Cyber Crime Introduction and Impact

Questions and Answers

What are the two general categories of cybercrime?

• Crimes that aim at computer networks or devices and crimes using networks to commit other activities (correct)
• Financial crimes and cyber terrorism
• Invasive tracking and social engineering attacks
• Crimes targeting individuals and crimes targeting businesses

What is one key reason cybercrime is considered a serious offense?

• It can involve the interception of sensitive information. (correct)
• It generally targets small business operations.
• It is primarily committed by well-known criminals.
• It occurs mostly in physical locations.

How much potential financial loss is attributed to cybercrime annually, according to the 2018 study?

• $600 billion (correct)
• $200 billion
• $800 billion
• $400 billion

What is a major challenge in combating cybercrime?

The anonymity of cybercriminals (A)

Which of the following is NOT generally considered a type of cybercrime?

Shoplifting in a physical store (A)

What factor contributes most to the frequency of cybercrime occurrences?

People being unaware of their cyber rights (D)

Which terms describe state-sponsored malicious activities in cyberspace?

Cyberwarfare (D)

Which type of firewall analyzes the context of network traffic rather than just the packet headers?

Stateful Inspection Firewall (A)

What is a key advantage of using a Proxy Firewall over a traditional packet filter?

Filtering traffic at the application layer (B)

Which type of firewall combines traditional features with advanced security capabilities such as intrusion prevention?

Next-Generation Firewall (A)

Which aspect of SSL/TLS ensures that even if data is intercepted during transmission, it remains unreadable?

Encryption (B)

What is a primary function of Cloud Firewalls?

To protect virtual machines and containers (C)

What distinguishes white hat hackers from other types of hackers?

They have permission and ethical intent to improve security. (A)

Which of the following best describes software piracy?

The unauthorized distribution and reproduction of software. (A)

How can hacking compromise a system's security?

By exposing vulnerabilities and unauthorized information access. (D)

What is a key legal consequence of hacking?

Fines and imprisonment for the perpetrators. (C)

Which type of crime related to IPR encompasses downloading pirated content?

Software piracy. (B)

What is a significant challenge posed by counterfeit documents?

Increased need for expert judgement for authenticity verification. (A)

What general term describes unauthorized access and manipulation of computer systems?

Hacking. (D)

Which of the following best represents grey hat hackers?

They may violate laws but do not have malicious intent. (D)

What is a primary goal of white hat hackers?

To identify and fix security weaknesses. (A)

What happens to the hash value when there is a small change in the input data?

The hash value changes significantly. (A)

Which of the following is NOT a primary purpose of cryptographic digests?

Secure payment processing (B)

How is the integrity of data ensured using hash functions?

By calculating a hash value and comparing it (B)

What is the role of the private key in digital signatures?

To encrypt the hash of the content (B)

Which of these hash functions is considered insecure for cryptographic purposes?

MD5 (B)

What do systems store instead of actual passwords for secure storage?

Hash values of passwords (A)

What characterizes symmetric cryptography?

The same key is used for both encryption and decryption (B)

What is the primary role of firewalls in network security?

To act as the first line of defense against cyber threats (D)

What is the first step in symmetric cryptography?

Key Generation and sharing (C)

Which mechanism used by firewalls evaluates the state of active connections?

Stateful Inspection (A)

When a user logs in, what does the system do with the entered password?

Hashes it and compares with stored hash (D)

What does the receiver do upon receiving data that has been transmitted with a hash?

Recalculates the hash and compares it with the received hash (A)

Which type of filtering allows firewalls to inspect the actual content of data packets?

Deep Packet Inspection (D)

How do firewalls enforce security policies?

By allowing or blocking traffic based on predefined rules (B)

What is the function of proxy filtering in firewalls?

To hide internal network details by acting as an intermediary (A)

What is the significance of logging and monitoring in firewall operations?

To help identify potential security incidents and maintain an audit trail (B)

What does packet filtering primarily examine?

Source and destination IP addresses, protocol type, and port numbers (A)

Which category of firewall works at Layer 3 of the OSI model?

