SlideShare una empresa de Scribd logo

Cyber Security Awareness at Dadar April 25, 2010

Vicky Shah
Vicky Shah

This presentation was made for community people to be aware of latest threats and trends and prevent themselves from the misuse of Technology.

Educación
1 de 48
Cyber Security & Law Vicky Shah
Have you involve yourself? In Signing on with someone else’s screen name to gather information? In Sending an e-mail or online greeting card from someone’s account? In Impersonating someone over Instant Message or chat rooms or online? In teasing or frightening someone over Instant Message or chat or online? In forwarding a Message or chat or online conversation or e-mail without the permission of the other person? In posting pictures or information about someone on a Web site without their consent? In sending rude or scary things to someone, even if you were just joking?
Is this Reality? • Computers and internet changed our lives so much that now if we don't have access to e-mail for a day or two, we feel uncomfortable. • Computer and Information security has become a crucial legal and a technical issue. • Is the internet taking over our lives? • We are on the Net 24x7, whether it’s our PCs, Laptops or Mobiles. • Have we started relating more to virtual world than real world?
What we do Online? Email: Love it for speed and hate it for SPAM. Chat: Instant Messaging and real time communication Google Maharaja: GOD of Search Social Networking: Facebook, Orkut and Twitter have become our clone Reading Blogs: Research, Education, etc.. You Tube: Free Videos Downloading: Changed the definition of Free Food.
Cyber Crime Challenges - Global Perpetrator Easy to learn techniques and acquire tools Small investments that cause massive economic damage No need for physical contact with the victims When done subtly it leaves few or no traces Easy for players to hide – Anonymity Service Providers Many network operators are involved Many countries may be involved – No boundary Different policy of different companies Inadequate cyberspace legislation No common law for the entire world No effective regulatory body for content
India – Growing Challenges • Exponential growth of Internet use • Interconnected business and government • E-governance growth has implications for Information Security, Privacy and Cyber Security – Income Tax, Excise, Customs, Sales tax networks connected – Smart cards, UID being issued – Land records computerized – Police networks – Defense is no longer arms & ammunition but GPS & networks
Cyber Incidents (Wireless) • September 13, 2008: Indian Mujahideen militants used unsecured WiFi system of a company in Chembur • August 2008: A stray terror e-mail was traced to the Khalsa College, Matunga, Mumbai. • July 2008: E-mails were sent before and after the Ahmedabad blasts. One was traced to Navi Mumbai and the other to an IP address in Vadodara. • May 2008: A terror e-mail was sent before the Jaipur Incidents blasts from a cyber cafe in Ghaziabad. • November 2007: Serial blasts in Lucknow, Varanasi, and Faizabad courts in UP. The terror e-mail was sent by Indian Mujahideen (IM) from a cyber café in Laxmi Nagar, Delhi. (Newspapers and Internet)
Mumbai Terror Attack 26/11 • Use of technology by the attackers Terrorists are using – Global Positioning Satellite sophisticated technology devices. systems – Blackberry It is complicated and difficult to develop – CDs with high resolution and coordinate satellite images necessary security measures to counter – Multiple cell phones with such threats switchable SIM cards – Satellite phones
Source: March 21, 2020 Times of India
Source: April 20, 2010 HT Cafe
Lack of Cyber Knowledge Hampers a parent’s ability to raise their children appropriate amount of teaching and ethical foundation. Creates a greater differences in families Culture of Security and Respectability in Question Raises children with no cyber ethical guidance: bad for business and society as a whole.
Cyber Security & Computer Related Offense
What is Cyber Security? • Security deals with three primary issues, called the CIA triad. – Confidentiality • Assurance that only authorized user may access a resource – Integrity • Assurance that resource has not been modified – Availability • Assurance that authorized user may access a resource when requested • Cyber Security is concerned with the risk of malpractices in the cyberspace which involves the people, process and technology.
Cyber Crime/Computer Related Offense Crimes performed or resorted to by abuse of electronic media or otherwise, with the purpose of influencing the functioning of computer or computer system In simple words, Cyber/Computer Crime is any crime where: Computer is a target Computer is a tool of crime Computer is incidental to crime.
Computer Related Offense Common types of Crimes may be broadly classified in the following groups: 1)Against Individual 2)Against Organization 3)Against Society
Crime Against Individual Against Person: i. Harassment Through e-mails ii. Cyber-Stalking iii. Dissemination of obscene material on the Internet iv. Defamation v. Hacking/Cracking vi. Indecent Exposure Against property of an individual: i. Computer vandalism (damage) ii. Transmitting virus iii. Internet Intrusion iv. Unauthorized control over computer system v. Hacking /Cracking
Crime Against Organization Against Government, Private Firm, Company, Group of Individuals: i. Hacking & Cracking ii. Possession of unauthorized Information iii. Cyber terrorism against the government organization iv. Identity Theft/Impersonation v. Distribution of pirated software, etc…
Crime Against Society At large, i. Pornography (specially child pornography) ii. Polluting the youth through Indecent Exposure iii. Trafficking iv. Hate Speech, Anti Communities, v. Discrimination and Derogatory remarks on Religion/Caste on online platform
