Cyber Crime

Have You Ever?• Under the suspect that something’s wrong with your system, got an

Antivirus, and scanned the whole, only to find yellow & red popups indicating something must be truly messed up! (But How?)

• Found an Email in your Inbox, from a Brazilian Banker or Russia, if you prefer the latter, claiming that he wants to give you a few billion dollars, and all he needs is your Bank A/C information and your Address! Why? Maybe he likes your face! (Frankly, You’re not alone!)

• Clicked on a link, unsuspecting, only to find that your browser crashed, and you don’t even have a clue why! (Happens)

• Seen explicit or genuinely embarrassing pictures of a friend/acquaintance/celebrity on a social network (Facebook maybe!) or a site that mustn’t be named!

• Ordered something that was selling on 89% discount (on a site 99% of people were unaware of) and waited forever for it to deliver.

• Registered on a site, that said you’d get credits for doing stuff like breaking captchas and clicking on random ads (Just the money never reaches you)

• Can’t Access your Facebook/Gmail/Yahoo account anymore !!!

• Downloaded a free software, and got a dozen others as freebie, you never knew! And then scary things start happening on your system..

• Got your Laptop/Phone stolen?

• Started finding evidence of leaked data, you’ve shared with none?

• Faced harassment of any form, in any online services or via your cell phone?

• Downloaded your favourite Game/Movie over a file sharing service?

• Got emails that don’t make any sense, and are largely unsolicited.

• DONE ANY OF THE ABOVE?

If you can say YES, to even one of these,

You’ve already been a victim or perpetrator in Cyber Crime!

Cyber Crime? In a nutshell, it is simply a crime that has some kind of computer or cyber (computer/computer networks from word cybernetics) aspect to it. Cyber crime encompasses any criminal act dealing with computers and networks.

These include attacks against computer data and systems such as:Denial of Service Attacks, identity theft, the distribution of child sexual abuse images, internet auction fraud, the penetration of online financial services, credit card fraud as well as the deployment of viruses, Botnets, and various email scams such as phishing and spoofing to gain sensitive information.

12 VICTIMS PER SECOND

378 MILLION VICTIMS PER YEAR

1 MILLION + VICTIMS PER DAY

E Ks

ϭϱ

NEARLY 2.8 TIMES AS MANY BABIES BORN EACH YEAR

ENOUGH TO FILL WEMBLEY STADIUM (ENGLAND) MORE THAN 10 TIMES

As the Saying goes.. We’re Never Alone!

As we speak….

50% OF ONLINE ADULTSHAVE BEEN VICTIMS OF CYBERCRIME AND / OR NEGATIVE ONLINE SITUATIONS IN THE PAST YEAR

41% OF ONLINE ADULTS HAVE FALLEN VICTIM TO ATTACKS SUCH AS MALWARE, VIRUSES, HACKING, SCAMS, FRAUD AND THEFT

*According to Symantec 2013 Report

Who are the Cyber Criminals?

The Cyber Criminal Profile

This category includes Script kiddies, and enthusiasts messing around status quo, hacking friend’s system and having fun.

This is the Geek we all know!

Also Activists or groups (like WikiLeaks) seeking to steal data and release it publicly.

This group (led by technologists turned cybercriminal) does the most damage, particularly to financial institutions, retailers, e-commerce businesses, governments, etc. This group of cybercriminals actually creates more fraud, remediation and reputational damage than the other types of cybercriminals combined.

Most notably, China, Iran, other nation-states looking to steal and infiltrate data.

In case of a cyber warfare, these are the people, whose involvement is certain!

Categories

• Individual: This type of cyber crime can be in the form of hacking, identity theft, cyber bullying, cyber stalking, distributing pornography, trafficking and “grooming”.

• Property: Just like in the real world where a criminal can steal and rob, even in the cyber world criminals resort to stealing and robbing. – In this case, they can steal a person’s bank details and siphon off money; misuse the

credit card to make purchases online;– use malicious software to gain access to an organization’s website or disrupt the

systems of the organization. The malicious software can also damage software and hardware, just like vandals damage property in the offline world.

• Government: Although not as common as the other two categories, crimes against a government are referred to as cyber terrorism. – If successful, this category can wreak havoc and cause panic amongst the civilian

population. In this category, criminals hack government websites, military websites or circulate propaganda. The perpetrators can be terrorist outfits or unfriendly governments of other nations.

