4. In the News…….
1 out of 5 children received a
sexual solicitation or approach
over the Internet in a one-year
period of time
California warns of massive ID
theft – personal data stolen from
computers at University of
California, Berkeley (Oct 21, 2004
IDG news service)
Microsoft and Cisco announced a
new initiative to work together to
increase internet security
(Oct 18, 2004 )
5. Cyber Crime
It’s an unlawful act wherein a
computer is a tool or a target
or both .
Acts that are punishable by the
Information Technology Act .
Cyber space is a virtual space
that has become as important
as real space for business,
politics and communities .
6. Computer Crime
Computer used to commit a
crime
Child porn, threatening email,
assuming someone’s identity,
sexual harassment,
defamation, spam, phishing
Computer as a target of a
crime
Viruses, worms, industrial
espionage, software piracy,
hacking
7. Computer Forensics
What is it?
An autopsy of a computer or network to
uncover digital evidence of a crime
Evidence must be preserved and hold up
in a court of law
Growing field – Many becoming
computer forensic savvy
FBI, State and Local Police, IRS,
Homeland Security
Defense attorneys, judges and
prosecutors
Independent security agencies
White hat or Ethical Hackers
8. Uncovering Digital Evidence
Smart Criminals don’t use their
own computers
Floppy disks
Zip/Jazz disks
Tapes
Digital cameras
Memory sticks
Printers
CDs
PDAs
Game boxes
Networks
Hard drives
9. Digital Evidence
Criminals Hide Evidence
Delete their files and emails
Hide their files by encryption,
password protection, or
embedding them in unrelated files
(dll, os etc)
Use Wi-Fi networks and cyber
cafes to cover their tracks
Forensics Uncover Evidence
Restore deleted files and emails –
they are still really there!
Find the hidden files through complex
password, encryption programs, and
searching techniques
Track them down through the digital
trail - IP addresses to ISPs to the
offender
11. Hackers are Everywhere
Stealing data
Industrial Espionage
Identity theft
Defamation
Deleting data for fun
A lot of bored 16 year olds late at
night
Turning computers into zombies
To commit crimes
Take down networks
Distribute porn
Harass someone
Ethical/white hat hackers exist too
Help break into networks to prevent
crimes
Mafia Boy
12. Wireless Fidelity (Wi-Fi)
Using antennas to create “hot spots”
Hotspots – Internet Access (sometimes free)
Newport Harbor - All the boats in Harbor have internet access
San Francisco Giants Stadium – Surf the web while catching a
game
UMass (need to register, but it’s free)
Cambridge, MA
Philadelphia, PA – just announced – entire city by 2006
13. Wi-Fi High Jacking
60-70% wireless networks are wide open…
Why are the Wi-Fi networks unprotected?
Most people say “Our data is boring”
But… criminals look for wireless networks
to commit their crimes
And… the authorities will come knocking on
your door…..
14. Protect your Computers!
Use anti-virus software and
firewalls - keep them up to date
Keep your operating system up to
date with critical security updates
and patches
Don't open emails or attachments
from unknown sources
Use hard-to-guess passwords.
Don’t use words found in a
dictionary. Remember that
password cracking tools exist
Back-up your computer data on
disks or CDs often
Don't share access to your
computers with strangers
If you have a wi-fi network,
password protect it
Disconnect from the Internet
when not in use
Reevaluate your security on a
regular basis
Make sure your employees and
family members know this info
too!
17. VIRUS
Computer virus is a program or piece of code that is loaded
onto your computer without your knowledge and runs against
your wishes. It can replicate itself and spreads from one
computer to another. All viruses are man – made in nature.
Even a simple virus is dangerous because it will quickly use all
available memory and bring the system to a halt.
18. COMMON COMPUTER VIRUSES
Program viruses
These types of computer virus will infect only executable files (with
extensions like .BIN, .COM, .EXE, .OVL, .DRV, and .SYS). Once
executed, these programs load into memory, along with the virus
contained within them. Once in the memory, the virus is free to act
and infect other files or simply deliver its payload. These viruses are
friendlier as can be removed a lot easier.
Boot viruses
The boot record program loads the operating system in the
memory at startup. These viruses replace the boot record and
move it to a different part of the hard disk, or simply overwrite it.
Once you start your operating system, it loads into memory,
along with the virus. Once the virus is in the memory, it is free to
do whatever it was programmed to do.