Email Crimes • Spamming and Unsolicited Mail • Blackmailing/Defamatory Mail • Extortion/Threatening/Obscene/Abusive Mail • Transmission of Malwares (Virus/Worm/Trojan) • Advance Fee Schemes – Lottery Schemes – Nigerian Scams – Job Opportunities, Mule • Phishing Scams, Identity Theft
Cyber Incidents Mobile Phone based Forgery, illegal interception & ID Theft Payment card fraud & e-funds transfer fraud On-line Gaming/Betting Theft of Internet & Telephone services IP offences: illegal software; copyright breaches etc. Misuse of Technology: Mobile and Wi-Fi Commercial/Corporate Espionage On-line Securities Fraud Extortion & Criminal conspiracy
Hacking in simple terms means illegal intrusion into a computer system without the permission of the computer owner/user. Hacking is committed for Personal gains Improve technical skills Get famous Revenge Denial of Service (DoS) is an act by the criminal, who floods the bandwidth of the victim’s network depriving him of the services he is entitled to access or provide. Virus Dissemination It is surprising that Pornography is the first consistently successful e-commerce product and the marketing tactics and the curiosity encourage customers to access porn Websites.
Contd. Credit Card Fraud Net Extortion This is where the information is stolen and then threatening or black mailing is done for keeping the information secret. E.g.: Copying the company’s confidential data in order to extort said company for huge amount. Phishing It is technique of pulling out confidential information from the bank or financial institutional account holders by deceptive means. You get a genuine looking website similar to the original and the data instead of going to the original server goes to the person who phises the web page. Spoofing: Getting one computer on a network to pretend to have the identity of another computer, usually one with special Access privileges , so as to obtain access to the other computers on the network
Software Piracy: Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original is termed as termed as software piracy. Common ways in which its done: Click Wrap (Downloads) Shrink Wrap (on CD’s) Examples of software piracy: End user copying - Friends loaning disks to each other, or organizations underreporting the number of software installations they have made. Hard disk loading – Hard disk vendors loads pirated software Counterfeiting - large-scale duplication and distribution of illegally copied software. Illegal downloads from the Internet - By intrusion, cracking serial numbers etc.
A consumer of pirated software has a lot to lose… He gets untested software that may have been copied thousands of times over, potentially containing hard drive- infecting viruses No technical support in case of software failure No warranty protection No legal right to use the product
Resourse: Cybercrime Scenario, Investigation Lifecycle, Cybercrime Analysis Categories: North Virginia Technology Council, aV. Lillard Cyber Crime Investigation Lifecycle Incident Expert Witness Awareness / Testimony Preliminary Analysis Consultation Prevention Technologies Improved Processes Image New Security Policies Acquisition/ Improved Configurations Recovery Preliminary/ Containment Detailed Final Report Analysis Presentation
Resourse: Cybercrime Scenario, Investigation Lifecycle, Cybercrime Analysis Categories: North Virginia Technology Council, Terrence V. Lillard Cyber Crime Analysis Categories Cybercrime Scene Cybercrime Investigation Lifecycle Cyber Offender Characteristics Cybercrime Offender Signatures Cybercrime Motivations Cybercrime Reconstruction Deductive Analysis Cyber-Victimology Cybercrime Scene Characteristics Cybercrime Modus Operandi Cyber-Geographical Mapping Equivocal Forensics Digital Evidence Analysis
Profile of People Involved Insider - Disgruntled employees and ex-employees, spouses, lovers Crackers - Crack into networks with malicious intent, Setting traps, etc… Virus Writer - Pose serious threats to networks and systems worldwide Foreign Intelligence - Use cyber tools as part of their services, For espionage activities, Can pose the biggest threat to the security of another country Terrorists - Use to formulate plans, to raise funds, propaganda Script Kiddies - Use tools available on the net
Case Study
© DSCI
Landmark Case - MMS CEO of Bazee.com was arrested in December 2004 because a CD with objectionable material was being sold on the website. The CD was also being sold in the markets in Delhi. The Mumbai city police and the Delhi Police got into action. The CEO was later released on bail. THIS OPENED UP THE QUESTION AS TO WHAT KIND OF DISTINCTION DO WE DRAW BETWEEN INTERNET SERVICE PROVIDER AND CONTENT PROVIDER. RESULTED IN AMENDMENTS OF IT ACT 2000. The burden rests on the accused that he was the Service Provider and not the Content Provider. It also raises a lot of issues regarding how the police should handle the cyber crime cases and a lot of education is required.
Source Working of Money Mule
Source Tips to Avoid Money Mule Everyone needs to be Alert and take steps to protect themselves. To help minimize your chances of being a victim follow these common sense precautions: Be cautious about any unsolicited offers or opportunities offering you the chance to make some easy money. Be especially wary of offers from people or companies overseas as it will be harder for you to find out if they really are who they say they are. Take steps to verify any company which makes you a job offer and check their contact details (address, phone number, email address and website) are correct and whether they are registered in the Country. Never give your bank details to anyone unless you know and trust them.
