UNIT-IV : CYBER Cyber Security: Cyber Crime and Information security – Classification
of cyber Crime Types.
INTRODUCTION OF CYBER SECURITY
Cybersecurity is the practice of protecting digital devices, networks, and sensitive data from
cyber threats such as hacking, malware, and phishing attacks." It involves a range of strategies,
technologies, and best practices designed to safeguard computers, networks, and data
from cyber attacks.
Cybersecurity involves using specialized tools to detect and remove harmful software while
also learning to identify and avoid online scams. Practicing good cybersecurity habits helps
keep your data private and ensures a safe online experience. It's also referred to
as Information Security (INFOSEC), Information Assurance (IA), or System Security.
Common Cyber Attacks You Should Know
Attack Type What It Means
Phishing is a cyber attack where hackers trick users into revealing
sensitive data like passwords, banking details, or session
Phishing tokens through fake emails, messages, or websites. It uses social
engineering to impersonate trusted sources and often includes malicious
links or attachments to steal information.
DDoS
(Distributed Hackers flood a website or server with too much traffic, so it slows down
Denial of or crashes. It’s like a traffic jam that blocks real users from getting in.
Service)
1
�Cyberattacks happen every day worldwide, and without basic protection, anyone, individuals
or companies, can become a victim. That’s why understanding cybersecurity is as important as
locking your house.
A key part of cybersecurity is encryption, which keeps sensitive information private and
accessible only to authorized users. It’s vital for protecting financial transactions, personal
messages, and corporate data from theft or misuse.
Types of Cybersecurity
There are seven types of cyber security, each explained below in detail with uses and
functions:
1. Network Security
It focuses on securing computer networks from unauthorized access, data breaches, and other
network-based threats. This involves implementing technologies such as Firewalls, Intrusion
detection systems (IDS), Virtual private networks (VPNs), and Network segmentation as
well as deploying antivirus software
Using public Wi-Fi in locations like cafes and malls poses significant security risks.
Malicious actors on the same network can potentially intercept your online activity,
including sensitive information. If you use payment gateways on these unsecured networks,
your financial data could be compromised because these open networks don’t have
proper security layers, which means anyone—even hackers—can watch what you're doing
online.
So, use a secure private network or VPN to protect your internal network from outside
threats
2. Application Security
Concerned with securing software applications and preventing vulnerabilities that could be
exploited by attackers. It involves secure coding practices, regular software updates and
patches, and application-level firewalls.
Most of the Apps that we use on our cell phones are Secured and work under the rules and
regulations of the Google Play Store.
2
� There are 3.553 million applications in Google Play, Apple App Store has 1.642 million,
and Amazon App Store has 483 million available for users to download. With so many
choices, it’s easy to assume all apps are safe—but that’s not true.
Some apps pretend to be secure, but once installed, they collect personal data and secretly
share it with third-party companies.
The app must be installed from a trustworthy platform, not from some 3rd party website in
the form of an APK (Android Application Package).
3. Information or Data Security
Focuses on protecting sensitive information from unauthorized access, disclosure, alteration, or
destruction. It includes Encryption, Access controls, Data classification, and Data loss
prevention (DLP) measures.
Incident response refers to the process of detecting, analyzing, and responding to security
incidents promptly.
Promoting security awareness among users is essential for maintaining information
security. It involves educating individuals about common security risks, best practices for
handling sensitive information, and how to identify and respond to potential threats like
phishing attacks or social engineering attempts.
Encryption is the process of converting information into an unreadable format (ciphertext)
to protect it from unauthorized access.
4. Cloud Security
It involves securing data, applications, and infrastructure hosted on cloud platforms, and
ensuring appropriate access controls, data protection, and compliance. It uses various cloud
service providers such as AWS, Azure, Google Cloud, etc., to ensure security against multiple
threats.
Cloud-based data storage has become a popular option over the last decade. It enhances
privacy if configured and managed correctly and saves data on the cloud, making it
accessible from any device with proper authentication.
These platforms offer free tiers for limited usage, and users must pay for additional storage
or services
It is a cloud service provider that offers a wide range of services, including storage,
computing, and security tools.