19. Multipartite viruses
These computer viruses are hybrids, derived from boot viruses
and program viruses. They infect executable files, just like the
program viruses but, once the executable is executed, it infects
the master boot records. The scenario is similar to the boot
virus’s one: once you boot your operating system, the virus is
loaded into the memory, from where it is free to infect other
programs and replicate itself, ultimately delivering the payload.
Polymorphic viruses
The polymorphic viruses will always change their source code
from one infection to another.
20. Macro viruses
This virus is relatively new and it infects macros within a
template or document , when you open a word processing.
21. Steps for removing virus
Understand the types of viruses possible :
There are a plenty of viruses that come into your systems from
many different sources like Internet, some of these viruses
include-
1. File infection virus
2. Boot sector virus
3. Worm
22. Identify whether or not you have a virus :
There can be a number of reasons besides viruses as to why
your computer has slowed down, frozen, or is doing strange
things. To identify the presence of a virus, try this:
1. See if the task manager is disabled.
2. Check to see if your system is slow.
3. Check to see if your operating system won't respond to
commands, or crashes.
Have you noticed any funny messages when starting up?
23. Clean it
Use a reputable, recommended anti-virus software or rush your
computer to your local trusted computer repair person .
24. Use anti-virus software
Protect your computer with a right antivirus software.
Keep it updated and check regularly.
Try and avoid scareware.
26. Malware
Malware, also known as malicious software , is software
used to disrupt computer operation, gather sensitive
information, or gain access to private computer systems.
It can appear in the form of code, scripts, active content,
and other software. 'Malware' is a general term used to
refer to a variety of forms of hostile or intrusive software.
27. What does a malware do ?
Provide hackers access to your computer
Monitor your computer activity, web habits, and even your
keystrokes and transmit this information without your
knowledge
Lead to identity theft
Delete files, format disks, or affect your computer's general
performance
Make your computer act in unexpected ways, such as
exhibiting strange sounds and images or slow startup and
performance.
28.
29. Steps to avoid malware
• Always be wary about opening files or clicking on "mystery
links" sent to you via email, text, instant message (IM), social
networking sites such as facebook or Twitter, ads and pop-
ups. Links, files and attachments may contain or lead to
harmful programs that can damage your system, files and the
network.
• Delete spam and suspicious emails without opening or
activating any attached files or links; don't open, forward or
reply to the email. You should be suspicious if:
• An attachment or link in an email message is unexpected or
unsolicited
• The email is not addressed to you by name
• You don't recognize the sender or the email says it is from a
"friend“
• You can't determine why the file or link was sent to you
• The file name of the attachment ends with EXE, HLP, LNK,
MDB, MDE, URL or VBE
30. • Do not send, forward or open electronic greeting cards,
animations, games, joke programs, chain letters, screen
savers, songs, videos or images. In addition, they can
needlessly consume system resources.
• Ensure that all current patches/updates are installed for your
computer's operating system and applications.
• Do not download or install unknown software or software from
an unknown source. Even if it is "free", you may get more
than you realized (e.g., spyware, adware, etc).
• Back up your important data and mobile devices to separate
media, such as a CD/DVD, an online back up service, flash
drive, or a server. Store backups in a safe place.
31. • Install anti-malware software on your computer and set it to
auto-update as frequently as the settings will allow.
• Email filtering :
ITS has implemented an email filtering system that identifies
and cleans many viruses and bad attachments out of email
messages so as to help prevent infections, break-ins, and theft
or damage of data via malicious email messages.
34. Definition of SPAM
Massmail, not personal addressed, unwanted
(commercial) content
Recipient's personal identity and context are irrelevant
because the message is equally applicable to many
other potential recipients
35. Damage
Financial loss (for provider/receiver)
Loss of time / productivity
Slowdown of mail traffic /
breakdown of server
37. Summary
Unwanted mail, without preexisting relationship
Almost every communication channel has it‘s own
type of spam
Counteraction: on user/operator site
Causes damage in many areas
39. Definition of phishing
Neogolism for password phishing
Getting confidential personal
information from a user by pretending
to be a serious provider (e.g. bank, eBay)
40. Types / Functionality
Email phishing
Sending mails that
look trustworthy to
user
They use tactics to
fetch the
personal information
43. Damage
Wide range of damage possible:
Denial of access to mail account
Identity theft (used to commit crime)
financial loss
US 04-05: 1.2 million user suffered loss of $ 929million
UK losses by bank fraud (mostly phishing)
2004: £ 12.2million 2005: £ 23.2million