Prepared By:

Y.A.Hathaliya
Lecturer in Computer Engg. Department
A.V.P.T.I, Rajkot
Topics To be Covered
• Introduction to Cyber Security
• Types of Cyber Attacks
• Vulnerabilities in Cyber Security
• Intruders
• Hackers
• Cyber Threats (Worms, Virus, Ad-Ware, Spy-Ware, Trojans, Covert Channels,
Backdoors, Bots, IP Spoofing, ARP Spoofing, Session Hijacking).

• Cyber Crimes and Types of it

• Hacking
• Attack Vectors
• Cyberspace and Criminal Behavior
• Traditional Problems Associated with Computer/Cyber Crime.
Introduction to Cyber Security
• Cybersecurity is the practice of protecting computer systems, networks, and
digital information from unauthorized access, attacks, damage, or theft.
• In an increasingly interconnected and digitized world, where individuals,
organizations, and governments rely heavily on technology, cybersecurity plays a
essential role in safeguarding sensitive data and ensuring the integrity and
availability of digital assets.
• The rapid evolution of technology and the universal use of the internet have
brought numerous benefits but have also introduced new challenges and risks.
• Cyber threats, including malware, phishing attacks, ransomware, and various
other forms of cybercrime, have become more sophisticated and prevalent.
• As a result, the field of cybersecurity has emerged as a critical discipline aimed at
understanding, preventing, and responding to these evolving threats.
• Key Components or basic principals of cybersecurity are listed below that has to
maintain and don’t break during communication.
▪ Confidentiality
▪ Integrity
▪ Availability
▪ Authentication
▪ Authorization
▪ Non Repudiation
Types of Cyber Attacks
❑ Malware Attacks
• Viruses: Malicious code that attaches itself to legitimate programs and
spreads when those programs are executed.
• Worms: Self-replicating malware that spreads across networks without user
intervention.
• Trojans: Malware disguised as legitimate software, often tricking users into
installing it.
❑ Phishing Attacks
• Email Phishing: Deceptive emails that aim to trick recipients into revealing
sensitive information or clicking on malicious links.
❑ Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
• DoS Attacks: Overloading a system or network to make it unavailable to users.
• DDoS Attacks: Coordinating a large number of compromised devices to flood
a target with traffic, causing a service disruption.
❑ Man-in-the-Middle (MitM) Attacks
• Eavesdropping: Intercepting and monitoring communication between two
parties without their knowledge.
• Session Hijacking: Taking over an established session between a user and a
system.
❑ SQL Injection
• Exploiting vulnerabilities in web applications to inject malicious SQL code,
enabling unauthorized access or manipulation of databases.
❑ Cross-Site Scripting (XSS)
• Injecting malicious scripts into web pages that are viewed by other users,
potentially leading to the theft of sensitive information.
❑ Ransomware Attacks
• Encrypting a user's data and demanding a ransom payment for its release.
Ransomware can target individuals, businesses, or even entire networks.
❑ Social Engineering Attacks
• Manipulating individuals into divulging sensitive information through
psychological manipulation or deception in connected devices to gain
unauthorized access or control.
❑ Insider Threats
• Attacks or security breaches initiated by individuals within an organization,
either intentionally or unintentionally.
Vulnerabilities in Cyber Security
• Vulnerabilities in cybersecurity refer to weaknesses in computer systems,
networks, applications, and processes that could be exploited by attackers to
compromise the security of information or systems.
• Here are some common categories of vulnerabilities:
❑ Software Vulnerabilities
• Unpatched Software: Failure to apply security patches and updates can
leave systems exposed to known vulnerabilities.
• Insecure Configurations: Incorrectly configured software or systems may
have settings that can be exploited by attackers.
❑ Network Vulnerabilities
• Weak Network Security: Inadequate firewall configurations, lack of
intrusion detection/prevention systems, and weak network
segmentation can expose networks to attacks.
• Open Ports and Services: Unnecessary open ports and services increase
the attack surface and may lead to unauthorized access.
