INTRODUCTION TO CYBER SPACE

1.1 INTRODUCTION
Internet is among the most important inventions of the 21st century which have affected our
life. Today internet have crosses every barrier and have changed the way we use to talk, play
games, work, shop, make friends, listen music, see movies, order food, pay bill, greet your
friend on his birthday/ anniversary, etc. You name it, and we have an app in place for that. It
has facilitated our life by making it comfortable. Gone are the days when we have to stand in
a long queue for paying our telephone and electricity bills. Now we can pay it at a click of a
button from our home or office. The technology have reached to an extent that we don‟t even
require a computer for using internet. Now we have internet enabled smartphone, palmtops,
etc. through which we can remain connected to our friends, family and office 24x7. Not only
internet has simplified our life but also it has brought many things within the reach of the
middle class by making them cost effective. It was not long back, while making an ISD or
even a STD call, the eyes were stricken on the pulse meter. The calls were very costly. ISD
and STD were used to pass on urgent messages only and the rest of the routine
communication was done using letters since it was a relatively very cheap. Now internet have
made it possible to not only talk but use video conference using popular applications like
skype, gtalk etc. at a very low price to a level where a one hour video chat using internet is
cheaper that the cost of sending a one page document from Delhi to Bangalore using speed-
post or courier service. Not only this, internet has changed the use of the typical devices that
were used by us. Television can be used not only for watching popular tv shows and movies
but can be used for calling/ video chatting with friend using internet. Mobile phone is not only
used for making a call but viewing a latest movie. We can remain connected to everyone, no
matter what our location is. Working parents from office can keep eye on their children at
home and help them in their homework. A businessman can keep eye on his staff, office,
shop, etc with a click of a button. It has facilitated our life in more than one way. Have you
ever wondered from where this internet came? Let us discuss the brief history of internet and
learn how this internet was invented and how it evolved to an extent that now we cannot think
of our lives without it.

1.1.1 History of Internet

I don‟t know what the cold war between USA and Russia gave to the world, but defiantly the
internet is one of those very useful inventions whose foundation was laid during cold war

8
days. Russia Launched the world‟s first satellite, SPUTNIK into the space on 4th October,
1957. This was clearly the victory of Russia over the cyber space and as a counter step,
Advanced Research Projects Agency, the research arm of Department of Defence, United
States, declared the launch of ARPANET(Advanced Research Projects Agency NETwork) in
early 1960‟s. This was an experimental network and was designed to keep the computers
connected to the this network to communicate with each other even if any of the node, due to
the bomb attack, fails to respond. The first message was sent over the ARPANET, a packing
switching network, by Leonard Kleinrock's laboratory at University of California, Los
Angeles (UCLA). You will be surprised to know that the fist message that was sent over
internet was “LO”. Actually they intended to send work “LOGIN” and only the first two
letters reached its destination at second network node at Stanford Research Institute (SRI) and
before the last three letters could reach the destination the network was down due to glitch.
Soon the error was fixed and the message was resent and it

The major task that ARPANET have to play is to develop rules for communication i.e.
protocols for communicating over ARPANET. The ARPANET in particular led to the
development of protocols for internetworking, in which multiple separate networks could be
joined into a network of networks. It resulted in the development if TCP/IP protocol suite,
which specifies the rules for joining and communicating over APRANET.

Soon after, in 1986 NSF(national Science Foundation) backbone was created to and five US
universities‟ computing centres were connected to form NSFnet. The participating
Universities were:

 Princeton University -- John von Neumann National Supercomputer Center, JvNC

 Cornell University -- Cornell Theory Center, CTC
 University of Illinois at Urbana-Champaign -- National Center for Supercomputing
Applications, NCSA
 Carnegie Mellon University -- Pittsburgh Supercomputer Center, PSC
 General Atomics -- San Diego Supercomputer Center, SDSC