5. Endpoint Security
Refers to securing individual devices such as computers, laptops, smartphones, and IoT
devices. It includes antivirus software, intrusion prevention systems (IPS), device encryption,
and regular software updates.
Antivirus and Anti-malware software that scans and detects malicious software, such
as Viruses, Worms, Trojans, and Ransomware. These tools identify and eliminate or
quarantine malicious files, protecting the endpoint and the network from potential harm.
Firewalls are essential components of endpoint security. They monitor and control
incoming and outgoing network traffic, filtering out potentially malicious data packets.
3
� Keeping software and operating systems up to date with the latest security patches and
updates is crucial for endpoint security.
6. Operational Security
Refers to the processes and policies organizations implement to protect sensitive data from
internal threats and human errors. It involves access controls, risk management, employee
training, and monitoring activities to prevent data leaks and security breaches.
Access Controls ensure that only authorized personnel can access critical systems and
sensitive information. This includes role-based access, multi-factor authentication (MFA),
and least privilege principles.
Risk Management involves identifying, analyzing, and mitigating security risks within an
organization. It includes regular security assessments, vulnerability testing, and compliance
audits.
Employee Training is crucial for preventing insider threats and social engineering attacks.
Organizations conduct cybersecurity awareness programs to educate employees on
phishing scams, password security, and data handling best practices.
Monitoring & Incident Response includes tracking user activity, detecting suspicious
behavior, and responding to security incidents in real time. Security Information and Event
Management (SIEM) tools help organizations analyze and mitigate threats effectively.
7. Internet of Things (IoT) Security
Refers to protecting internet-connected devices such as smart home gadgets, industrial sensors,
medical equipment, and wearable technology from cyber threats. IoT security ensures that
these devices do not become entry points for hackers to exploit networks and steal sensitive
data.
Device Authentication & Encryption ensures that only authorized devices can connect to
networks. Encryption protects data transmitted between IoT devices and servers from
interception.
Firmware & Software Updates are crucial to patch security vulnerabilities. Regular
updates help prevent exploitation by cybercriminals who target outdated IoT firmware.
Network Segmentation isolates IoT devices from critical systems, reducing the risk of
widespread attacks if one device is compromised. This approach limits unauthorized access
and lateral movement within a network.
IoT Security Standards & Compliance include implementing industry security
frameworks like Zero Trust Architecture (ZTA) and following best practices such as strong
password policies, secure APIs, and endpoint protection to enhance IoT device security.
Why is Cybersecurity is Important?
Cyber Security is important because the government, corporations, and medical organizations,
collect military, financial, process, and store unprecedented amounts of data on a computer and
other properties like personal information, and this private information exposure could have
negative consequences.
4
�In 1972, when the internet was just starting (called ARPANET at the time), a test virus
named Creeper was created—and then another program called Reaper was made to remove it.
This early experiment showed why digital security was needed and helped start what we now
call cybersecurity.
Major Cybersecurity Threats & Attacks
Hackers use advanced techniques to find weaknesses in systems, steal or change data, and
break into networks without permission. Below are the most common cybersecurity threats that
target businesses, cloud storage, and personal devices:
Types of Cyber Attacks
1. Malware Attacks
Malware is a type of harmful software created to enter, attack, and compromise systems. It
includes trojans, rootkits, and spyware.
Hackers use payload obfuscation, polymorphic techniques, and zero-day exploits to
bypass intrusion detection systems (IDS) and endpoint protection platforms (EPP).
2. Phishing & Spear Phishing Attacks
Phishing uses tricks and manipulation to steal login details, session tokens, and financial
information. Spear phishing is a more targeted version that uses open-source intelligence
(OSINT) to create personalized fake messages.
Hackers use domain spoofing, homograph attacks, and malicious macros to bypass
security and trick users into revealing sensitive data.
3. Ransomware Attacks
Ransomware locks important system files by encrypting them using asymmetric
cryptography (like RSA, ECC) or hybrid encryption (AES-RSA). It then demands a
ransom, usually in cryptocurrency, to unlock the data.