❑ Human Factor Vulnerabilities
• Weak Passwords: Poor password practices, such as using easily
guessable passwords or not changing default credentials, can lead to
unauthorized access.
❑ Physical Security Vulnerabilities
• Unauthorized Access: Lack of physical access controls, such as unsecured
server rooms or unlocked devices, can result in unauthorized access to critical
systems.
❑ Application-Level Vulnerabilities
• Code Injection: Poorly designed applications may be susceptible to injection
attacks, such as SQL injection or cross-site scripting (XSS).
• Insecure APIs: Flaws in the design or implementation of application
programming interfaces (APIs) can lead to data breaches and unauthorized
access.
❑ Operating System Vulnerabilities
• Outdated OS: Using an outdated or unsupported operating system may
expose systems to known vulnerabilities that have not been patched.
• Insufficient Access Controls: Inadequate permissions and access controls can
result in unauthorized users gaining escalated privileges.
❑ Supply Chain Vulnerabilities
• Third-Party Software: Dependencies on third-party software or libraries with
vulnerabilities can introduce security risks.
• Compromised Hardware: Malicious actors may tamper with hardware
components during the supply chain process, compromising the integrity of
systems.
Intruders
• The most common threat to security is an attack by an Intruder.
• Intruders are often referred to as hackers and are the most harmful factors
contributing to the vulnerability of security, they have immense knowledge and
an in-depth understanding of technology and security.
• Intruders crack the privacy of users and aim to steal the confidential information
of the users, the stolen information is then sold to third parties, which aim at
misusing the information for their own personal or professional gains.
• Three Classes of Intruders:
❑ Masquerader
• An individual who is not authorized to use the computer and who
penetrates a system’s access controls to exploit a legitimate user’s
account.
❑ Misfeasor
• A legitimate user who accesses data, programs, or resources for which
such access is not authorized, or who is authorized for such access but
misuses his or her privileges.
❑ Clandestine User
• An individual who seizes supervisory control of the system and uses this
control to escape auditing and access controls.
Hackers
• Hacker can be used to describe individuals with various skills and motivations
related to computer systems and networks, It's important to note that not all
hackers engage in malicious activities.
• Here are some common types of hackers,
❑ White Hat Hackers (Ethical Hackers)
• It uses their skills to identify and fix security vulnerabilities.
• They work to strengthen the security of systems, often employed by
organizations to conduct penetration testing and security assessments.
❑ Black Hat Hackers
• Black hat hackers engage in malicious activities for personal gain or with
harmful intent.
• They may exploit vulnerabilities, steal sensitive information, launch
attacks, or cause damage to computer systems. These individuals are
typically associated with illegal and unethical activities.
❑ Gray Hat Hackers
• Gray hat hackers fall somewhere between white hat and black hat hackers.
• They may break into systems without explicit permission, but they claim to
do so for ethical reasons, such as exposing vulnerabilities or flaws.
However, their actions may still be considered illegal.
❑ Hacktivists
• Hacktivists are individuals or groups who hack for political, social, or
ideological reasons. Their activities often involve defacing websites,
disrupting services, or stealing and leaking information to promote a specific
cause.
❑ Cyber Criminals
• Cyber criminals are individuals or groups motivated by financial gain. They
may engage in activities such as stealing personal information, conducting
ransomware attacks, or committing fraud for monetary benefits.
❑ State Sponsored Hackers
• State-sponsored hackers are individuals or groups supported by governments
to conduct cyber warfare, or other activities in the interest of the sponsoring
nation.
❑ Malware Authors
• Individuals who create and distribute malicious software, such as viruses,
worms, Trojans, and ransomware
Cyber Threats
• Cyber threats refer to malicious activities or risks that target computer systems,
networks, and digital infrastructure with the intent of causing harm.
• These threats can compromise the confidentiality, integrity, or availability of
information, leading to financial losses, reputation damage, or disruption of
essential services.
• Here are some common types of cyber threats:
❑ Worms
• Worms are self-replicating malware that can spread across networks
without user intervention.
• They typically exploit vulnerabilities in operating systems or software
to infect and spread.