NFSnet, the successor of ARPAnet, become popular by 1990 and ARPANET was
decommissioned. There were many parallel networks developed by other Universities and
other countries like United Kingdom. In 1965, National Physical Laboratory(NPL) proposed a
packing switching network. Michigan Educational Research Information Triad formed
MERIT network in 1966 which was funded and supported by State of Michigan and the

9
National Science Foundation (NSF). France also developed a packet swiching network, know
as CYCLADES in 1973.

Now there were many parallel systems working on different protocols and the scientist were
looking for some common standard so that the networks could be interconnected. In 1978,
TCP/IP protocol suits were ready and by 1983, the TCP/IP protocol were apopted by
ARPANET.

In 1981, the integration of two large network took place. NFS developed Computer Science
Network(CSNET) and was connected to ARPANET using TCP/IP protocol suite. Now the
network was not only popular among the research community but the private played also took
interest in the network. Initially NFS supported speed of 56 kbit/s. It was upgraded to 1.5
Mbit/s in 1988 to facilitate the growth of network by involving merit network, IBM, MCA
and the state of Michigan.

After the copertates took realized the strength and merit of this network, they particepitaqted
in the develoement of the network to ripe its benefits. By late 1980s many Internet Service
Providers(ISPs) emerged to provide the backbone for carrying the network traffic. By 1991,
NFSNET was expended and was upgraded to 45Mbit/s. Many commercial ISPs provided
backbone serive and was popular among the corporate. To facilitate the commercial use of the
network, NFSNET was decommissioned in 1995 and now the Internet could carry
commercial traffic.

Now more and more Universities and research centres throughout the world connected to it.
Now this network was very popular amongs the research community and in 1991 National
Research and Education Network (NREN) was founded and the World Wide Web was
released. Initially the role of internet was only limited to file transfer. The credit of internet
what we see it today goes to Tim Berners-Lee who introduced www.With the advent of www,
there was a transformation on how the network was used. Now this web of information can be
used to retrieve any information available over the internet. Software called, browser was
developed to browse the internet. It was developed by researchers at University of Illinois in
1992 and named as Mosaic. This browser enables to browse the internet the way we browse it
today.

1.1.1.1 Internet Addresses

With so many devices connected to the internet, we require some mechanism to uniquely
identify every device that is connected to the internet. Also we require some centralized

10
system which takes care of this mechanism so that the signs which are used to identify each
device are not duplicate; else the whole purpose is defeated. To take care of this, we have a
centralized authority known as Internet Assigned Numbers Authority (IANA), which is
responsible for assigning a unique number known as IP(Internet Protocol) address. An IP
address is a 32-bit binary number which is divided into four octets and each octet consists of 8
binary digits and these octet are separated by a dot(.). An example of an IP address is

11110110.01011010.10011100.1111100

Each 8-bits in an octet can have two binary values i.e. 0 and 1. Therefore, each octet can have
minimum value 0. i.e. 00000000 to maximum value 256 i.e. 11111111 and in total have 28=
256 different combinations.

Again to remember this 32-bit address in binary is bit difficult, so for the better understanding
of the human being, it is expressed in a decimal format. But this decimal format is for human
understanding only and the computer understands it in binary format only. In decimal, the
above IP address is expressed as 123.45.78.125

These octets are used to create and separate different classes. An IP address consists of two
parts viz. Network and Host. Network part identifies the network different network and the
host part identifies a device of a particular network.