Source Contd… Other signs that could indicate you are being targeted by a money mule scam: Money mule fraudster can take a variety of different forms and they may even copy a genuine company's website and have a similar web address to add authenticity to the scam. These fraudster will normally state that they are an overseas company seeking ‘UK representatives’ or ‘agents’ to act on their behalf for a period of time, sometimes to avoid high charges for making payments, or local taxes. The nature of the work that the company will claim to be involved in can vary, but the specifics of the job being advertised invariably means using your bank account to move funds.
Source Contd… The fraudster may be having poor written English with grammatical and spelling mistakes and they may urge you not to inform the bank or the police about the reason for making the payments. The fraudster may seek people with accounts at certain banks. If you have already disclosed your bank account details or received funds into your account – and you think it could be a money mule scam - you should contact your bank immediately.
PLEASE If a stranger came up to you on the street would You give him/her your Name, You give him/her your Date of Birth, You give him/her your Likes/Dislikes, You give him/her your Email Id, You give him/her your Contact Number ? You give him/her your Photograph? NO ! NO ! NO ! NO! NO! THEN WHY DO YOU PUBLISH THE SAME ON SOCIAL NETWORKING WEBSITES?????
How you should handle and approach? Don’t Panic Call in your incident response team. Contain the problem and avoid the “quick fix.” Take good notes of the entire situation. Have your backup facilities ready. Get rid of the problem. Use trusted, uncompromised communications. Know what to say, to whom and when. Know when to involve Crime Investigator.
GUIDELINE & TIPS
Home Computer Security Your home computer is a popular target for Intruders They look for credit card numbers, bank account information, OR Use your computer to attack other computers on the INTERNET Why intruders attack home computers ? Not very secure Easy to break into
How do they attack your computer? They send you E-mail with a virus They take advantage of a flaw or weakness in one of your computer’s programs – a vulnerability to gain access. They often install new programs that let them continue to use your computer (Backdoor). Trojan Horse are such programs which are used as the backdoor. Such a program which lets the intruder control everything that is on your machine remotely.
How can you minimize the risk? Use an anti-virus program (NOD 32, ESET, Kaspersky, etc…) You can add a firewall (Zone Alarm, BlackICE) Periodically download patches, and Use File encryption - to improve the level of security on your home computer
Antivirus Programs ESET – NOD 32 Kapsersky Norton Antivirus. McAfee Antivirus. Panda Antivirus. AVG Antivirus. Avast Antivirus. Trend Micro PC-Cillin Antivirus. Microsoft AntiSpyware. Spyware Snooper.
Use Anti-Virus programs Viruses can reach your computer in many ways, through - Floppy Disks CD-ROMs E-mails Web sites Downloaded files Check each of the above for viruses. When you insert a floppy disk into the drive, check it for viruses. When you receive email, check it for viruses When you download a file from the Internet, check it for viruses before using it.
Handle E-mail attachments carefully You probably receive lots of e-mails each day, much of it unsolicited. Some of these e-mails tell you of a contest that you may have won or the details of a product that you might like. The sender is trying to encourage you to open the letter, read its contents Many of us open letters to learn what we’ve won or what fantastic deal awaits us. If such an e-mail is from a malicious virus writes, it may come as an attachment and he will provoke you to open the attachment. Once you open the attachment, the virus intrudes your computer without your knowledge.
Make Backups of Important Files and Folders What happens to your important files and records on your computer if your computer malfunctions or is destroyed by a successful attacker? You should back up an important file and data every time it changes. Take back up on any reliable storage media such as a CD-ROM. Preserve it carefully.
Recommendations • Awareness is important and any incident should be reported at once • Users must try and save any electronic information trail on their computers • Avoid giving out unnecessary information about yourself • Use the licensed, latest & updated anti-virus software, operating systems, web browsers and email programs • Check out the site you are doing business with thoroughly • Send credit card information only to secure sites • Protect your Website and Maintain Backups
Summary • 99% of the problem lies between the keyboard and chair i.e. the user • Every one a target; Every system a challenge • Cyber Security is not just a technical problem – everyone has a role to play in it • You cannot “fix” security – you can only manage it • AWARENESS OF THE THREAT IS ITSELF A KEY CONTROL
Questions Thank You! Vicky Shah vicky@cybercrimes.in Discussion Forum: www.cybercrimes.in/SMF +91-98201-05011 “Human Behaviour is the Biggest Risk in Security – Vicky Shah” “Cyber Space: Safe to Use; Unsafe to Misuse – NASSCOM”
Disclaimer This presentation is prepared for knowledge sharing and awareness for end users on April 25, 2010. You can use the information provided here with proper credits. I have tried not to hide original credits as far as possible, nor am I using this presentation for any personal financial gain. Information available in this presentation is not enforceable by law; however these are my view about the topic which I feel should be shared. Any errors, omissions, misstatements, and misunderstandings set forth in the presentation are sincerely apologized. Relying on the contents will be sole responsibility of the users. - Vicky Shah -