5
� More advanced types, like double extortion ransomware, first steal sensitive data before
encrypting it. Hackers then threaten to leak the stolen data on dark web sites if the ransom
isn't paid.
4. Distributed Denial-of-Service (DDoS) Attacks
DDoS attacks overload a network by flooding it with massive amounts of traffic at
different levels—volumetric, protocol, or application-layer—causing servers to crash
and making services unavailable.
Hackers use botnets, amplification techniques to increase attack size, and HTTP flood
requests to overwhelm websites. These methods help attackers bypass rate-limiting
defenses and take down their targets.
5. SQL Injection (SQLi) & NoSQL Injection
SQL injection attacks take advantage of weak web application queries by
inserting malicious SQL code to modify database records, steal login credentials, or
run admin-level commands.
NoSQL injection targets document-based databases like MongoDB and Firebase by
altering query parameters, allowing attackers to bypass authentication and gain
unauthorized access to sensitive data.
6. Zero-Day Exploits & Advanced Persistent Threats (APT)
Zero-day exploits take advantage of unknown software vulnerabilities before developers
release security patches, making them highly dangerous.
Advanced Persistent Threats (APTs) use multi-stage attack techniques to stay hidden
in a system for a long time. These include lateral movement, privilege escalation,
and persistence mechanisms to maintain control over compromised networks.
7. Man-in-the-Middle (MITM) Attacks
Man-in-the-Middle (MITM) attacks secretly intercept and modify data exchanged
between two parties by exploiting weak encryption or unsecured communication
channels.
Hackers use techniques like SSL stripping, rogue access points, and ARP
poisoning to steal login credentials, hijack user sessions, or inject malicious code into
data transmissions
8. Insider Threats & Privilege Misuse
Insider threats occur when compromised or malicious employees with high-level
access steal sensitive data, modify access permissions, or install backdoors to bypass
security. Since insiders already have authorized access, they can easily evade traditional
perimeter security measures.
To detect and prevent insider threats, organizations use User and Entity Behavior
Analytics (UEBA) to track suspicious activities, Privilege Access Management (PAM) to
restrict sensitive access, and zero-trust architectures to ensure continuous verification.
6
� CYBER CRIME
Cybercrime refers to criminal activities carried out using computers and the internet, including
hacking, data theft, malware attacks, and financial fraud. With businesses, governments, and
individuals relying heavily on digital platforms, cyber threats have escalated, leading to billions
in financial losses worldwide. In 2023 alone, cybercrime caused over $8 trillion in damages,
impacting online security on a massive scale. From phishing scams to ransomware attacks,
cybercriminals exploit vulnerabilities to steal sensitive information and disrupt systems.
Cyber Crime
This article explores the types of cybercrime with examples, real-world cases, cybercrime
laws, and effective prevention measures to stay protected in the digital world.
WHAT IS CYBER CRIME?
Cybercrime refers to illegal activities involving computers, networks, or the internet as a
tool to commit offenses. These crimes include:
Identity Theft – Stealing personal information to commit fraud.
Financial Fraud – Online scams, fake transactions, and credit card fraud.
Cyberbullying – Harassment or threats through digital platforms.
Phishing Attacks – Deceptive emails or websites tricking users into revealing sensitive data.
Hacking – Unauthorized access to systems and data breaches.
Malware Attacks – Spreading viruses, ransomware, and trojans to damage or steal data.
Cybercriminals target individuals, businesses, and even government systems, leading to
significant financial losses, data breaches, and security threats.
As the internet becomes an essential part of daily life, from online shopping to business
operations and communication, cybercrime cases have surged globally.
Criminals exploit system vulnerabilities to steal personal data, manipulate financial
transactions, and disrupt critical services.
It's very important to know and protect ourself against the cyber crime. We can avoid
these by use of secure networks, frequent updating of software, and not to engage in
activities that may appear suspicious online.
7
�Cybercrime, especially through the Internet, has grown as the computer has become central to
every field like commerce, entertainment, and government. Cybercrime may endanger a person
or a nation security and financial health.