This address uniquely identifies a devices connected to the internet similar to the postal
system where we identify any house by fist identifying the county, then state, district, post
office, cluster/block and finally the house number. These IP addresses are classified into five
categories based on the availability of IP range. These categories/classes are:

Table 1: IP Address Classes

Class Address range Supports
Class A 1.0.0.1 to 126.255.255.254 Supports 16 million hosts on each of 127 networks.
Class B 128.1.0.1 to 191.255.255.254 Supports 65,000 hosts on each of 16,000 networks.
Class C 192.0.1.1 to 223.255.254.254 Supports 254 hosts on each of 2 million networks
Class D 224.0.0.0 to 239.255.255.255 Reserved for multicast groups
Class E 240.0.0.0 to 254.255.255.254 Reserved for future use, or Research and
Development Purposes.
IANA decentralises that task of assigning the IP addresses by allocating the large chunk of IP
addresses to five Regional Internet Registries (RIRs), which are further responsible to

11
allocate the IP addresses in their zone. These RIRs along with their area of operations are
listed below:

 APNIC- This RIR is responsible for serving the Asia Pacific region
 AfriNIC- This RIR is responsible for serving the African region
 ARIN- This RIR is responsible for serving North America and several Caribbean and
North Atlantic islands
 LACNIC- This RIR is responsible for serving Latin America and the Caribbean, and
 RIPE NCC- This RIR is responsible for serving Europe, the Middle East, and parts of
Central Asia

For liaison and coordinating between these five RIRs, there is an organization called Number
Resource Organization(NRO). These organizations are

1.1.1.2 DNS
Whenever we browse any website in the internet, we type name something like
www.uou.ac.in and we rarely deal with IP address like 104.28.2.92 but the fact is even if we
type http:\\ 104.28.2.92 in the URL, it will land us to the same webpage. The fact is we are
very comfortable using and remembering the names instead of a number. Moreover, these IP
address changes over time and some of the sites have multiple IP address. Also, the transfer of
the data over internet is only possible using IP addresses because the routing of the packet of
data sent over internet is done using IP address. There is a server called Domain Name
System(DNS) which take cares of this translation job to simplify and to save us from
remembering these changing IP address numbers, the DNS. Whenever you type an address
like http:\\www.uou.ac.in, there is a process called DNS name resolution, takes place in the
background. The computer keeps the track of recently visited sites and locally maintains a
database in DNS cache. In case, the IP address of the site you have requested for is not found
in the DNS cache of your local computer, then the next probable place to find it is DNS server
of your Internet Service Provider(ISP). These DNS servers of ISP also maintain the cache of
the recently visited pages. Just in case, the information is not found here also, the DNS
server of the ISP forward the query to the root nameservers. The root name servers publish
the root zone file to other DNS servers and clients on the Internet. The root zone file describes
where the authoritative servers for the DNS top-level domains (TLD) are located. There are
currently 13 rootname servers. They are:

 A - VeriSign Global Registry Services

12
  B - University of Southern California - Information Sciences Institute
 C - Cogent Communications
 D - University of Maryland
 E - NASA Ames Research Center
 F - Internet Systems Consortium, Inc.
 G - U.S. DOD Network Information Center
 H - U.S. Army Research Lab
 I - Autonomica/NORDUnet
 J - VeriSign Global Registry Services
 K - RIPE NCC
 L - ICANN
 M - WIDE Project

These root nameservers directs the query to the appropriate Top-Level Domain(TLD)
nameservers by reading the last part of the URL first. In our example the url was
http:\\www.uou.ac.in. The last part is .in. Some of the examples of TLD name servers are
.com, .biz, .org, .us, .in, etc. These TLD nameservers acts as a switchboard and direct the
query to the appropriate authoritative nameserver maintained by each domain. These
authoritative nameserver maintains DNS records along with other useful information. This
address record is returned back to the requesting host computer via TLD nameservers,
nameservers, ISP‟s DNS server. These intermediaty server keeps the recond of this IP address
in their DNS cache, so that if the same request is encountered again , they don‟t have to go
through this process again. If the same URL is requested again, the DNS cache of the local
host computer will return the IP address of the URL.

1.1.1.3 Internet Infrastructure

Internet, as the name suggests, in a network of network i.e. it is a collection of several small,
medium and large networks. This clearly indicates to one fact, nobody is a single owner of the
internet and it is one of the proven example of collaborative success. Now you must be
surprised how such a large network which is spread across the continents can run without the
any problem. Yes it is correct that to monitor such a large network, we require an
international body which can frame the rules, regulation and protocols to join and use this
network. Therefore, an international organization, known as “The Internet Society” was
formed in 1992 to take care of such issues.