Recomendados

Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_securityEr Mahendra Yadav
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & SecurityUday Bhaskarwar
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security ritik shukla
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurityjumanne rajabu
 
Ppt
PptPpt
PptGeetu Khanna
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security PresentationPreethi Kumaresh
 
cyber crime
cyber crimecyber crime
cyber crimeNauman Ali
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 

Recomendados

Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_securityEr Mahendra Yadav
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & SecurityUday Bhaskarwar
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security ritik shukla
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurityjumanne rajabu
 
Ppt
PptPpt
PptGeetu Khanna
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security PresentationPreethi Kumaresh
 
cyber crime
cyber crimecyber crime
cyber crimeNauman Ali
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its PreventionDinesh O Bareja
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for studentsKandarp Shah
 
Cybercrime the emerging threat
Cybercrime the emerging threatCybercrime the emerging threat
Cybercrime the emerging threatANKUR BAROT
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber SecuritySazed Salman
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationJamie Proctor-Brassard
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and SecurityGreater Noida Institute Of Technology
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeDivithC
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber crime among students
Cyber crime among studentsCyber crime among students
Cyber crime among studentsjune21harsh
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Simon Salter
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
cyber crime and security
cyber crime and securitycyber crime and security
cyber crime and securityAjay Singh
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeHarendra Singh
 
Final cyber crime and security
Final cyber crime and securityFinal cyber crime and security
Final cyber crime and securitynikunjandy
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & securityAvani Patel
 
ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security Bill Gibbs
 
Cyber crime
Cyber crimeCyber crime
Cyber crimerishith23
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
General Awareness On Cyber Security
General Awareness On Cyber SecurityGeneral Awareness On Cyber Security
General Awareness On Cyber SecurityDominic Rajesh
 

Más contenido relacionado

La actualidad más candente

Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its PreventionDinesh O Bareja
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for studentsKandarp Shah
 
Cybercrime the emerging threat
Cybercrime the emerging threatCybercrime the emerging threat
Cybercrime the emerging threatANKUR BAROT
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber SecuritySazed Salman
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationJamie Proctor-Brassard
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeDivithC
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber crime among students
Cyber crime among studentsCyber crime among students
Cyber crime among studentsjune21harsh
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Simon Salter
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
cyber crime and security
cyber crime and securitycyber crime and security
cyber crime and securityAjay Singh
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Final cyber crime and security
Final cyber crime and securityFinal cyber crime and security
Final cyber crime and securitynikunjandy
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & securityAvani Patel
 
ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security Bill Gibbs
 

La actualidad más candente (20)

Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for students
 
Cybercrime the emerging threat
Cybercrime the emerging threatCybercrime the emerging threat
Cybercrime the emerging threat
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
Cyber Crime and Cyber Security
Cyber Crime and Cyber SecurityCyber Crime and Cyber Security
Cyber Crime and Cyber Security
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and Security
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber crime among students
Cyber crime among studentsCyber crime among students
Cyber crime among students
 
Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me" Cyber Security Presentation "It Will Never Happen To Me"
Cyber Security Presentation "It Will Never Happen To Me"
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
 
cyber crime and security
cyber crime and securitycyber crime and security
cyber crime and security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Final cyber crime and security
Final cyber crime and securityFinal cyber crime and security
Final cyber crime and security
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security ERAU webinar november 2016 cyber security
ERAU webinar november 2016 cyber security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 

Destacado

Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
General Awareness On Cyber Security
General Awareness On Cyber SecurityGeneral Awareness On Cyber Security
General Awareness On Cyber SecurityDominic Rajesh
 
Social Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness BriefingSocial Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness BriefingDepartment of Defense
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
Being Smart In Cyber Space
Being Smart In Cyber SpaceBeing Smart In Cyber Space
Being Smart In Cyber Spacekirahlee
 
Computer&Internet Safety Digital Story
Computer&Internet Safety Digital StoryComputer&Internet Safety Digital Story
Computer&Internet Safety Digital StorySandra Sammarco
 
Digital Etiquette vhardy
Digital Etiquette vhardyDigital Etiquette vhardy
Digital Etiquette vhardyVanessa Hardy
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittJack Whitsitt
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesTrain Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesHuman Resources & Payroll
 
Cyber Crime: Stay Safe Online
Cyber Crime: Stay Safe OnlineCyber Crime: Stay Safe Online
Cyber Crime: Stay Safe OnlineSalshaza Putera
 
Big data ... for security
Big data ... for securityBig data ... for security
Big data ... for securityJames Salter
 
Hack Warz® Cyber Attack: A Hands-On Lab for Network Defenders
Hack Warz® Cyber Attack: A Hands-On Lab for Network DefendersHack Warz® Cyber Attack: A Hands-On Lab for Network Defenders
Hack Warz® Cyber Attack: A Hands-On Lab for Network DefendersLife Cycle Engineering
 