Cyber Crime can be broadly classified as:

Its Truly Polymorphic (1)Yes, there are numerous forms. Some of which are: • Hacking: This is a type of crime wherein a person’s computer is broken into so that

his personal or sensitive information can be accessed.

• Theft: This crime occurs when a person violates copyrights and downloads music, movies, games and software.

• Cyber Stalking: This is a kind of online harassment wherein the victim is subjected to a barrage of online messages and emails.

• Malicious Software: These are Internet-based software or programs that are used to disrupt a network. The software is used to gain access to a system to steal sensitive information or data or causing damage to software present in the system.

• Identity Theft: A criminal accesses data about a person’s bank account, credit cards, Social Security, debit card and other sensitive information to siphon money or to buy things online in the victim’s name

Its Truly Polymorphic (2)

• Child soliciting and Abuse: This is also a type of cyber crime wherein criminals solicit minors via chat rooms for the purpose of child pornography.

• Cyber-Terrorism: Attacks against computer networks or the information stored therein which result in violence against Government or persons or property, or at least cause enough harm to generate fear, are to be considered cyber-terrorism attacks.

• DoS: Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic.

• Spamming & Spoofing: You can always look inside your spam folder for details!

Just for The Record• MyDoom's Mass Infection

Estimated damage: $38 billion– This fast-moving worm first struck in 2004 and tops McAfee's list in terms of monetary damage.– Due to all the spam it sent, it slowed down global Internet access by 10 per cent and reduced access

to some websites by 50 per cent, causing billions in dollars of lost productivity and online sales.

• Conficker's stealthy destructionEstimated damage $9.1 billion– This 2007 worm infected millions of computers and then took its infections further than the previous

worm on our list, as cyber crooks moved from notoriety to professionalism.– Conficker was designed to download and install malware from sites controlled by the virus writers.

• The "I love you" worm (named after the subject line of the email it came in) proved irresistible in 2000 as millions of users opened the spam message and downloaded the attached 'love letter' file and a bitter virus.– This infamous worm cost companies and government agencies $15 billion to shut down their

computers and remove the infection.

• “Operation Get Rich or Die Tryin’ – For nearly four years ending in 2008, 28-year-old Albert “Segvec” Gonzalez and his accomplices

staged the biggest data thefts in history, stealing millions of credit and debit card magnetic stripe data for sale on the black market.

• These events just provide a glimpse into the criminal activity potential of Cyber Component!

$113 BNFRAUD 38%

THEFT OR LOSS 21%

RE-PAIRS 24%

OTHER 17%

83% OF DIRECT FINANCIAL COSTS ARE A RESULT OF FRAUD, REPAIRS, THEFT AND LOSS

USD $298AVERAGE COST PER VICTIM

Global Price Tag Of Consumer Cyber Crime:

Above Costs are given for individual victim Organisations.

1

ALL AMOUNTS IN USD ROUNDED TO THE NEAREST BILLION

38 USA

BN

3 MEXICO

BN

8 BRAZIL

BN

13 EUROPE

BN

1 RUSSIA

BN

37 CHINA

BN

4 INDIA

BN 1 JAPAN

BN

AUSTRALIA

BN

THE GLOBAL PRICE TAG OF CONSUMER CYBERCRIME

0.3SOUTH AFRICA

BN

CANADA 3 BN; SINGAPORE 1 BN; NEW ZEALAND 0.1 BN; TURKEY 2 BN; SAUDI ARABIA 0.5 BN; UAE 0.3 BN; COLOMBIA 0.5 BN

Economic ImpactsThe 2013 Cost of Cyber Crime Study, conducted by Ponemon Institute, provides an estimation of the economic impact of cybercrime.

• The average annualized cost of cybercrime incurred per organization was $11.56 million, with a range of $1.3 million to $58 million. This is an increase of 26 percent, or $2.6 million, over the average cost reported in 2012.

• Organizations in defense, financial services and energy and utilities suffered the highest cybercrime costs.

• Data theft caused major costs, 43 percent of the total external costs, business disruption or lost productivity accounts for 36% of external costs

• Organizations experienced an average of 122 successful attacks per week, up from 102 attacks per week in 2012.

• The average time to resolve a cyber attack was 32 days, with an average cost incurred during this period of $1,035,769, or $32,469 per day—a 55 percent increase over last year’s estimated average cost of $591,780 for a 24-day period.