13
Let us now discuss, how this internet works? How the email you sent to your friend is
received by your friend‟s computer located at another country/continent. When you are
working in your laptop/desktop in your home without connecting to the internet, your
computer is a standalone system. But, whenever you connect to the internet by dialling to
your Internet Service Provider(ISP) using your modem, you become the part of the network.
The ISP is the link between the internet backbone, through which the entire data route, and
the user. The ISP connects to the internet backbone at Network Access Points(NAP). These
NAPs are the provided by the large telecommunication companies at various regions. These
large telecommunication companies connect the countries and the continents by building and
maintaining the large backbone infrastructure to route data from NAP to NAP. ISPs are
connected to this backbone at NAP and are responsible build and manage network locally. So
when you dial internet through modem, you first become part of the local ISP, which in turn
connects to the internet backbone through NAP. The data is routed through this backbone and
sent to the destination NAP, where the ISP of your friend‟s network is located. As soon as
your friend dials his modem to connect to the internet, the data is delivered to your friend‟s
computer.

1.1.1.4 World Wide Web

Sometimes we interchangeably use the term internet and world wide web or simply the web,
as it is popularly known as. But web is only one of the several the utilities that internet
provides. Some of the popular service that internet provides other then web is e-mail, usenet,
messaging service, FTP, etc. The web use HTTP protocol to communicate over internet and
to exchange information. The web was developed at CERN (Europeen de Reserches
Nucleaires), Switzerland) by a UK scientist Tim Berners-Lee in 1989. It consists of all the
public web sites and all the devices that access the web content. WWW is an information
sharing model which is developed to exchange information over the internet. There are plenty
of public websites, which is a collection of web pages, available over the internet. These web-
pages contain plenty of information in a form of text, videos, audio and picture format.
These web pages are access using a application software called a web browser. Some of the
examples of the popular web browser are: Internet explorer, Chrome, Safari, Firefox, etc.

So this was a little indroduction about internet and how it functions. Now let us discuss about
cyber crime.

14
1.2 INTRODUCTION TO CYBER CRIME
The internet was born around 1960‟s where its access was limited to few scientist, researchers
and the defence only. Internet user base have evolved expontinanlty. Initially the computer
crime was only confined to making a physical damage to the computer and related
infrastructure. Around 1980‟s the trend changed from causing the physical damaging to
computers to making a computer malfunction using a malicious code called virus. Till then
the effect was not so widespread beacouse internet was only comfined to defence setups, large
international companies and research communities. In 1996, when internet was launched for
the public, it immeditly became populer among the masses and they slowly became dependent
on it to an extent that it have changed their lifestyle. The GUIs were written so well that the
user don‟t have to bother how the internet was functioning. They have to simply make few
click over the hyber links or type the desired information at the desired place without
bothering where this data is stored and how it is sent over the internet or wether the data can
accessed by another person who is conneted to the internet or wether the data packet sent over
the internet can be snoofed and tempered. The focus of the computer crime shifted from
marely damaging the computer or destroying or manipulating data for personal benefit to
financial crime. These computer attacks are incresing at a rapid pase. Every second around 25
computer became victim to cyber attack and around 800 million individuals are effected by it
till 2013. CERT-India have reported around 308371 Indian websites to be hacked between
2011-2013. It is also estimated that around $160 million are lost per year due to cyber crime.
This figure is very conservative as most of the cases are never reported.

Accoring to the 2013-14 report of the standing committee on Information Technology to the
15th Lok Sabha by ministry of communication and information technology, India is a third
largest number do Intrernet users throughout the world with an estimated 100 million internet
users as on June, 2011 and the numbers are growing rapidly. There are around 22 million
broadband connections in India till date operated by around 134 major Internet Service
Providers(ISPs).