SECQME Watch Over Me Deck 2014
SECQME Watch Over Me Deck 2014SECQME Watch Over Me Deck 2014
SECQME Watch Over Me Deck 2014Khoo Shiang
 
Big data and cyber security legal risks and challenges
Big data and cyber security legal risks and challengesBig data and cyber security legal risks and challenges
Big data and cyber security legal risks and challengesKapil Mehrotra
 

Destacado (20)

Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
General Awareness On Cyber Security
General Awareness On Cyber SecurityGeneral Awareness On Cyber Security
General Awareness On Cyber Security
 
Social Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness BriefingSocial Media Cyber Security Awareness Briefing
Social Media Cyber Security Awareness Briefing
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 
CyberCoex
CyberCoexCyberCoex
CyberCoex
 
Malware
MalwareMalware
Malware
 
Being Smart In Cyber Space
Being Smart In Cyber SpaceBeing Smart In Cyber Space
Being Smart In Cyber Space
 
Computer&Internet Safety Digital Story
Computer&Internet Safety Digital StoryComputer&Internet Safety Digital Story
Computer&Internet Safety Digital Story
 
Digital Etiquette vhardy
Digital Etiquette vhardyDigital Etiquette vhardy
Digital Etiquette vhardy
 
Stay safe online
Stay safe onlineStay safe online
Stay safe online
 
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack WhitsittNIST Cybersecurity Framework Background and Review | Jack Whitsitt
NIST Cybersecurity Framework Background and Review | Jack Whitsitt
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesTrain Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security Breaches
 
Cyber Crime: Stay Safe Online
Cyber Crime: Stay Safe OnlineCyber Crime: Stay Safe Online
Cyber Crime: Stay Safe Online
 
Big data ... for security
Big data ... for securityBig data ... for security
Big data ... for security
 
Mobile phone Data Hacking
Mobile phone Data HackingMobile phone Data Hacking
Mobile phone Data Hacking
 
Hack Warz® Cyber Attack: A Hands-On Lab for Network Defenders
Hack Warz® Cyber Attack: A Hands-On Lab for Network DefendersHack Warz® Cyber Attack: A Hands-On Lab for Network Defenders
Hack Warz® Cyber Attack: A Hands-On Lab for Network Defenders
 
DoD Cyber Strategy
DoD Cyber StrategyDoD Cyber Strategy
DoD Cyber Strategy
 
SECQME Watch Over Me Deck 2014
SECQME Watch Over Me Deck 2014SECQME Watch Over Me Deck 2014
SECQME Watch Over Me Deck 2014
 
Big data and cyber security legal risks and challenges
Big data and cyber security legal risks and challengesBig data and cyber security legal risks and challenges
Big data and cyber security legal risks and challenges
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 

Similar a Cyber Security Awareness at Dadar April 25, 2010

Isaca june 19, 2010
Isaca june 19, 2010Isaca june 19, 2010
Isaca june 19, 2010Vicky Shah
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYChaya Sorir
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarNeeraj Ahirwar
 
Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)Anshuman Tripathi
 
Cybercrimes
CybercrimesCybercrimes
CybercrimesFit Tri
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxPrinceKumar851167
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrimepatelripal99
 
cyber_crime (1).pptx
cyber_crime (1).pptxcyber_crime (1).pptx
cyber_crime (1).pptxKoukiGaz
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessArjith K Raj
 
Cybercrime
CybercrimeCybercrime
CybercrimeSERCOD
 

Similar a Cyber Security Awareness at Dadar April 25, 2010 (20)

Isaca june 19, 2010
Isaca june 19, 2010Isaca june 19, 2010
Isaca june 19, 2010
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj Ahirwar
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)
 
Cybercrimes
CybercrimesCybercrimes
Cybercrimes
 
CYBER.pptx
CYBER.pptxCYBER.pptx
CYBER.pptx
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
Chapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptxChapter 1_Cyber Security.pptx
Chapter 1_Cyber Security.pptx
 
Introduction to cybercrime
Introduction to cybercrimeIntroduction to cybercrime
Introduction to cybercrime
 
Cybercrimes
CybercrimesCybercrimes
Cybercrimes
 
cyber_crime (1).pptx
cyber_crime (1).pptxcyber_crime (1).pptx
cyber_crime (1).pptx
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
UNIT 1.pptx
UNIT 1.pptxUNIT 1.pptx
UNIT 1.pptx
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
CS 1.ppt
CS 1.pptCS 1.ppt
CS 1.ppt
 
cyber crime.pptx
cyber crime.pptxcyber crime.pptx
cyber crime.pptx
 

Último

Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Celine George
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 

Último (20)

Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17Difference Between Search & Browse Methods in Odoo 17
Difference Between Search & Browse Methods in Odoo 17
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 