Packet Filtering Firewalls (C)

What risk is reduced by firewalls preventing unauthorized communication between networks?

Unauthorized access to sensitive information (A)

Which of the following is NOT a key mechanism used by firewalls?

Application Filtering (A)

Flashcards

Cybercrime Definition

Cybercrime is a crime involving a computer and a network. The computer might be used in committing a crime, or it could be the target.

Types of Cybercrimes

Cybercrimes can be categorized into crimes against computer networks and devices, and crimes using networks for other crimes.

Cybercrime Impact

Cybercrime harms individuals and nations by endangering security, privacy, and financial health.

Cybercrime Cost

Globally, cybercrime results in significant economic losses, estimated at nearly one percent of global GDP annually.

Cybercrime Challenges

Obstacles related to cybercrime include lack of awareness of cyber rights, anonymity of perpetrators, and the complexity and international nature of these crimes.

Cyberwarfare

Cyberattacks crossing international borders involving at least one nation-state.

Privacy Concerns of Cybercrime

Cybercrime raises concerns when sensitive information, like government data or personal details, is intercepted.

Cryptographic Digest

A unique, fixed-length string generated from data using a one-way hash function. Even small changes in the data result in a completely different hash value, ensuring data integrity.

Data Integrity

The assurance that data remains unaltered and accurate during transmission or storage.

Digital Signature

A cryptographic technique used to verify the authenticity and integrity of digital documents. It involves hashing the data and encrypting the hash with the sender's private key.

Password Storage

Storing passwords securely by hashing them instead of storing the raw text. This protects against unauthorized access to the actual passwords.

Checksum

A short string generated from data used to verify the integrity of transmitted data. It's like a quick check to see if the data has been corrupted during transfer.

SHA-256

A widely used cryptographic hash function producing a 256-bit hash value. It's considered more secure than MD5 and provides a high level of security.

Symmetric Cryptography

A type of encryption where the same secret key is used for both encrypting and decrypting data. Both parties involved in communication must share this secret key.

Key Generation

The process of creating a secret key that is used in symmetric cryptography for encryption and decryption.

Plaintext

The original message or data before encryption.

Ciphertext

The encrypted form of plaintext, unintelligible and unreadable without the correct key.

Child Pornography

Possession of images or videos of minors (under 18) engaged in sexual conduct.

Software Piracy

Illegal reproduction and distribution of software for personal or business use.

IPR Infringement

Violating intellectual property rights, e.g., downloading pirated software, music, or movies.

Hacking (Computer Security)

Unauthorized access, manipulation or exploitation of computer systems or networks.

White Hat Hacker

Ethical hacker who uses skills to find and fix security vulnerabilities legally.

Counterfeit Documents

Documents created to look like the real thing, but are fake, very hard to tell from the real thing.

Grey Hacker

Hackers with morality in question, ethical grey area.

Black Hacker

Hackers who use their skills for malicious or criminal purposes.

Vulnerability

A weakness or flaw in a system that can be exploited.

Stateful Firewall

A firewall that keeps track of active connections and uses that information to make decisions about incoming traffic. This type of firewall offers more security than a simple packet filtering firewall.

Proxy Firewall

A firewall that acts as an intermediary between clients and servers, inspecting and filtering communication at the application layer. This type of firewall provides deeper security than a stateful firewall.

Next-Generation Firewall (NGFW)

A firewall that combines traditional firewall features with advanced security capabilities like intrusion prevention, application awareness, and deep packet inspection.

SSL/TLS Encryption

SSL/TLS is used to encrypt data during transmission, protecting it from unauthorized access. This is crucial for securing sensitive information like user credentials and financial transactions.

SSL/TLS Role in Cybersecurity

SSL/TLS protocols are essential for protecting the confidentiality and integrity of data transmitted over the internet. They create a secure channel between devices, safeguarding sensitive information from being intercepted.

Firewall

A security system that acts as a gatekeeper between your network and the outside world, blocking or filtering malicious traffic.

