Cyber security has always been an important aspect of computing systems but its importance has increased greatly in recent years.
The curriculum covers areas
where cyber security is of major importance, but has different security
requirements and may be exposed to different threats and attacks. It also
covers techniques and mechanisms used to secure computer systems and data to
meet those requirements and protect them.
The
areas looked at include computer operating systems (and increasingly,
distributed operating systems), distributed applications (such as electronic
commerce over the Internet), embedded systems (ranging from smart cards to
large industrial plant and telecommunications systems), and users.
The
techniques and mechanisms looked at include cryptography, authentication & authorization,
and access control.
Furthermore,
the curriculum integrates the legal, ethical, and professional perspectives,
for instance, to address concerns about data security, privacy, and societal
impact of computing systems.
By
the end of this article, you will able to explain the concept of cybercrime,
discuss who a hacker is and demonstrate cybercrime motivation.
Nature and Scope of Cyber crime
Cybercrime
is Transnational in nature. These crimes are committed without being physically
present at the crime location. These crimes are committed in the impalpable world of computer networks.
To
commit such crimes the only thing a person needs is a computer which is
connected with the internet. With the advent of lightning fast internet, the
time needed for committing the cybercrime is decreasing. The cyberspace, being
a boundaryless world has become a playground of the perpetrators where they
commit crimes and remain conspicuously absent from the site of crime. It is an
Open challenge to the law which derives its lifeblood from physical proofs and
evidence.
The
cybercrime has spread to such proportion that a formal categorization of this
crime is no more possible. Every single day gives birth to a new kind of
cybercrime making every single effort to stop it almost a futile exercise.
Identification possesses major challenge for cybercrime.
One thing which is common it comes to identification part in cybercrime is Anonymous identity. It is quite an easy task to create false identity and commit crime over internet using that identity.
Cybercrime being technology
driven evolves continuously and ingeniously making it difficult for cyber
investigators in finding solution related to cyber law crimes. Crimes committed
over internet are very different in nature when compared to the physical world.
In
crimes relating to cyber space there is nothing sort of physical footprints,
tangible traces or objects to track cyber criminals down. Cybercrimes possess
huge amount complications when it comes to investigation.
Scope of
Cyber Crime is when an individual intentionally uses
information technology to produce destructive and harmful effects on the
tangible and/or intangible property of others. It has no national boundaries and is usually a
term for criminal activities involving a computer or a network as a tool or a
target.
Cybercrime
can be basically categorized into three parts:
1. Cyber Crimes against persons
2. Cyber Crimes against property
3. Cyber Crimes against government.
1. Cybercrimes against persons
Cybercrimes
committed against persons include various crimes like transmission of child
pornography, harassment of any one with the use of a computer such as e-mail.
The trafficking, distribution, posting, and dissemination of obscene material
including pornography and indecent exposure, constitutes one of the most
important Cybercrimes known today. The potential harm of such a crime to
humanity can hardly be amplified.
2. Cybercrimes against
property
The
second category of Cyber-crimes is that of Cybercrimes against all forms of
property. These crimes include computer vandalism (destruction of others'
property), transmission of harmful programmes.
3. Cybercrimes against
government
The
third category of Cyber-crimes relate to Cyber Crimes against Government. Cyber
terrorism is one distinct kind of crime in this category.
The
growth of internet has shown that the medium of Cyberspace is being used by
individuals and groups to threaten the international governments as also to
terrorize the citizens of a country.
This
crime manifests itself into terrorism when an individual "cracks"
into a government or military maintained website.
•
Malware Where victims are hit with a worm or virus that renders their devices
useless
•
Man in the Middle Where a hacker puts himself between a victim’s machine and a
router to sniff data packets
•
Phishing Where a hacker sends a seemingly legitimate-looking email asking users
to disclose personal information other types of cyber-attacks include
cross-site scripting attacks, password attacks, eavesdropping attacks (which
can also be physical), SQL-injection attacks, and birthday.
Cyber Criminals Motivation
The main motive behind the cybercrime is to disrupt regular business activity and critical infrastructure.
Cybercriminals also commonly manipulate stolen data to benefit financially, cause financial loss, damage a reputation, achieve military objectives, and propagate religious or political beliefs.