❑ Virus
• Viruses are malicious programs that attach themselves to legitimate
files or software.
• They replicate when the infected program runs, spreading to other files
and systems.
• Viruses can cause various types of damage, such as data corruption or
deletion.
❑ Adware
• Adware, short for advertising-supported software, displays unwanted
advertisements on a user's device. While not always malicious, some adware
can compromise user privacy by collecting and transmitting personal
information.
❑ Spyware
• Spyware is designed to secretly monitor and collect user information
without their knowledge.
• It can capture keystrokes, browser history, login credentials, and other
sensitive data, often for malicious purposes.
❑ Trojans
• Trojans, or Trojan horses, are deceptive programs that appear legitimate but
contain malicious code.
• They can perform various harmful actions, such as granting unauthorized
access, stealing data, or facilitating other types of malwares.
❑ Covert Channels
• Covert channels are methods of communication that are hidden or not
easily detectable, In a security context, they can be used by attackers to
transmit information stealthily, bypassing security measures.
❑ Backdoors
• Backdoors are hidden access points in a system that allow unauthorized
entry and control.
• They are often created by attackers to maintain persistent access to
compromised systems.
❑ Bots
• Bots are networks of compromised computers controlled by a single entity
for activities like launching DDoS Attacks or spreading malware.
❑ IP Spoofing
• IP spoofing involves manipulating the source IP address in network packets
to deceive recipients about the origin of the message.
• Attackers may use IP spoofing to bypass access controls or launch attacks
while appearing to be from a trusted source.
❑ ARP Spoofing
• ARP (Address Resolution Protocol) spoofing involves linking a false MAC
address with an IP address within a network. This can lead to traffic
interception, eavesdropping, or man-in-the-middle attacks.
❑ Session Hijacking
• Session hijacking occurs when an attacker intercepts and takes control of an
active user session. This can lead to unauthorized access to sensitive
information or systems.
Cyber Crime and Its Types
• Cybercrime refers to criminal activities carried out using the Internet, computer
systems, or other digital technologies.
• These offenses may target individuals, organizations, or governments, and they
can encompass a wide range of illegal activities.
• Here are some common types of cyber crime:
❑ Hacking
• Unauthorized access to computer systems or networks to gather,
manipulate, or disrupt data.
❑ Malware
• The creation and dissemination of malicious software (malware), such
as viruses, worms, trojan horses, and ransomware, with the intent to
harm or gain unauthorized access.
❑ Phishing
• Deceptive attempts to acquire sensitive information, such as
usernames, passwords, and financial details, by posing as a
trustworthy entity in electronic communication.
❑ Identity Theft
• Unauthorized use of someone else's personal information to commit
fraud or other criminal activities.
❑ Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
• Overloading a target's computer system or network to make it unavailable
to users.
❑ Online Fraud
• Various forms of fraud conducted over the Internet, including online
scams, fake auctions, and fraudulent online purchases.
❑ Child Exploitation
• The use of digital technology to exploit children, including online grooming,
child pornography, and other forms of abuse.
❑ Cyberbullying
• Harassment, pressure, or mistreatment that occurs online, often through
social media platforms, email, or messaging apps.
❑ Financial Cybercrimes
• Crimes involving the theft of financial information, such as credit card
fraud, online banking fraud, and cryptocurrency-related offenses.
❑ Cyber Extortion
• Threatening to reveal sensitive information, launch attacks, or damage
systems unless a ransom is paid.
❑ Insider Threats
• Unauthorized or malicious activities conducted by individuals within an
organization, such as employees or contractors, who misuse their access to
compromise security.
❑ Rogue Software
• Distributing fake or malicious software that misleads users into thinking it is
legitimate or useful, often leading to financial losses or security breaches.
❑ Cyber Stalking
• Repeated, unwanted, and intrusive online behaviors, including monitoring,
harassment, or threats, directed towards an individual or group.
Hacking
• Hacking refers to the unauthorized access, manipulation, or exploitation of
computer systems, networks, or electronic devices.