TYPES OF CYBER CRIME
Cybercrime includes a wide range of illegal activities that exploit computers, networks, and the
internet. These crimes can be categorized into two main types:
1. Cyber Crimes Targeting Computer Networks or Devices
These crimes involve direct attacks on computers, servers, or digital infrastructure to steal
data, cause disruption, or damage systems. It involves different threats like- viruses, bugs,
etc. and (DoS) denial-of-service attacks.
Malware Attacks: This kind of
cyber threat relates to malware viruses, worms, Trojans, etc. for interfering, damaging,
or unauthorized access to computer systems.
For example, ransomware encrypts files and then later demands ransom for decryption.
Denial-of-Service (DoS) Attacks: Here, the attackers focus on a system and flood it with
high traffic, hence making it inaccessible to the users. Another dangerous variant of DoS
is DDoS, wherein many compromised systems target one, thus, much difficult to defend
against.
For example, A DDoS attack crashes an e-commerce website by overwhelming its server with
traffic.
Phishing Attacks: These are masqueraded e-mails or messages claiming to
be from a formal web but only request that the user grant access to sensitive information
like password points for an account or credit card numbers. Phishing can be described as an
outstanding one of the most common cyber threats.
For example, A fake PayPal login page that steals your credentials.
8
� Botnets (Zombie Networks): A number of hijacked computers can become a "botnet"
of malware that can be used by an attacker for coordinated attacks or spamming.
For example, Hackers use botnets to send millions of spam emails in a single day.
Exploits and Vulnerabilities: The typical area through which cyber-thieves exploit
software weakness is the application or operating system vulnerability in order to access it
illegally.
For example, Exploiting an outdated banking app to steal user financial details.
2. Crimes Using Computer Networks to Commit Other Criminal Activities
These types of crimes include cyberstalking, financial fraud, or identity thief.
Cyberstalking: This is considered as that crime in the nature of threatening or
frightening a person on-line and spreading fear and emotional distress. This can
be termed as involving threats, constant monitoring, or receiving repeated unwanted
messages.
For example, Sending threatening messages to a person via email or social media.
Financial Fraud: This is an example of a cybercrook manipulating the victim online
to proceed with stealing money, such as fake investment opportunities,
hacking a business email, and using someone else's credit card details.
For example, A fake online store that steals credit card details without delivering products.
Identity Theft: It is normally the identity of people whose information is stolen
with the intention of only acting like them either to misuse their cash or money from
their account or even to do malicious reasons. It always lowers the credit score of the victim
and in the worst case scenario, misused the account/loan financially
with incorrect transactions.
For example, A hacker using stolen credentials to apply for credit cards and loans.
Online Harassment and Hate Crimes: When people use the internet to discriminate against
a particular person based on his or her racial background, gender, religion, or whatever,
which can psychologically disturb the harassed person.
For example, Cyberbullying campaigns that target individuals based on race, gender, or
religion.
Intellectual Property Theft: Intellectual property theft refers to the theft of copyrighted
content or business secrets through the internet, thereby financially and competitively hurting
individuals and companies.
For example, A software company illegally using another firm's source code to create a
competing product.
cybercrime examples:
1. Cyber Terrorism:
Cyber terrorism involves using the internet to carry out violent threats, disrupt essential
services, or spread fear among people. Cyber terrorists target critical infrastructure,
government systems, or financial institutions to cause panic or damage.
Example: Hacking into power grids or communication networks to create widespread disruption
9
�2. Cyber Extortion (Ransomware Attackes):
Cyber extortion happens when hackers attack websites or computer systems and demand money
to stop the attacks. They threaten to keep attacking unless they receive a large payment.
Example: A ransomware attack on a hospital system, blocking access to patient records until a
ransom is paid
3. Cyber Warfare:
Cyber warfare is when countries use computers and networks as part of their battles. It includes
both attacking and defending against cyber threats, like hacking and spying.
Example: A government hacking another country's defense networks to steal classified
information.