Cyber Security Awareness at Dadar April 25, 2010

  • 1. Cyber Security & Law Vicky Shah
  • 2. Have you involve yourself? In Signing on with someone else’s screen name to gather information? In Sending an e-mail or online greeting card from someone’s account? In Impersonating someone over Instant Message or chat rooms or online? In teasing or frightening someone over Instant Message or chat or online? In forwarding a Message or chat or online conversation or e-mail without the permission of the other person? In posting pictures or information about someone on a Web site without their consent? In sending rude or scary things to someone, even if you were just joking?
  • 3. Is this Reality? • Computers and internet changed our lives so much that now if we don't have access to e-mail for a day or two, we feel uncomfortable. • Computer and Information security has become a crucial legal and a technical issue. • Is the internet taking over our lives? • We are on the Net 24x7, whether it’s our PCs, Laptops or Mobiles. • Have we started relating more to virtual world than real world?
  • 4. What we do Online? Email: Love it for speed and hate it for SPAM. Chat: Instant Messaging and real time communication Google Maharaja: GOD of Search Social Networking: Facebook, Orkut and Twitter have become our clone Reading Blogs: Research, Education, etc.. You Tube: Free Videos Downloading: Changed the definition of Free Food.
  • 5. Cyber Crime Challenges - Global Perpetrator Easy to learn techniques and acquire tools Small investments that cause massive economic damage No need for physical contact with the victims When done subtly it leaves few or no traces Easy for players to hide – Anonymity Service Providers Many network operators are involved Many countries may be involved – No boundary Different policy of different companies Inadequate cyberspace legislation No common law for the entire world No effective regulatory body for content
  • 6. India – Growing Challenges • Exponential growth of Internet use • Interconnected business and government • E-governance growth has implications for Information Security, Privacy and Cyber Security – Income Tax, Excise, Customs, Sales tax networks connected – Smart cards, UID being issued – Land records computerized – Police networks – Defense is no longer arms & ammunition but GPS & networks
  • 7. Cyber Incidents (Wireless) • September 13, 2008: Indian Mujahideen militants used unsecured WiFi system of a company in Chembur • August 2008: A stray terror e-mail was traced to the Khalsa College, Matunga, Mumbai. • July 2008: E-mails were sent before and after the Ahmedabad blasts. One was traced to Navi Mumbai and the other to an IP address in Vadodara. • May 2008: A terror e-mail was sent before the Jaipur Incidents blasts from a cyber cafe in Ghaziabad. • November 2007: Serial blasts in Lucknow, Varanasi, and Faizabad courts in UP. The terror e-mail was sent by Indian Mujahideen (IM) from a cyber café in Laxmi Nagar, Delhi. (Newspapers and Internet)
  • 8. Mumbai Terror Attack 26/11 • Use of technology by the attackers Terrorists are using – Global Positioning Satellite sophisticated technology devices. systems – Blackberry It is complicated and difficult to develop – CDs with high resolution and coordinate satellite images necessary security measures to counter – Multiple cell phones with such threats switchable SIM cards – Satellite phones
  • 9. Source: March 21, 2020 Times of India
  • 10. Source: April 20, 2010 HT Cafe
  • 11. Lack of Cyber Knowledge Hampers a parent’s ability to raise their children appropriate amount of teaching and ethical foundation. Creates a greater differences in families Culture of Security and Respectability in Question Raises children with no cyber ethical guidance: bad for business and society as a whole.
  • 13. What is Cyber Security? • Security deals with three primary issues, called the CIA triad. – Confidentiality • Assurance that only authorized user may access a resource – Integrity • Assurance that resource has not been modified – Availability • Assurance that authorized user may access a resource when requested • Cyber Security is concerned with the risk of malpractices in the cyberspace which involves the people, process and technology.
  • 14. Cyber Crime/Computer Related Offense Crimes performed or resorted to by abuse of electronic media or otherwise, with the purpose of influencing the functioning of computer or computer system In simple words, Cyber/Computer Crime is any crime where: Computer is a target Computer is a tool of crime Computer is incidental to crime.
  • 15. Computer Related Offense Common types of Crimes may be broadly classified in the following groups: 1)Against Individual 2)Against Organization 3)Against Society
  • 16. Crime Against Individual Against Person: i. Harassment Through e-mails ii. Cyber-Stalking iii. Dissemination of obscene material on the Internet iv. Defamation v. Hacking/Cracking vi. Indecent Exposure Against property of an individual: i. Computer vandalism (damage) ii. Transmitting virus iii. Internet Intrusion iv. Unauthorized control over computer system v. Hacking /Cracking
  • 17. Crime Against Organization Against Government, Private Firm, Company, Group of Individuals: i. Hacking & Cracking ii. Possession of unauthorized Information iii. Cyber terrorism against the government organization iv. Identity Theft/Impersonation v. Distribution of pirated software, etc…
  • 18. Crime Against Society At large, i. Pornography (specially child pornography) ii. Polluting the youth through Indecent Exposure iii. Trafficking iv. Hate Speech, Anti Communities, v. Discrimination and Derogatory remarks on Religion/Caste on online platform