Before discussing the matter further, let us know what the cyber crime is?

The term cyber crime is used to describe a unlawful activity in which computer or computing
devices such as smartphones, tablets, Personal Digital Assistants(PDAs), etc. which are stand
alone or a part of a network are used as a tool or/and target of criminal acitivity. It is often

15
commited by the people of destructive and criminal mindset either for revenge, greed or
adventure.

1.2.1 Classification of Cyber Crimes

The cyber criminal could be internal or external to the organization facing the cyber attack.
Based on this fact, the cyber crime could be categorized into two types:

 Insider Attack: An attack to the network or the computer system by some person with
authorized system access is known as insider attack. It is generally performed by
dissatisfied or unhappy inside employees or contractors. The motive of the insider
attack could be revenge or greed. It is comparitively easy for an insider to perform a
cyber attack as he is well aware of the policies, processes, IT architecture and
wealness of the security system. Moreover, the attacker have an access to the network.
Therefore it is comparatively easy for a insider attacker to steel sensitive information,
crash the network, etc. In most of the cases the reason for insider attack is when a
employee is fired or assigned new roles in an organization, and the role is not reflected
in the IT policies. This opens a vernability window for the attacker. The insider attack
could be prevented by planning and installing an Internal intrusion detection systems
(IDS) in the organization.
 External Attack: When the attacker is either hired by an insider or an external entity to
the organization, it is known as external attack. The organization which is a victim of
cyber attack not only faces financial loss but also the loss of reputation. Since the
attacker is external to the organization, so these attackers usually scan and gathering
information.An expreicend network/security administrator keeps regual eye on the log
generated by the firewalls as extertnal attacks can be traced out by carefully analysinig
these firewall logs. Also, Intrusion Detection Systems are installed to keep an eye on
external attacks.

The cyber attacks can also be classified as structure attacks and unstructured attacks based on
the level of maturity of the attacker. Some of the authors have classified these attacks as a
form of external attacks but there is precedence of the cases when a structured attack was
performed by an internal employee. This happens in the case when the competitor company
wants the future strategy of an organization on certain points. The attacker may strategically
gain access to the company as an employee and access the required information.

16
  Unstructured attacks: These attacks are generally performed by amatures who don‟t
have any predefined motives to perform the cyber attack. Usually these amatures try to
test a tool readily available over the internet on the network of a random company.
 Structure Attack: These types of attacks are performed by highly skilled and
experienced people and the motives of these attacks are clear in their mind. They have
access to sophisticated tools and technologies to gain access to other networks without
being noticed by their Intrusion Detection Systems(IDSs). Moreover, these attacker
have the necessary expertise to develop or modify the existing tools to satisfy their
purpose. These types of attacks are usually performed by professional criminals, by a
country on other rival countries, politicians to damage the image of the rival person or
the country, terrorists, rival companies, etc.

Cyber crimes have turned out to be a low-investment, low-risk business with huge returns.
Now-a-days these structured crimes are performed are highly organized. There is a perfect
hierarchical organizational setup like formal organizations and some of them have reached a
level in technical capabilities at par with those of developed nation. They are targeting large
financial organizations, defence and nuclear establishments and they are also into online
drugs trading.

Criminal
Boss

They are Trojan Provider and

Manager. They are responsible for Under Boss
trojen command and control.

They are the attackers crimeware

toolkit owner. They distribute Trojen Campaign Campaign Campaign
in legtimate websites through their Manager Manager Manager
affiliation network.

Stolen Data Stolen Data Stolen Data

Reseller Reseller Reseller

Figure 1 : Hierarchical Organisational Structure

17
The role of all the people in the hierarchy reamin changing and it is based on the oppourtinity.
If a hacker who have hacked sesetive data from an organization may use it for financially
exploiting the organisation himself. In case, the hacker himself have the technical expertise
for it, he will do it himself, otherwise he may find a buyer who is intrested in that data and
have the technical expertize.