Some do not
even need a motive and might hack for fun or simply to showcase their skills.
So who are these cybercriminals? Here is a breakdown of the most common types:
1. Black-Hat Hackers
A
black hat hacker is typically one that engages in cybercrime operations and
uses hacking for financial gain, cyber espionage purposes or other malicious
motives, like implanting malware into computer systems. Gray-Hat Hackers.
2. White-Hat Hackers
A
white hat hacker, also called an ethical hacker, is the antithesis of a black
hat hacker. White hat hackers are not cybercriminals, rather they are security
specialists hired by organizations to conduct tasks such as penetration tests
and vulnerability assessments on their systems to improve their security defenses.
When working as pen testers, white hat hackers conduct tests and attacks on
networks, websites and software in order to identify possible vulnerabilities.
They
also follow established rules, such as bug bounty policies. They will notify
the affected organizations directly of any issues so that a patch can be
released or other steps taken to fix the flaw.
3. Suicide Hackers
Suicide
hackers are individuals who aim to bring down critical infrastructure for a
“cause” and are not worried about facing jail terms or any other kind of
punishment. They are similar to suicide bombers, who sacrifice their life for
an attack and are thus not concerned with the consequences of their actions.
4. Script Kiddies
A
derogatory term often used by amateur hackers who do not care much about the
coding skills. These hackers usually download tools or use available hacking
codes written by other developers and hackers. Their primary purpose is usually
to impress their friends or gain attention.
However,
they do not care about learning. By using off-the-shelf codes and tools, these
hackers may launch some attacks without bothering for the quality of the
attack. Commonest cyber-attacks by script kiddies might include DoS and DDoS
attacks.
5. Gray Hats Hackers
Gray
hat hacker’s fall somewhere in between white hat and black hat hackers. While
they will not use their skills for personal gain, they can, however, have both
good and bad intentions. As an example, a hacker who hacks into a corporation
and finds some vulnerability may leak it over the web or inform the
organization about it. It all depends upon the hacker. Nevertheless, as soon as
hackers use their hacking skills for personal gain they become black hat
hackers. There’s a fine line between these two.
6. Blue Hats Hackers
These
are another form of novice hackers very similar to script kiddies whose main
agenda is to require revenge on anyone who makes them angry. They need no
desire for learning and should use simple cyber-attacks like flooding your IP
with overloaded packets which can result in DoS attacks.
A
script kiddie with a vengeful agenda is often considered a blue hat hacker.
7. Malicious Insider or
Whistle blower
A malicious insider or a whistle blower could
also be an employee with a grudge or a strategic employee compromised or hired
by rivals to garner trade secrets of their opponents to remain on top of their
game. These hackers may take privilege from their quick access to information
and their role within the corporate to hack the system.
8. State/Nation Sponsored
Hackers
State or Nation sponsored hackers are those that have been employed by their
state or nation’s government to snoop in and penetrate through full security to
realize tip from other governments to stay at the highest online. They have an
endless budget and extremely advanced tools at their disposal to target
individuals, companies or rival nations.
9. Hacktivist Hackers
Hacktivist
is when hackers break into government or corporate computer systems as an act
of protest. Hacktivists use hacking to increase awareness of their social or
political agendas, as well as themselves, in both the online and offline
arenas. They are individuals who promote a political agenda by hacking,
especially by defacing or disabling websites.
Common
hacktivist targets include government agencies, multinational corporations, or
any other entity that they perceive as a threat. It remains a fact, however,
that gaining unauthorized access is a crime, irrespective of their intentions.
Conclusion on Scope of
While
click fraud appears to be a problem with a scope limited to just advertisers
and ad networks, fraudsters’ use of infected computers to click ad links makes
click fraud a problem for everyone with a computer. Being part of a click fraud
botnet consumes a system’s bandwidth and displays additional advertisements to
the user, which is usually undesirable.
Systems
connected to the Internet are at risk of infection from exposure to
social-engineering attacks or vulnerability exploitation. Regardless of the
infection vector, compromised machines can wait for commands from the attacker,
which turns the system into a bot.
0 Comments