  • 19. Email Crimes • Spamming and Unsolicited Mail • Blackmailing/Defamatory Mail • Extortion/Threatening/Obscene/Abusive Mail • Transmission of Malwares (Virus/Worm/Trojan) • Advance Fee Schemes – Lottery Schemes – Nigerian Scams – Job Opportunities, Mule • Phishing Scams, Identity Theft
  • 20. Cyber Incidents Mobile Phone based Forgery, illegal interception & ID Theft Payment card fraud & e-funds transfer fraud On-line Gaming/Betting Theft of Internet & Telephone services IP offences: illegal software; copyright breaches etc. Misuse of Technology: Mobile and Wi-Fi Commercial/Corporate Espionage On-line Securities Fraud Extortion & Criminal conspiracy
  • 21. Hacking in simple terms means illegal intrusion into a computer system without the permission of the computer owner/user. Hacking is committed for Personal gains Improve technical skills Get famous Revenge Denial of Service (DoS) is an act by the criminal, who floods the bandwidth of the victim’s network depriving him of the services he is entitled to access or provide. Virus Dissemination It is surprising that Pornography is the first consistently successful e-commerce product and the marketing tactics and the curiosity encourage customers to access porn Websites.
  • 22. Contd. Credit Card Fraud Net Extortion This is where the information is stolen and then threatening or black mailing is done for keeping the information secret. E.g.: Copying the company’s confidential data in order to extort said company for huge amount. Phishing It is technique of pulling out confidential information from the bank or financial institutional account holders by deceptive means. You get a genuine looking website similar to the original and the data instead of going to the original server goes to the person who phises the web page. Spoofing: Getting one computer on a network to pretend to have the identity of another computer, usually one with special Access privileges , so as to obtain access to the other computers on the network
  • 23. Software Piracy: Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original is termed as termed as software piracy. Common ways in which its done: Click Wrap (Downloads) Shrink Wrap (on CD’s) Examples of software piracy: End user copying - Friends loaning disks to each other, or organizations underreporting the number of software installations they have made. Hard disk loading – Hard disk vendors loads pirated software Counterfeiting - large-scale duplication and distribution of illegally copied software. Illegal downloads from the Internet - By intrusion, cracking serial numbers etc.
  • 24. A consumer of pirated software has a lot to lose… He gets untested software that may have been copied thousands of times over, potentially containing hard drive- infecting viruses No technical support in case of software failure No warranty protection No legal right to use the product
  • 25. Resourse: Cybercrime Scenario, Investigation Lifecycle, Cybercrime Analysis Categories: North Virginia Technology Council, aV. Lillard Cyber Crime Investigation Lifecycle Incident Expert Witness Awareness / Testimony Preliminary Analysis Consultation Prevention Technologies Improved Processes Image New Security Policies Acquisition/ Improved Configurations Recovery Preliminary/ Containment Detailed Final Report Analysis Presentation
  • 26. Resourse: Cybercrime Scenario, Investigation Lifecycle, Cybercrime Analysis Categories: North Virginia Technology Council, Terrence V. Lillard Cyber Crime Analysis Categories Cybercrime Scene Cybercrime Investigation Lifecycle Cyber Offender Characteristics Cybercrime Offender Signatures Cybercrime Motivations Cybercrime Reconstruction Deductive Analysis Cyber-Victimology Cybercrime Scene Characteristics Cybercrime Modus Operandi Cyber-Geographical Mapping Equivocal Forensics Digital Evidence Analysis
  • 27. Profile of People Involved Insider - Disgruntled employees and ex-employees, spouses, lovers Crackers - Crack into networks with malicious intent, Setting traps, etc… Virus Writer - Pose serious threats to networks and systems worldwide Foreign Intelligence - Use cyber tools as part of their services, For espionage activities, Can pose the biggest threat to the security of another country Terrorists - Use to formulate plans, to raise funds, propaganda Script Kiddies - Use tools available on the net
  • 30. Landmark Case - MMS CEO of Bazee.com was arrested in December 2004 because a CD with objectionable material was being sold on the website. The CD was also being sold in the markets in Delhi. The Mumbai city police and the Delhi Police got into action. The CEO was later released on bail. THIS OPENED UP THE QUESTION AS TO WHAT KIND OF DISTINCTION DO WE DRAW BETWEEN INTERNET SERVICE PROVIDER AND CONTENT PROVIDER. RESULTED IN AMENDMENTS OF IT ACT 2000. The burden rests on the accused that he was the Service Provider and not the Content Provider. It also raises a lot of issues regarding how the police should handle the cyber crime cases and a lot of education is required.
  • 31. Source Working of Money Mule
  • 32. Source Tips to Avoid Money Mule Everyone needs to be Alert and take steps to protect themselves. To help minimize your chances of being a victim follow these common sense precautions: Be cautious about any unsolicited offers or opportunities offering you the chance to make some easy money. Be especially wary of offers from people or companies overseas as it will be harder for you to find out if they really are who they say they are. Take steps to verify any company which makes you a job offer and check their contact details (address, phone number, email address and website) are correct and whether they are registered in the Country. Never give your bank details to anyone unless you know and trust them.