There are some cyber criminals offers on-demand and service. The person, organization or a
country may contact these cyber criminals for hacking an organization to gain access to some
sensetive data , or create massive denial-of –service attack on their compititors. Based on the
demand of the customer the hackers write malware, virus, etc to suit their requirements. An
organizaiton effected by a cyber attack, not only faces finincial loss, but its repuration is also
adversly affected, and the compitititor organization will definatly benefited by it.

1.2.2 Reasons for Commission of Cyber Crimes

There are many reasons which act as a catalyst in the growth of cyber crime. Some of the
prominent reasons are:
a. Money: People are motivated towards committing cyber crime is to make quick and
easy money.
b. Revenge: Some people try to take revenge with other person/organization/society/
caste or religion by defaming its reputation or bringing economical or physical loss.
This comes under the category of cyber terrorism.
c. Fun: The amateur do cyber crime for fun. They just want to test the latest tool they
have encountered.
d. Recognition: It is considered to be pride if someone hack the highly secured networks
like defense sites or networks.
e. Anonymity- Many time the anonymity that a cyber space provide motivates the person
to commit cyber crime as it is much easy to commit a cyber crime over the cyber
space and remain anonymous as compared to real world.
It is much easier to get away with criminal activity in a cyber world than in the real
world. There is a strong sense of anonymity than can draw otherwise respectable
citizens to abandon their ethics in pursuit personal gain.
f. Cyber Espionage: At times the government itself is involved in cyber trespassing to
keep eye on other person/network/country. The reason could be politically,
economically socially motivated.

18
1.3 MALWARE AND ITS TYPE
Malware stands for “Malicious Software” and it is designed to gain access or installed into the
computer without the consent of the user. They perform unwanted tasks in the host computer
for the benefit of a third party. There is a full range of malwares which can seriously degrade
the performance of the host machine. There is a full range of malwares which are simply
written to distract/annoy the user, to the complex ones which captures the sensitive data from
the host machine and send it to remote servers. There are various types of malwares present in
the Internet. Some of the popular ones are:

1.3.1 Adware
It is a special type of malware which is used for forced advertising. They either redirect the
page to some advertising page or pop-up an additional page which promotes some product or
event. These adware are financially supported by the organizations whose products are
advertised.

1.3.2 Spyware
It is a special type of which is installed in the target computer with or without the user
permission and is designed to steal sensitive information from the target machine. Mostly it
gathers the browsing habits of the user and the send it to the remote server without the
knowledge of the owner of the computer. Most of the time they are downloaded in to the host
computer while downloading freeware i.e. free application programmes from the internet.
Spywares may be of various types; It can keeps track of the cookies of the host computer, it
can act as a keyloggers to sniff the banking passwords and sensitive information, etc.

1.3.3 Browser hijacking software

There is some malicious software which are downloaded along with the free software offered
over the internet and installed in the host computer without the knowledge of the user. This
software modifies the browsers setting and redirect links to other unintentional sites.

1.3.4 Virus
A virus is a malicious code written to damage/harm the host computer by deleting or
appending a file, occupy memory space of the computer by replicating the copy of the code,
slow down the performance of the computer, format the host machine, etc. It can be spread
via email attachment, pen drives, digital images, e-greeting, audio or video clips, etc. A virus
may be present in a computer but it cannot activate itself without the human intervention.

19
Until and unless the executable file(.exe) is execute, a virus cannot be activated in the host
machine.

1.3.5 Worms
They are a class of virus which can replicate themselves. They are different from the virus by
the fact that they does not require human intervention to travel over the network and spread
from the infected machine to the whole network. Worms can spread either through network,
using the loopholes of the Operating System or via email. The replication and spreading of the
worm over the network consumes the network resources like space and bandwidth and force
the network to choke.