4. Internet Fraud:
This type of fraud occurs when someone tricks others on internet to steal money or private
information. It involves hiding or giving false information to deceive people and covers many
different illegal actions.
Example: A scam website pretending to sell products but stealing users' payment details instead
5. Cyber Stalking and Online Harassement
Cyber stalking is a form of online harassment where someone sends threatening messages or
emails to a victim they know. If the stalker feels it's not working, they may also start following
the victim in real life to make their life more difficult.
Example: An ex-partner repeatedly sending threatening messages and tracking a victim’s online
activity
6. Financial Fraud:
Cybercriminals steal personal and financial data to commit fraud, open fake bank accounts, or
make unauthorized transactions. Phishing attacks are one of the most common methods used to
trick victims into providing sensitive information.
Example: A phishing email pretending to be from a bank, asking users to enter their login
details on a fake website.
7. Cyber Espionage:
Cyber espionage refers to hacking into government agencies, businesses, or corporations to
steal confidential data or trade secrets. It is often used by competitor businesses or state-
sponsored hackers.
Example: A company stealing another firm's product designs through hacking.
INFORMATION SECURITY
What is information security?
Information security (InfoSec) is the protection of important information against unauthorized
access, disclosure, use, alteration or disruption. It helps ensure that sensitive organizational data
is available to authorized users, remains confidential and maintains its integrity.
10
� We need to protect information assets, which might include financial, confidential, personal or
sensitive data. These assets can take the form of digital files and data, paper documents, physical
media and even human speech. Throughout the data lifecycle, InfoSec oversees functions such as
infrastructure, software, testing, auditing and archiving.
Grounded in decades-old principles, information security continually evolves to protect
increasingly hybrid and multicloud environments in an ever-changing threat landscape. Given
the evolving nature of these threats, multiple teams need to work together to update both the
technology and processes used in this defense.
Digital information security, also called data security, receives the most attention from
information security professionals today and is the focus of this article.
TYPES OF SECURITY
The terms information security, IT security, cybersecurity and data security are often (and
mistakenly) used interchangeably. While these fields overlap and inform one another, they differ
primarily in scope.
Information security is an umbrella term that covers an organization's efforts to protect
information. It includes physical IT asset security, endpoint security,
data encryption, network security and more.
IT security is also concerned with protecting physical and digital IT assets and data
centers but does not include protection for the storage of paper files and other media. It
focuses on the technology assets rather than the information itself.
Cybersecurity focuses on securing digital information systems. The goal is to help
protect digital data and assets from cyberthreats. While an enormous undertaking,
cybersecurity has a narrow scope, as it is not concerned with protecting paper or analog
data.
Data security is the practice of protecting digital information from unauthorized access,
corruption or theft throughout its entire lifecycle. It includes the physical security of
hardware and storage devices, along with administrative and access controls. It also
11
� covers the logical security of software applications and organizational policies and
procedures.
What is Information Security (InfoSec)?
Information Security is not only about securing information from unauthorized access.
Information Security is basically the practice of preventing unauthorized access, use,
disclosure, disruption, modification, inspection, recording, or destruction of information.
Information can be a physical or electronic one. Information can be anything like Your details
or we can say your profile on social media, your data on your mobile phone, your biometrics,
etc. Thus Information Security spans so many research areas like Cryptography, Mobile
Computing, Cyber Forensics, Online Social Media, etc.
During the First World War, a Multi-tier Classification System was developed keeping in mind
the sensitivity of the information. With the beginning of the Second World War, formal
alignment of the Classification System was done. Alan Turing was the one who successfully
decrypted the Enigma Machine which was used by Germans to encrypt warfare data.
Effective information security requires a comprehensive approach that considers all aspects of
the information environment, including technology, policies and procedures, and people. It
also requires ongoing monitoring, assessment, and adaptation to address emerging threats and
vulnerabilities.
Why We Use Information Security?
We use information security to protect valuable information assets from a wide range of
threats, including theft, espionage, and cybercrime. Here are some key reasons why
information security is important:
Protecting sensitive information: Information security helps protect sensitive information
from being accessed, disclosed, or modified by unauthorized individuals. This includes
personal information, financial data, and trade secrets, as well as confidential government
and military information.