  • 33. Source Contd… Other signs that could indicate you are being targeted by a money mule scam: Money mule fraudster can take a variety of different forms and they may even copy a genuine company's website and have a similar web address to add authenticity to the scam. These fraudster will normally state that they are an overseas company seeking ‘UK representatives’ or ‘agents’ to act on their behalf for a period of time, sometimes to avoid high charges for making payments, or local taxes. The nature of the work that the company will claim to be involved in can vary, but the specifics of the job being advertised invariably means using your bank account to move funds.
  • 34. Source Contd… The fraudster may be having poor written English with grammatical and spelling mistakes and they may urge you not to inform the bank or the police about the reason for making the payments. The fraudster may seek people with accounts at certain banks. If you have already disclosed your bank account details or received funds into your account – and you think it could be a money mule scam - you should contact your bank immediately.
  • 35. PLEASE If a stranger came up to you on the street would You give him/her your Name, You give him/her your Date of Birth, You give him/her your Likes/Dislikes, You give him/her your Email Id, You give him/her your Contact Number ? You give him/her your Photograph? NO ! NO ! NO ! NO! NO! THEN WHY DO YOU PUBLISH THE SAME ON SOCIAL NETWORKING WEBSITES?????
  • 36. How you should handle and approach? Don’t Panic Call in your incident response team. Contain the problem and avoid the “quick fix.” Take good notes of the entire situation. Have your backup facilities ready. Get rid of the problem. Use trusted, uncompromised communications. Know what to say, to whom and when. Know when to involve Crime Investigator.
  • 38. Home Computer Security Your home computer is a popular target for Intruders They look for credit card numbers, bank account information, OR Use your computer to attack other computers on the INTERNET Why intruders attack home computers ? Not very secure Easy to break into
  • 39. How do they attack your computer? They send you E-mail with a virus They take advantage of a flaw or weakness in one of your computer’s programs – a vulnerability to gain access. They often install new programs that let them continue to use your computer (Backdoor). Trojan Horse are such programs which are used as the backdoor. Such a program which lets the intruder control everything that is on your machine remotely.
  • 40. How can you minimize the risk? Use an anti-virus program (NOD 32, ESET, Kaspersky, etc…) You can add a firewall (Zone Alarm, BlackICE) Periodically download patches, and Use File encryption - to improve the level of security on your home computer
  • 41. Antivirus Programs ESET – NOD 32 Kapsersky Norton Antivirus. McAfee Antivirus. Panda Antivirus. AVG Antivirus. Avast Antivirus. Trend Micro PC-Cillin Antivirus. Microsoft AntiSpyware. Spyware Snooper.
  • 42. Use Anti-Virus programs Viruses can reach your computer in many ways, through - Floppy Disks CD-ROMs E-mails Web sites Downloaded files Check each of the above for viruses. When you insert a floppy disk into the drive, check it for viruses. When you receive email, check it for viruses When you download a file from the Internet, check it for viruses before using it.
  • 43. Handle E-mail attachments carefully You probably receive lots of e-mails each day, much of it unsolicited. Some of these e-mails tell you of a contest that you may have won or the details of a product that you might like. The sender is trying to encourage you to open the letter, read its contents Many of us open letters to learn what we’ve won or what fantastic deal awaits us. If such an e-mail is from a malicious virus writes, it may come as an attachment and he will provoke you to open the attachment. Once you open the attachment, the virus intrudes your computer without your knowledge.
  • 44. Make Backups of Important Files and Folders What happens to your important files and records on your computer if your computer malfunctions or is destroyed by a successful attacker? You should back up an important file and data every time it changes. Take back up on any reliable storage media such as a CD-ROM. Preserve it carefully.
  • 45. Recommendations • Awareness is important and any incident should be reported at once • Users must try and save any electronic information trail on their computers • Avoid giving out unnecessary information about yourself • Use the licensed, latest & updated anti-virus software, operating systems, web browsers and email programs • Check out the site you are doing business with thoroughly • Send credit card information only to secure sites • Protect your Website and Maintain Backups
  • 46. Summary • 99% of the problem lies between the keyboard and chair i.e. the user • Every one a target; Every system a challenge • Cyber Security is not just a technical problem – everyone has a role to play in it • You cannot “fix” security – you can only manage it • AWARENESS OF THE THREAT IS ITSELF A KEY CONTROL
  • 47. Questions Thank You! Vicky Shah vicky@cybercrimes.in Discussion Forum: www.cybercrimes.in/SMF +91-98201-05011 “Human Behaviour is the Biggest Risk in Security – Vicky Shah” “Cyber Space: Safe to Use; Unsafe to Misuse – NASSCOM”
  • 48. Disclaimer This presentation is prepared for knowledge sharing and awareness for end users on April 25, 2010. You can use the information provided here with proper credits. I have tried not to hide original credits as far as possible, nor am I using this presentation for any personal financial gain. Information available in this presentation is not enforceable by law; however these are my view about the topic which I feel should be shared. Any errors, omissions, misstatements, and misunderstandings set forth in the presentation are sincerely apologized. Relying on the contents will be sole responsibility of the users. - Vicky Shah -