Policy Enforcement

Firewalls enforces rules to control network access and activity, ensuring users and devices follow security guidelines.

Unauthorized Communication

Firewalls stop unwanted connections between your network and outside sources to prevent data leaks and unauthorized access.

Logging and Monitoring

Firewalls keep track of all network activity and events, allowing administrators to monitor for potential security issues and investigate breaches.

Packet Filtering

Firewalls examine the header information of data packets, such as the source and destination addresses, to decide whether to allow or block them.

Stateful Inspection

Firewalls track the state of ongoing connections, considering previous interactions to make more informed decisions about allowing or blocking packets.

Proxy Filtering

Firewalls act as an intermediary between your network and external servers, hiding your internal network details and adding an extra layer of protection.

Deep Packet Inspection (DPI)

Firewalls examine the content of data packets, not just the header information, allowing them to identify and block specific types of content or applications.

Packet Filtering Firewalls

These firewalls rely on predefined rules to examine individual packets based on source and destination addresses, ports, and protocols. They work at the network layer (Layer 3) of the OSI model.

Firewall Categories: What are the different levels of protection?

Firewalls are classified based on their level of protection, ranging from basic packet filtering to advanced techniques that analyze content.

Study Notes

Cyber Crime Introduction

• Cybercrime encompasses crimes involving computers and networks.
• Computers can be used as weapons or targets in criminal activities.
• Cybercrimes include fraud, identity theft, and privacy violations, especially through the internet.
• Cybercrime impacts personal and national security and financial health.
• Cybercrime comprises two main categories:
  • Crimes targeting computer networks/devices (e.g., viruses, DoS attacks).
  • Crimes using computer networks for other criminal activities (e.g., cyberstalking, fraud).

Why Cybercrime is a Grave Offense

• Cybercrime involves the interception and leakage of sensitive information, including military deployments, government communications, and personal data of high-value individuals. This can affect national security and privacy.
• Cybercrimes can involve both state and non-state actors, crossing international borders.
• Cyberwarfare is a term for cross-border cybercrimes involving at least one nation-state.
• A 2018 study, in partnership with McAfee, estimated that $600 billion (nearly 1% of global GDP) is lost to cybercrime annually.

Challenges of Cybercrime

• Lack of awareness regarding cyber rights among people, particularly in developing nations.
• Cybercriminals often operate anonymously, making it difficult to trace their actions or hold them accountable.
• Low numbers of reported cybercrime cases in many jurisdictions hamper effective response and detection.
• Cybercrimes are frequently committed by educated, technologically adept individuals.
• Harsh punishments are not present in all cybercrime cases which can encourage criminal behaviour.

Prevention of Cybercrime

• Using strong, varied usernames and passwords, and avoiding writing them down.
• Employing sophisticated antivirus software on personal devices and computers.
• Maintaining privacy settings on social media platforms.
• Regularly updating device software to mitigate vulnerabilities.
• Using secure networks (avoiding public Wi-Fi for sensitive activities).
• Avoiding suspicious email attachments.
• Maintaining up-to-date software and operating system versions.

Laws Against Cybercrime in India

• The Information Technology Act (IT Act) 2000 covers various types of cybercrimes in India.
• Cybercrimes covered include: Identity theft, Cyberterrorism, Cyberbullying, Hacking, Defamation, Trade Secrets, Freedom of Speech, Harassment, and Stalking.

Classification of Cybercrime

• Cyberterrorism involves violent acts committed via internet or computer systems that result in the loss of human life.
• Cyber-extortion occurs when a website or computer system faces repeated denial-of-service or other malicious attacks from hackers.

Types of Hackers

• White hat hackers engage in ethical hacking, aiming to enhance security by identifying and fixing vulnerabilities.
• Grey hat hackers employ ambiguous methods, sometimes without authorization, often with the aim of receiving a reward for identifying vulnerabilities.
• Black hat hackers operate with malicious intent, performing unauthorized actions for personal gain or harm.

