on the application layer of a network stack.
- This means they are capable of intercepting all packets traveling to or from running software.
- Application firewalls apply their filtering rules per process (i.e., to allow or block), instead of filtering connections by port.
- A password is a sequence of characters used to verify the identity of a user during the authentication process.
- lt is mostly used in conjunction with a username or user ID.
- It is designed to be known only to the user and allow that user to gain access to a device, application, or website.
- When a password is entered, the computer system hides the password field with asterisks or bullets for Security Purposes.
Generally, there are two modes of a password as follows:
- This is short and consists solely of letters or numbers.
- It is very easy to remember, such as the name, phone number, birthdate.
- It is easy to crack.
- This is a combination of alphabets (both upper- and lowercase), numbers, and special characteristics.
- It is difficult to crack.
File and folder access permissions
File and folder access permissions is a method to assign permissions or access rights to specific users and groups of users to view, change, navigate, and execute the contents of the files and folders.
Some specific permissions are as follows:
Read: Permits viewing or accessing of the file’s and folder’s contents.
Write: Permits writing and adding of files and folder.
Read and Execute: Permits viewing and accessing the file’s contents, as well as executing the file.
Modify: Permits reading and writing of the file; allows the deletion of the file or folder.
Full control: Permits reading writing changing, and deleting of files and folders.
Laws relating to cybercrime in India
To deal with growing cybercrime in India, the Government of India (Gol) has imposed the Information Technology Act 2000, which was enacted with the prime objective to create an enabling environment for commercial use of information technology (IT).
Some major acts and laws are described below:
Cybercrimes under the IT Act
- Section 65: Tampering with computer source documents.
- Section 66: Hacking with computer systems, data alteration.
- Section 66B: Receiving stolen computer or communication device
- Section 66C: Using the password of another person.
- Section 66D: Cheating by personation by using a computer resource
- Section 66E: Violation of privacy (publishing private images of others).
- Section 66F: Acts of cyber terrorism.
- Section 67: Publishing obscene information in electronic form.
- Section 67A: Publishing or transmitting of material containing the sexually explicit act, etc. in electronic form.
- Section 67B: Publishing child porn or predating children online
- Section 67C: Intermediary intentionally or knowingly contravening the directions about preservation and retention of information.
- Section 66: Failure/ refusal to comply with orders.
- Section 69: Failure/ refusal to decrypt data/ information.
- Section 70: Unauthorized access to protected systems.
- Section 71: Penalty for misrepresentation.
- Section 72: Breach of confidentiality and privacy.
- Section 72A: Disclosure of information in breach of lawful contract.
- Section 73: Publishing false digital signature or certificates.
- Section 74: Publication for fraudulent purposes.
Cybercrimes under IPC and special laws
- Section 503 IPC: Sending threatening messages by e-mails.
- Section 499 IPC: Sending defamatory messages by e-mails.
- Section 463 IPC: Forgery of electronic records.
- Section 420 IPC: Fake websites, cyber frauds.
- Section 463 IPC: E-mail spoofing.
- Section 383 IPC: Web-jacking.
- Section 500 IPC: Sending an abusive message by e-mails.
Cybercrimes under the special acts
- NDPS (Narcotic Drugs and Psychotropic Substances) Act: Online sale of drugs.
- Arms act: Online sales of arms and ammunitions.