Introduction

to
Cyber Security

Created By :
Mr. Beerappa Belasakarge | CSE
Course Objectives:

 Identify and explain the core concepts and principles of

cybersecurity.

 Assess and differentiate various types of cyber threats,

vulnerabilities, and risks.

 Demonstrate proficiency in using cybersecurity tools and

techniques to detect, analyze, and respond to security
incidents.
Cyber
crime

Cybercrime refers to illegal activities that are

conducted through digital means, primarily using
computers and the internet.
Characteristics of Cybercrime

 Digital  Data Theft and

Fraud
Environment  Disruption of
 Unauthorized
Services
Access

 Malware  Financial Crimes

 Disruption of Services  Cyberstalking and
Harassment
Difference Between Traditional Crime and Cybercrime

• Location and Environment

• Traditional Crime: Occurs in the physical world (e.g., robbery, assault).

• Cybercrime: Occurs in cyberspace, utilizing computers and networks (e.g.,
hacking, phishing).

• Tools and Methods

• Traditional Crime: Physical tools (e.g., weapons, lock-picking tools).

• Cybercrime: Digital tools (e.g., malware, exploit kits, phishing emails).
• Perpetrators
• Traditional Crime: Typically localized individuals or groups.
• Cybercrime: Can involve global networks of cybercriminals operating
anonymously.
• Victims
• Traditional Crime: Often individuals or physical entities in specific locations.
• Cybercrime: Individuals, organizations, and governments worldwide can be
targeted simultaneously.
• Evidence and Investigation
• Traditional Crime: Physical evidence (e.g., fingerprints, DNA).
• Cybercrime: Digital evidence (e.g., IP addresses, log files).
• Impact and Reach
• Traditional Crime: Limited by geographical boundaries.
• Cybercrime: Can have widespread impact across multiple countries and regions.
• Legal Framework
• Traditional Crime: Long-established laws and procedures.
• Cybercrime: Evolving legal frameworks and international cooperation required.
Historical context : origins and evolution of
cybercrime.
Early Beginnings (1960s-1980s)

• 1960s
• First Notable Incident: Use of mainframe computers by tech-savvy
individuals for unauthorized activities.
• Theoretical Concepts: Early discussions on computer crimes among
academic circles.
• 1970s
• Birth of Hacking: Emergence of the first hackers exploring and exploiting
system vulnerabilities.
• The "Phone Phreaks": Hacking of telephone systems to make free calls.
• 1980s
• First Cybercrime Laws: Introduction of initial laws against computer
crimes in the U.S. (Computer Fraud and Abuse Act, 1986).
Growth and Expansion (1990s)

• Internet Boom: Widespread adoption of the internet, leading to new

avenues for cybercrime.

• Notable Incidents:

• Morris Worm (1988): One of the first widespread worms causing

significant disruption.
• Kevin Mitnick's Arrest (1995): High-profile hacker arrested for
multiple cybercrimes.

• Cybercrime Organizations: Formation of organized cybercriminal

groups for profit-driven activities.
Modern Era (2000s-Present)
• Significant Cases:
• Stuxnet (2010): Cyber-attack on Iran's nuclear facilities, showcasing the
potential for cyber warfare.
• WannaCry Ransomware (2017): Global ransomware attack affecting
hundreds of thousands of computers.
• Global Cooperation: Establishment of international frameworks and
organizations (e.g., INTERPOL Cybercrime Directorate, Budapest Convention)
to combat cybercrime.

Emerging Trends

• IoT Vulnerabilities: Increasing attacks on Internet of Things (IoT) devices.

• Cryptocurrency-related Crimes: Rise in crimes involving cryptocurrencies
like Bitcoin.
• AI and Machine Learning: Both as tools for cybercriminals and as defenses
against cyber threats.
Importance of Information Security

o The practice of protecting information and information

systems from unauthorized access, use, disclosure,
disruption, modification, or destruction.

o Ensures the protection of data whether in storage, transit,

or processing.

o Involves implementing measures and systems designed to

safeguard the confidentiality, integrity, and availability of
information.
Key Objectives: The CIA Triad
o Confidentiality: Ensures that sensitive information is accessed
only by authorized individuals. Protects data from unauthorized
disclosure. Methods: Encryption, access control, authentication
mechanisms.

o Integrity: Ensures that information remains accurate and

unaltered. Protects data from being modified or tampered with by
unauthorized parties. Methods: Checksums, hashing, digital
signatures.

o Availability: Ensures that information and resources are

accessible to authorized users when needed. Protects against
disruptions that could affect access to data and systems.
Methods: Redundancy, failover mechanisms, regular backups.
Importance of Information Security in the Digital Age
 Protection Against Cyber Threats
Shields organizations and individuals from cyber attacks such as hacking,
malware, and phishing

 Compliance and Legal Requirements

Ensures adherence to regulatory standards (e.g., GDPR, HIPAA) to avoid legal
penalties and fines

 Safeguarding Reputation
Maintains trust and confidence among customers, partners, and stakeholders

 Operational Continuity
Ensures that business operations remain uninterrupted

 Protection of Intellectual Property

Secures proprietary information and trade secrets from theft or unauthorized
access
Who are Cyber Criminals

Cybercrime involves such activities as child

pornography; credit card fraud; cyberstalking;
defaming another online; gaining unauthorized
access to computer systems; ignoring copyright,
software licensing and trade- mark protection;
overriding encryption to make illegal copies;
software piracy and stealing another's identity
(known as identity theft) to perform criminal.
Categorized Into Three Groups