• Individuals who engage in hacking activities are commonly referred to as
"Hackers"
• Here are some key aspects of Hacking:
❑ Unauthorized Access
• Hacking often involves gaining access to computer systems or networks
without the explicit permission of the system owner or administrator.
❑ Types of Hackers
• White Hat Hackers (Ethical Hackers)
• It uses their skills to identify and fix security vulnerabilities.
• They work to strengthen the security of systems, often employed by
organizations to conduct penetration testing and security
assessments.
• Black Hat Hackers
• Black hat hackers engage in malicious activities for personal gain or
with harmful intent.
• They may exploit vulnerabilities, steal sensitive information, launch
attacks, or cause damage to computer systems. These individuals are
typically associated with illegal and unethical activities.
• Gray Hat Hackers
• Gray hat hackers fall somewhere between white hat and black hat
hackers.
• They may break into systems without explicit permission, but they
claim to do so for ethical reasons, such as exposing vulnerabilities or
flaws. However, their actions may still be considered illegal.
• Hacktivists
• Hacktivists are individuals or groups who hack for political, social, or
ideological reasons. Their activities often involve defacing websites,
disrupting services, or stealing and leaking information to promote a
specific cause.
• Cyber Criminals
• Cyber criminals are individuals or groups motivated by financial gain.
They may engage in activities such as stealing personal information,
conducting ransomware attacks, or committing fraud for monetary
benefits.
• State Sponsored Hackers
• State-sponsored hackers are individuals or groups supported by
governments to conduct cyber warfare, or other activities in the
interest of the sponsoring nation.
• Malware Authors
• Individuals who create and distribute malicious software, such as
viruses, worms, Trojans, and ransomware
❑ Method of Hacking
• Social Engineering: Manipulating individuals into divulging confidential
information through deceptive means.
• Phishing: Using fake websites, emails, or messages to trick individuals
into providing sensitive information.
• Brute Force Attacks: Attempting to gain access by systematically trying
all possible combinations of passwords or encryption keys.
• Exploiting Software Vulnerabilities: Identifying and taking advantage of
weaknesses in software or applications.
• Man-in-the-Middle Attacks: Intercepting and altering communication
between two parties without their knowledge.
❑ Motivations for Hacking
• Financial Gain: Stealing financial information, conducting online fraud, or
demanding ransom.
• Spying: Gathering sensitive information for political, economic, or military
purposes.
• Hacktivism: Hacking for ideological or political reasons to promote a
social or political agenda.
• Personal Satisfaction or Challenge: Some hackers may be motivated by
the intellectual challenge of breaking into systems.
Attack Vectors
• Attack Vectors are paths or methods that cyber attackers use to gain
unauthorized access to computer systems, networks, or devices.
• These vectors represent the various paths through which malicious actors exploit
vulnerabilities to compromise the security of a system.
• Here are some common Attack Vectors:
❑ Phishing
• Attackers send deceptive emails, often disguised as legitimate
communications, to trick individuals into revealing sensitive information
or clicking on malicious links.
❑ Malware
• Email Attachments: Malicious software can be delivered through email
attachments that, when opened, infect the user's system.
• Infected Websites: Drive-by downloads occur when users visit
compromised websites, unknowingly downloading malware onto their
systems.
❑ Social Engineering
• Manipulation of Trust: Attackers exploit human psychology to
manipulate individuals into divulging sensitive information or taking
specific actions.
❑ Brute Force Attacks
• Attempting to gain unauthorized access to a system by systematically trying
all possible combinations of passwords or encryption keys.
❑ SQL Injection
• Exploiting vulnerabilities in web applications to inject malicious SQL code into
input fields, potentially allowing unauthorized access to databases.
❑ Cross-Site Scripting (XSS)
• Injecting malicious scripts into websites, which are then executed by users'
browsers, allowing attackers to steal information or perform actions on
behalf of the user.
❑ Man-in-the-Middle (MitM) Attacks
• Intercepting and potentially altering communication between two parties,
allowing attackers to eavesdrop on sensitive information.
❑ Physical Access
• Gaining access to physical devices or infrastructure to compromise security,
install malware, or steal sensitive information.