• Denial-of-service, web-based attacks and insiders account for more than 55% of overall annual cybercrime costs per organization.

• Smaller organizations incur a significantly higher per-capita cost than larger organizations.

• Recovery and detection are the most costly internal activities.

Economic Impacts (2)

Why do they do it?

Think for a few moments, why would ..• Someone living 5000 miles away, be interested in looking inside your system

or gaining access to it anyways?

• What are they going to do with the Facebook profile, full of your self-acclaimed selfies?

• Of what use is any of your personal information to some one else?

• Crash a very popular site? Or slog it down to the knees?

• Steal data? (A more reasonable reason!)

• In short, why would anyone do anything, pulling all the troubles?• Just to prove his smartness? • Just to look into someone’s day to day life?• Just to make a point anyways?!

At one point or another, all of these reasons, will be just as mundane, as going to college

everyday!

If not, there had been a big, bigger, biggest motivation of all!!

MONEY!

Money is the necessity, which breeds most crime!

But wait…There have been cases, where Internet has been used as means of protest, refusal, and

opposition as well!

• 2010 saw the political whistle-blower site Wikileaks release confidential communication records between the US state department and various representatives overseas. In response pressure was put on Amazon, PayPal, Visa and MasterCard to remove services associated with Wikileaks – in effect hiding the site, freezing assets, and preventing supporters from financially donating to the organisation.

• Anonymous saw this as an attempt to censor the truth. The hackers quickly launched an offensive and armed their various activists with a program called the Low Orbit Ion Cannon, which made it incredibly easy to execute Distributed Denial Of Services (dDoS). In no time at all the sites of PayPal, Visa, and MasterCard were shut down, causing the companies losses which PayPal recently claimed to be in the region of £3.5 million.

• Hacktivists played an essential role in Arab Spring, a revolution in Arab Nations, that lead to the rulers being thrown out of power.

• Following The bans on video streaming websites and file storage websites, hacktivist group Anonymous's Indian volunteers went active. This resulted in Distributed Denial of Service attacks on several government websites.

Information is InvaluableSo Are Zombies (!?)

• Believe it or not, Data & Information pays hard cash!– Credit card information, Identification Numbers, Company Secrets,

Passwords etc.– An Organisation’s classified data.

• Enemy Nations and rival countries often perform acts of spying, espionage, and stealing against each other.

• Once your system has been infiltrated, the hacker can access the functionalities, on the go!– He can see whatever you’re doing.– Even watch you on your webcam (which can be embarrassing)– He can use your system, to perform attacks on other systems (yes, like a

zombie following orders!)

A Sneak-Peek into the Cyber Crime Economy

• Long gone are the days when cybercrime was tantamount to teenage miscreants causing mischief in their parents’ basement.

• Today, as any commercial enterprise, cybercrime has evolved into a complex, highly organized hierarchy involving leaders, engineers, infantry, and hired money mules.

• Like any legitimate commercial enterprise, each player has a designated role or function to perform.

• Cybercrime pays, it’s very common to find advertising looking to recruit cyber specialists (e.g. botmaster, malware engineers) promising amount of money between $2,000 and $5,000 a month.

“ Cybercriminals Today Mirror Legitimate Business Processes “- Fortinet 2013 Cybercrime Report

Cyber Crime for Sale• Hard to believe, but nowadays there are organisations selling services like

Hacking, Spamming, Denial Of Service Attacks.

• So, you can go online, and BUY a Hacking Service to hack your ex’s profile, or maybe if you are into business, knock a competitor’s website down!

• There are testing platforms like virtest.com which enables cyber criminals to test their malware before releasing it.

• Cyber Criminals now have crime packs, with business Intelligence Reporting Dashboards to manage the distribution of their malicious code!

• For Instance, the Market Leader in Malware Distribution, Blackhole Exploit Kit, comes with Technical Guide, Demo Videos, and Dedicated Customer Care!

How Do They Do It?

• All these forms of Cyber Crime are due to one or more kind of Attacks by the Cyber Criminals or the Hacktivist in question. Some common types of Attack are:

• Passive Attack– A passive attack monitors unencrypted traffic and looks for clear-text passwords and

sensitive information that can be used in other types of attacks. – Passive attacks include traffic analysis, monitoring of unprotected communications,

decrypting weakly encrypted traffic, and capturing authentication information such as passwords.

– Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.

• Active Attack– In an active attack, the attacker tries to bypass or break into secured systems.– This can be done through stealth, viruses, worms, or Trojan horses. – Active attacks include attempts to circumvent or break protection features, to introduce

malicious code, and to steal or modify information.

How Do They Do It? (2)• Close-in attack

– involves someone attempting to get physically close to network components, data, and systems in order to learn more about a network.

– Close-in attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Eg. Social Engineering.

• Distributed Attack– A distributed attack requires that the adversary introduce code, such as a Trojan horse

or back-door program, to a “trusted” component or software that will later be distributed to many other companies.

• Insider Attack– An insider attack involves someone from the inside, such as a disgruntled employee,

attacking the network. Insider attacks can be malicious or non malicious.

• Phishing Attack– In phishing attack the hacker creates a fake web site that looks exactly like a popular site

such as the SBI bank or paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site.

How Do They Do It? (3)• Hijack attack

– In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication.

– You still believe that you are talking to the original party and may send private information to the hacker by accident.

– Eg. Man In The Middle Attack (Beware Of Public Wi-Fi’s)

• Password attack– An attacker tries to crack the passwords stored in a network account database or a

password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack.

• Buffer overflow– Abuffer overflow attack is when the attacker sends more data to an application than

is expected. It usually results in the attacker gaining administrative access to the system in a Command prompt or shell.

• Spoof attack– In a spoof attack, the hacker modifies the source address of the packets he or she is

sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.

Legal Issues• Cyber Criminals, despite theft of millions of dollars, rarely get

arrested.

• Most laws are National in their implementation, despite Cyber Crime Conventions, where the Internet is borderless and International by definition.

• Countries do not agree, which makes this area exceptionally challenging from legal perspective.

• So, Cyber Criminals operating from the Ends of the world, evade laws, taking full advantage of anonymity and loopholes is International Laws.

Indian Laws & Cyber Crime• The Indian Law has not given any definition to the term ‘cyber crime’.

• In fact, the Indian Penal Code does not use the term ‘cyber crime’ at any point even after its amendment by the Information Technology (amendment) Act 2008, the Indian Cyber law.

• But “Cyber Security” is defined under Section (2) (b) means protecting information, equipment, devices, computer, computer resource, communication device and information stored therein from unauthorized access.

• In essence, cyber law is an attempt to apply laws designed for the physical world, to human activity on the Internet.

• It has a separate chapter XI entitled “Offences” in which various cyber crimes have been declared as penal offences punishable with imprisonment and fine.

Better Be Safe Than Sorry!

• Use Strong Passwords.– Don’t use dictionary words, or numbers, or popular names. Use a combination of all!– Try to use different passwords for all online services.

• Secure your computer:– Activate your firewall

Firewalls are the first line of cyber defense; they block connections to unknown or bogus sites and will keep out some types of viruses and hackers.

– Use anti-virus/malware softwarePrevent viruses from infecting your computer by installing and

– regularly update anti-virus software.

• Block spyware attacks.• Secure your Mobile Devices• Install the latest operating system and software updates• Protect your Data

Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups.

Better Be Safe Than Sorry! (2)• Review bank and credit card statements regularly

– The impact of identity theft and online crimes can be greatly reduced if you can catch it shortly after your data is stolen or when the first use of your information is attempted

• Avoid being scammed– Always think before you click on a link or file of unknown origin. – Don’t feel pressured by any emails!

• Protect your e-identity– Be cautious when giving out personal information such as your name, address, phone number

or financial information on the Internet. Make sure that websites are secure.

• Secure your wireless network– Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured.– Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Use VPNs (Virtual Private Networks) like

vemeo. – Avoid conducting financial or corporate transactions on these networks.

• In an organisation, Cyber-Education and Awareness across the staff will go a long way to protect against many types of cybercrime.

And..

• The Internet is a fantastic Resource.

• It promotes business, Learning, Expression, and communication.

• Keep Your Systems Safe & Secure, A large majority of Cyber Crimes can be prevented by precautionary measures alone!

• Even if we can’t stop it, Let’s Make Life Much Much More Difficult For Cyber Criminals!

The End?

Thank YouKEEPCALM

&

STOP CYBERCRIME