1.3.6 Trojan Horse

Trojan horse is a malicious code that is installed in the host machine by pretending to be
useful software. The user clicks on the link or download the file which pretends to be a useful
file or software from legitimate source. It not only damages the host computer by
manipulating the data but also it creates a backdoor in the host computer so that it could be
controlled by a remote computer. It can become a part of botnet(robot-network), a network of
computers which are infected by malicious code and controlled by central controller. The
computers of this network which are infected by malicious code are known as zombies.
Trojens neither infect the other computers in the network nor do they replicate.

20
 Figure 2: A typical botnet

1.3.7 Scareware
Internet has changed how we talk, shop, play etc. It has even changed the way how the
criminal target the people for ransom. While surfing the Internet, suddenly a pop-up alert
appears in the screen which warns the presence of dangerous virus, spywares, etc. in the
user‟s computer. As a remedial measure, the message suggests the used download the full
paid version of the software. As the user proceeds to download, a malicious code, known as
scareware is downloaded into the host computer. It holds the host computer hostage until the
ransom is paid. The malicious code can neither be uninstalled nor can the computer be used
till the ransom is paid. A sample message alert of a scareware is shown below in Fig 31

Figure 3: Sample Warning Message of a

Scareware1

1.4 KINDS OF CYBER CRIME

Various types of cyber crimes are:

1.4.1 Cyber Stalking

It is an act of stalking, harassing or threatening someone using Internet/computer as a
medium. This is often done to defame a person and use email, social network, instant
messenger, web-posting, etc. as a using Internet as a medium as it offers anonymity. The
behaviour includes false accusations, threats, sexual exploitation to minors, monitoring, etc.

1
Image courtesy: https://www.flickr.com/photos/alamagordo/2372928527

21
1.4.2 Child Pornography
It is an act of possessing image or video of a minor (under 18), engaged in sexual conduct.

1.4.3 Forgery and Counterfeiting

It is a use of computer to forgery and counterfeiting is a document. With the advancement in
the hardware and the software, it is possible to produce counterfeit which matches the original
document to such an extent that it is not possible to judge the authenticity of the document
without expert judgement.

1.4.4 Software Piracy and Crime related to IPRs

Software piracy is an illegal reproduction and distribution for personal use or business. It
comes under crime related to IPR infringement. Some of the other crimes under IPR
infringement are: download of songs, downloading movies, etc.

1.4.5 Cyber Terrorism

It is defined as the use of computer resources to intimidate or coerce government, the civilian
population or any segment thereof in furtherance of political or social objectives.

1.4.6 Phishing
It is a process of acquiring personal and sensitive information of an individual via email by
disguising as a trustworthy entity in an electronic communication. The purpose of phishing is
identity theft and the personal information like username, password, and credit card number
etc. may be used to steal money from user account. If a telephone is used as a medium for
identity theft, it is known as Vishing (voice phishing). Another form of phishing is Smishing,
in which sms is used to lure customers.

1.4.7 Computer Vandalism

It is an act of physical destroying computing resources using physical force or malicious
code.

1.4.8 Computer Hacking

It is a practice of modifying computer hardware and software to accomplish a goal outside the
creator‟s original purpose. The purpose of hacking a computer system may vary from simply
demonstrations of the technical ability, to sealing, modifying or destroying information for
social, economic or political reasons. Now the corporate are hiring hackers, a person who is
engaged in hacking computers, to intentionally hack the computer of an organization to find
and fix security vulnerabilities.
The hackers may be classified as:

22
  White Hat: white hat hackers are the persons who hack the system to find the security
vulnerabilities of a system and notify to the organizations so that a preventive action
can be taken to protect the system from outside hackers. White hat hackers may be
paid employee of an organization who is employed to find the security loop-holes, or
may be a freelancer who just wants to prove his mantle in this field. They are popular
known as ethical hackers.
 Black Hat: in contrast to the white hat, the black hat hack the system with ill
intentions. They may hack the system for social, political or economically motivated
intentions. They find the security loopholes the system, and keep the information
themselves and exploit the system for personal or organizational benefits till
organization whose system is compromised is aware of this, and apply security
patches. They are popularly known as crackers.
 Grey Hat: Grey hat hackers find out the security vulnerabilities and report to the site
administrators and offer the fix of the security bug for a consultancy fee.
 Blue hat: A blue hat hacker is someone outside computer security consulting firms
who is used to bug-test a system prior to its launch, looking for exploits so they can be
closed.