❑ USB and Removable Media Attacks
• Distributing malware or executing malicious actions through infected USB
drives or other removable media.
❑ Bluetooth and IoT Exploitation
• Exploiting vulnerabilities in Bluetooth connections or Internet of Things (IoT)
devices to gain unauthorized access.
Cyberspace and Criminal Behavior
• Cyberspace, the virtual environment created by interconnected computer
systems and networks, has provided a platform for numerous activities, including
both legal and criminal behaviors.
• Criminals influence the secrecy using various illegal activities.
• Here are some ways in which cyberspace intersects with criminal behavior:
▪ Cybercrime
▪ Cyber Spying
▪ Cyber Terrorism
▪ Illegal Online Markets
▪ Child Mistreatment
▪ Cyberbullying
▪ Financial Crimes
▪ Unauthorized Access and Data Theft
▪ Online Scams
▪ Disinformation and Cyber Influence Operations
• Addressing criminal behaviour in cyberspace requires international cooperation,
robust cybersecurity measures, regulation, and law enforcement efforts.
• Governments, organizations, and individuals need to stay attentive, adopt
security best practices, and work together to combat the evolving landscape of
cybercrime.
Traditional Problems Associated with Computer Crime
❑ Jurisdictional Challenges
• Determining jurisdiction can be difficult when cybercrimes transcend
national borders.
• Crimes committed online may involve perpetrators and victims in different
countries, making it challenging for law enforcement to pursue and
prosecute offenders.
❑ Anonymity and Pseudonymity
• Cybercriminals often use various techniques to conceal their identities, such
as operating under aliases or using anonymizing tools like virtual private
networks (VPNs),This anonymity makes it challenging for law enforcement to
trace and apprehend offenders.
❑ Rapid Evolution of Technology
• Technology evolves quickly, and cybercriminals adapt their methods
accordingly.
• Law enforcement agencies and security measures may struggle to keep pace
with the constantly changing landscape of cyber threats.
❑ Attribution Difficulties
• Determining the true identity of cybercriminals and attributing specific
cybercrimes to individuals or groups can be challenging.
❑ Cross-Border Collaboration
• Legal systems and law enforcement agencies across different countries often
face challenges in collaborating effectively.
• Varying laws, cultural differences, and bureaucratic hurdles can impede
international efforts to combat cybercrime.
❑ Resource Limitations
• Law enforcement agencies may lack the resources, both in terms of
personnel and technology, to effectively investigate and combat the
increasing volume and complexity of cybercrimes.
❑ Reporting and Awareness
• Underreporting of cybercrimes is common due to victims' unwillingness to
report incidents, lack of awareness, or fear of reputational damage.
❑ Evidence Collection and Preservation
• Digital evidence, such as logs, files, and network data, may be easily
manipulated or destroyed.
• Properly collecting and preserving digital evidence for legal proceedings can
be challenging, requiring specialized knowledge and tools.
❑ Public Perception and Education
• Lack of awareness and understanding of cyber threats can contribute to
individuals and organizations falling victim to cybercrimes.
• Public education about online risks and best practices for cybersecurity is
essential.
Important Questions
Unit-5 (CO-5)
Sr No. Question
1 Define Cyber Security.
List Cyber Attacks and Explain any Four.
2 OR
List types of cyber attacks.
3 List Vulnerabilities in Cyber Security.
4 Define Intruders,Explain its Types.
5 Define Hackers, Explain Its Types.
List Cyber Threats and Explain any Four.
6 OR
Discuss different types of threats.
Define Cybercrime and Explain its types in detail.
7 OR
List types of cybercrime.
8 Define Hacking and List Methods of Hacking.
9 List Attack Vectors and Explain any Four.
10 List Different ways by which cyberspace intersects with criminal behavior.
11 Explain Traditional Problems Associated with Computer/Cyber Crime.
12 Define worms, viruses and trojans
13 Describe cybercrime with its types in detail
14 Describe IP Spoofing, ARP spoofing and Session Hijacking in detail.