01
Hungry for
recognition
• Hobby Hackers
• IT Professionals (Social
Engineering)
• Politically Motivated
Hackers
• Terrorist Organizations
 02
Not Interested In
Recognition
• Psychological perverts
• Financially motivated
hackers
• State- sponsored
hacking
• Organized criminals
 03
Cybercriminals – the
insiders
• Seeking Revenge
• Competing companies using
employees to gain economic
advantage through damage
and/ or theft.
Classifications of
Cybercrimes
• Cyber Crime against Individual

• Cybercrime against Property

• Cybercrime against
organization

• Cybercrime against Society

Cyber Crime against
Individual

• Email- Spoofing
• Online Frauds
• Phishing – Vishing & Smishing
• Spamming
• Cyber Defamation
• Cyberstalking and Harassment
• Computer Sabotage
• Pornographic Offenses
• Password Sniffing
Cyber Crime against
Property

• Credit Card Frauds

• Intellectual Property (IP)
Crimes
• Internet time theft
Cybercrime against
Organization
• Unauthorized accessing of Computer
• Password Sniffing
• Denial-of-service Attack (DOS attacks)
• Virus Attacks
• E-Mail bombing/ Mail bombs
• Salami attack/ salami technique
• Trojan Horse
• Data Diddling
• Industrial Spying
Cyber Crime against
Society

• Forgery
• Cyberterrorism
• Web Jacking
Cybercrime : The Legal
Perspectives
 Module – 2

Cyber Offences
• Categories of cybercrimes, Reconnaissance, Passive
attacks, Active attacks, Scanning and Scrutinizing
gathered Information, Attack(Gaining and Maintaining
System access),
• Social Engineering-Classification of Social
Engineering, Cyberstalking, Cybercafe and
Cybercrimes, Botnet-The fuel of Cybercrime, Attack
Vector, Cybercrime and Cloud Computing.
Categories of Cybercrime

1. Crimes targeted at individuals

2. Crimes targeted at property
3. Crimes targeted at organizations
4. Single event of cybercrime
5. Series of events
Reconnaissance

Cybersecurity reconnaissance is the

initial phase of a cyber attack, where a
threat actor gathers information about
a target system or network to identify
vulnerabilities and plan an attack. The
term "reconnaissance" comes from
military operations, where it refers to
the act of spying or surveying to gain
information about an enemy.
 Passive attacks
• Search Engines
• Organization websites
• Blogs / Newspapers
• Job Posting

Active attacks
• IP addresses
• Operating Systems types and versions

Risk of Detection
Scanning and Scrutinizing gathered Information
Scanning is a Key step to examine intelligently while gathering information about
the target. The objectives of scanning are as follows

1. Port Scanning
2. Network Scanning
3. Vulnerability Scanning

Tools :- Nmap, Nessus essentials

Attack(Gaining and Maintaining System access)

After the scanning and enumeration, the attack is launched using following steps.

1. Crack the password

2. Exploit the privileges
3. Execute the malicious commands/applications
4. Hide the files (if required)
5. Cover the tracks – delete the access logs.
Social
Engineering

Social engineering refers to all

techniques aimed at talking a target
into revealing specific information or
performing a specific action for
illegitimate reasons.
 Classification of Social
Engineering
1. Impersonating an employee or valid user
2. Posing as an important user
3. Using a third person
4. Calling technical support
5. Shoulder surfing
6. Dumpster diving
Cyberstalking

Cyberstalking is when a cybercriminal uses email, direct

messaging, or other electronic means to harass, scare,
or threaten someone with physical harm. It takes
different forms,

including :
Monitoring: Tracking someone's online activity or physical location

Threats: Making death threats or other threats of violence

Identity theft: Stealing someone's identity for financial gain

Doxxing: Publishing someone's private information online

Blackmail: Using personal information or photos to blackmail a victim

 Types of Stalkers
1. Online stalkers
2. Offline stalkers
Cybercafe and Cybercrimes

• Always logout
• Stay with computer
• Clear History and temporary files
• Be alert
• Avoid online financial transactions
• Change Password
 Botnets : The Fuel for
Cybercrimes
A botnet is a network of internet-connected devices that are infected
with malware and controlled by a single attacker to perform malicious
tasks
A botnet is a collection of devices, such as computers,
smartphones, and internet of things (IoT) devices, that
are infected with malware and controlled by a single
attacker. The attacker, known as the "bot-herder", can
use the botnet to perform a variety of malicious tasks.
 Attack Vector

• Attack by E-mail
• Attachments (and other files )
• Hackers
• Heedless Guests (attack by webpage)
• Attack of the worms
• Malicious macros
• Viruses
 Cloud Computing

IaaS SaaS

PaaS
 security risks in cloud
computing
Major security risks in cloud computing
include

• Data breaches
• Hijacking of accounts
• Insecure APIs
• Inside threats, and
• Misconfigurations in the cloud.
Password
Cracking

1. Online Attacks
2. Offline Attacks
Types of password cracking attack

• Dictionary attack
• Hybrid attack
• Brute force attack
Keyloggers and Spyware

• A keylogger or keystroke logger/keyboard

capturing is a form of malware or
hardware that keeps track of and records
your keystrokes as you type. It takes the
information and sends it to a hacker
using a command-and-control (C&C)
server.

• Spyware is largely invisible

software that gathers information