1.4.9 Creating and distributing viruses over internet

The spreading of an virus can cause business and financial loss to an organization. The loss
includes the cost of repairing the system, cost associated with the loss of business during
downtime and cost of loss of opportunity. The organization can sue the hacker, if found, for
the sum of more than or equivalent to the loss borne by the organization.

1.4.10 Spamming
Sending of unsolicited and commercial bulk message over the internet is known as spamming.
An email can be classified as spam, if it meets following criteria:
a. Mass mailing:- the email is not targeted to one particular person but to a large number
of peoples.
b. Anonymity:- The real identify of the person not known
c. Unsolicited:- the email is neither expected nor requested for the recipient.
These spams not only irritate the recipients and overload the network but also waste the time
and occupy the valuable memory space of the mailbox.

1.4.11 Cross Site Scripting

23
It is an activity which involves injecting a malicious client side script into a trusted website.
As soon as the browser executes the malicious script, the malicious script gets access to the
cookies and other sensitive information and sent to remote servers. Now this information can
be use to gain financial benefit or physical access to a system for personal interest.

1.4.12 Online Auction Fraud

There are many genuine websites who offers online auction over internet. Taking the
advantage of the reputation of these websites, some of the cyber criminals lure the customers
to online auction fraud schemes which often lead to either overpayment of the product or the
item is never delivered once the payment is made.

1.4.13 Cyber Squatting

It is an act of reserving the domain names of someone else‟s trademark with intent to sell it
afterwards to the organization who is the owner of the trademark at a higher price.

1.4.14 Logic Bombs

These are malicious code inserted into legitimate software. The malicious action is triggered
by some specific condition. If the conditions holds true in future, the malicious action begins
and based on the action defined in the malicious code, they either destroy the information
stored in the system or make system unusable.

1.4.15 Web Jacking

The hacker gain access to a website of an organization and either blocks it or modify it to
serve political, economical or social interest. The recent examples of web jacking are some of
the websites of the educational institutes were hacked by Pakistani hackers and an animation
which contains Pakistani flags were flashed in the homepage of these websites. Another
example is Indian hackers hacked website of Pakistani railways and flashed Indian flag in the
homepage for several hours on the occasion of Independence Day of India in 2014.

1.4.16 Internet Time Thefts

Hacking the username and password of ISP of an individual and surfing the internet at his
cost is Internet Time Theft.

1.4.17 Denial of Service Attack

It is a cyber attack in which the network is chocked and often collapsed by flooding it with
useless traffic and thus preventing the legitimate network traffic.

1.4.18 Salami Attack

24
It is an attack which proceeds with small increments and final add up to lead to a major
attack. The increments are so small that they remain unnoticed. An example of salami attack
is gaining access to online banking of an individual and withdrawing amount in such a small
amounts that it remains unnoticed by the owner. Often there is default trigger set in the
banking website and transactions below say, Rs. 1000 withdrawal are not reported to the
owner of the account. Withdrawing amount of Rs. 1000 over a period of time will lead to total
withdrawal of a large sum.

1.4.19 Data Diddling

It is a practice of changing the data before its entry into the computer system. Often, the
original data is retained after the execution on the data is done. For example, DA or the basic
salary of the person is changed in the payroll data of an individual for pay calculation. Once
the salary is calculated and transferred to his account, the total salary is replaced by his actual
salary in the report.

1.4.20 Email Spoofing

It is a process of changing the header information of an e-mail so that its original source is not
identified and it appears to an individual at the receiving end that the email has been
originated from source other than the original source.

25