Mitigating risk: By implementing information security measures, organizations can
mitigate the risks associated with cyber threats and other security incidents. This includes
minimizing the risk of data breaches, denial-of-service attacks, and other malicious
activities.
Compliance with regulations: Many industries and jurisdictions have specific regulations
governing the protection of sensitive information. Information security measures help
ensure compliance with these regulations, reducing the risk of fines and legal liability.
Protecting reputation: Security breaches can damage an organization's reputation and
lead to lost business. Effective information security can help protect an organization's
reputation by minimizing the risk of security incidents.
Ensuring business continuity: Information security helps ensure that critical business
functions can continue even in the event of a security incident. This includes maintaining
access to key systems and data, and minimizing the impact of any disruptions.
12
�What are the 3 Principles of Information Security?
Information security is necessary to ensure the confidentiality, integrity, and availability of
information, whether it is stored digitally or in other forms such as paper documents.
Information Security programs are build around 3 objectives, commonly known as CIA -
Confidentiality, Integrity, Availability.
Confidentiality - Means information is not disclosed to unauthorized individuals, entities
and process. For example if we say I have a password for my Gmail account but someone
saw while I was doing a login into Gmail account. In that case my password has been
compromised and Confidentiality has been breached.
Integrity - Means maintaining accuracy and completeness of data. This means data cannot
be edited in an unauthorized way. For example if an employee leaves an organisation then
in that case data for that employee in all departments like accounts, should be updated to
reflect status to JOB LEFT so that data is complete and accurate and in addition to this only
authorized person should be allowed to edit employee data.
Availability - Means information must be available when needed. For example if one
needs to access information of a particular employee to check whether employee has
outstanded the number of leaves, in that case it requires collaboration from different
organizational teams like network operations, development operations, incident response
and policy/change management. Denial of service attack is one of the factor that can
hamper the availability of information.
CLASSIFICATION OF CYBER CRIMES
Cyber crimes can be classified in to 4 major categories as the following:
(1) Cyber crime against Individual
(2) Cyber crime Against Property
(3) Cyber crime Against Organization
13
�1. Based on Target
A. Crimes Against Individuals
Cyberstalking: Harassment using digital communication (emails, social media, etc.).
Phishing & Identity Theft: Stealing personal data through fake emails or websites.
Online Scams & Fraud: Fake lotteries, romance scams, or deceptive online ads.
Cyberbullying: Bullying or harassment via digital platforms.
Defamation: Publishing false information that harms someone's reputation.
B. Crimes Against Property
Hacking: Unauthorized access to data or systems.
Data Theft: Stealing confidential data (e.g., financial, corporate).
Ransomware Attacks: Encrypting files and demanding ransom for decryption.
Intellectual Property Theft: Piracy, plagiarism, or illegal distribution of copyrighted
content.
C. Crimes Against Government or Society
Cyberterrorism: Attacks aimed at causing panic or disruption (e.g., targeting critical
infrastructure).
Espionage: Spying on government or corporate networks.
Cyberwarfare: Nation-state attacks against another country’s systems.
Spreading Disinformation: Fake news, propaganda, and election manipulation.
14
�2. Based on Method Used
Malware Attacks: Use of viruses, worms, trojans, ransomware.
Social Engineering: Manipulating people to gain access (e.g., phishing).
Denial-of-Service (DoS) Attacks: Overloading a system to make it unavailable.
Man-in-the-Middle (MitM) Attacks: Intercepting communication between two parties.
SQL Injection & XSS: Exploiting web application vulnerabilities.
3. Based on Motivation
Financial Gain: Fraud, ransomware, data theft for profit.
Political Motivation: Hacktivism, cyberterrorism, cyberwarfare.
Personal Revenge or Hate: Cyberstalking, bullying, harassment.
Challenge or Ego: Hacking for reputation among peers.
Corporate Espionage: Stealing trade secrets or data from competitors.
********************* UNIT-IV COMPLETED ****************
15