Phases of Hacking

• Reconnaissance: Gathering information about the target system.
• Scanning: Identifying potential vulnerabilities.
• Gaining Access: Exploiting vulnerabilities to gain unauthorized entry.
• Maintaining Access: Establishing persistent presence within the system.
• Covering Tracks: Concealing traces of hacking activity.

Security Threats and CIA Triad

• Risk: The likelihood of a negative security event and its impact on a target.
• Threat: Something that could harm a target (an entity).
• Vulnerability: A flaw in a target that adversaries can exploit.
• Exploit: An attack exploiting a vulnerability (an action taken by an attacker).
• The CIA Triad (Confidentiality, Integrity, Availability) is a key model in security.
• Confidentiality: Limiting access to authorized users.
• Integrity: Ensuring data accuracy and preventing unauthorized modifications.
• Availability: Ensuring resources are accessible when needed.

Cyber Attacks Categories

• Malware Attacks (viruses, worms, Trojans).
• Phishing.
• Man-in-the-Middle (MitM) attacks.
• Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks.
• Ransomware attacks.
• SQL Injection.
• Cross-Site Scripting (XSS).
• Drive-by Downloads.
• Credential Stuffing.
• Social Engineering attacks.
• IoT-based attacks.
• Zero-Day exploits.
• Advanced Persistent Threats (APTs).

Types of Malware

• Virus.
• Worm.
• Trojan horse.
• Rootkit.
• Adware.
• Spyware.
• Keylogger.
• Botnet.

Virus Scanners

• Software identifying virus signatures or suspicious behaviour.
• Email and attachment checking is a common method.
• Download scanning detects malicious programs.
• File scanning compares files to known virus signatures.
• Heuristic scanning analyses the actions of a file to identify if its behavior is like that of a virus.
• Sandbox technique is used where a file is executed in a protected environment.

Intrusion Detection Systems (IDS)

• Network-Based IDS (NIDS) monitors network traffic in real time.
• Host-Based IDS (HIDS) monitors activities on individual devices.
• Hybrid IDS combines network and host monitoring.
• Signature-based detection identifies known malicious patterns.
• Anomaly-based detection identifies deviations from normal behavior.

Firewalls

• Firewalls act as barriers between networks.
• Packet filtering examines packet headers for matching rules.
• Stateful inspection monitors active connections.
• Proxy filtering acts as an intermediary.
• Deep packet inspection examines packet contents.
• Categories include: Packet Filtering, Stateful Inspection, Proxy, and Next-Generation.
• Essential for access control, network security; prevention of unauthorized communication.

SSL/TLS

• SSL/TLS encrypts data transmitted over the internet.
• Key roles: Encryption, data integrity, authentication.
• Protects confidentiality, data integrity, and authenticity of communication.
• Protects login credentials, online transactions, and web browsing.

Securing Log in Credentials, Online Transactions, Web Browsing

• SSL/TLS secures logins, transactions, and browsing.
• Protects confidentiality and integrity of sensitive data.

Virtual Private Networks

• VPNs create secure connections over public networks.
• Three types: PPTP, L2TP, and IPsec.
• Authentication and authorization are essential for securing VPN usage.
• VPNs use encryption to protect data transmitted between users and endpoints.

Authentication and Authorization

• Authentication verifies user identity.
• Authorization grants access based on verified identity and permissions.
• Authentication factors include knowledge, possession, and biometric factors.

Information Security Standards and IPRs

• Cyber Laws (IT Law) address various aspects of information and technology.
• Legal protection related to software, data security, and e-commerce.
• Includes topics like fraudulent activities, copyright infringement, trade secrets, defamation, etc.
• Laws cover issues from user rights to online transactions.

Concept of Patent Rights

• Patents provide exclusive rights to inventors for novel, useful, and non-obvious inventions, applying to software, hardware, business methods as well as digital processes.
• Criteria include novelty (newness), inventive step (non-obviousness), and industrial applicability.

Patent Act of 1970

• Regulates granting and protection of patents.
• Describes patentable inventions, non-patentable areas, application processes, examination, and protection duration.