Home > DCA > IT-Trends > PGDCA > CYBER-CRIME, ATTACK & VIRUS [IT Trends PGDCA/DCA]

CYBER-CRIME, ATTACK & VIRUS [IT Trends PGDCA/DCA]

, ,

CYBER-CRIME, ATTACK & VIRUS [IT Trends PGDCA/DCA]

It trends PGDCA/DCA cyber crime
cyber-crime-cyber-attack-virus

    What is cybercrime?

    Cybercrime involves criminal activities that focus on exploiting or utilizing computers, computer networks, or networked devices. The majority of cybercrime is perpetrated by cybercriminals or hackers with financial motives. Perpetrators of cybercrime can be individuals or groups, ranging from highly organized and technically proficient individuals to inexperienced hackers. In some cases, cybercrime may have non-monetary objectives, such as political or personal reasons.


    Type of Cyber crime
    Type of Cyber crime


    Types of cybercrime

    1. Email and online scams.
    2. Identity theft (stealing and using personal information).
    3. Unauthorized access to financial or card payment information.
    4. Unauthorized access and sale of company data.
    5. Online blackmail (requesting money to avoid a potential attack).
    6. Unauthorized access to government or corporate data by hackers.




    The majority of cybercrime can be classified into two primary categories: 

        criminal activity that directly targets computers and 

        criminal activity that utilizes computers to facilitate other illegal activities. 

    Cybercrime targeting computers frequently involves the dissemination of viruses and various forms of malware.

    Cybercriminals have the ability to infect computers with viruses and malware, which can cause significant harm to devices or render them inoperable. Additionally, these malicious actors may employ malware as a means to either delete or unlawfully acquire sensitive data.

    Malware

    Malware, short for malicious software, refers to a variety of harmful computer programs such as viruses, worms, Trojans, and others that hackers use to cause damage and obtain unauthorized access to confidential information. According to Microsoft, malware is a broad term that encompasses any software designed to harm a single computer, server, or computer network. In essence, software is classified as malware based on its intended purpose, rather than the specific technique or technology used in its development.


    Malware & Types of malware
    Malware & Types of malware

    The distinction between malware and a virus is often misunderstood. It is important to note that a virus falls under the category of malware. Therefore, all viruses can be classified as malware, but not all forms of malware are viruses.

    Types of malware

    There are a number of different ways of categorizing malware.

    1. A worm is an independent form of malicious software that replicates and moves from one computer to another.

    2. A virus is a type of computer code that embeds itself in the code of another independent program, compelling that program to carry out harmful actions and spread.

    3. A trojan is a software program that lacks the ability to replicate itself, instead pretending to be something desirable to the user in order to deceive them into activating it for the purpose of causing harm and spreading.



    types of malware
    types of malware

    Spyware

    Spyware denotes software that covertly implants itself on your computer and initiates concealed monitoring of your online behavior without your awareness or consent. This type of malware discreetly gathers information about individuals or organizations and transmits it to other entities. These entities may comprise advertisers or marketing data companies, which is why spyware is sometimes labeled as "adware." It is typically installed without user agreement through techniques such as drive-by downloads, trojans bundled with legitimate programs, or deceptive pop-up windows.


    Spyware
    Spyware

    Spyware employs your internet connection to send personal information such as your name, address, browsing behavior, preferences, interests, or downloads. Different variations of spyware hijack your browser to redirect it to another site, prompt your device to make calls or send texts automatically, or show bothersome ads even when you are not connected to the internet. Spyware that steals your username, password, or other credentials is labeled as a “keylogger” – a crucial component for cybercrime.

    Symptoms of a spyware infiltration may present as unwarranted actions and a decrease in system performance. It has the capability to utilize CPU capacity, disk space, and network traffic. Common stability concerns include applications freezing, boot failures, connectivity difficulties with the internet, and system crashes.

     Spam Mail/Email spam

    Email spam, also referred to as junk email, is unsolicited messages sent in bulk to a wide audience. Typically used for commercial purposes, spam emails are often distributed in large volumes through botnets, which are networks of infected computers.

    Email spam has steadily grown since the early 1990s, and by 2023 was estimated to account for around 90% of total email traffic.
    spam mail/email spam
    spam mail/email spam

    Spam emails are frequently utilized for commercial purposes, despite being considered unethical by some. Many businesses continue to send spam due to its extremely low cost per email and the ability to consistently send out large quantities. However, it is important to note that spam emails can also pose a security threat by attempting to gain unauthorized access to your computer. Most spam emails are dangerous as they may contain links to phishing websites or sites hosting malware, or even include malware as file attachments. Spammers gather email addresses from various sources such as chat rooms, websites, customer lists, newsgroups, and viruses that extract addresses from users' address books. These collected email addresses are sometimes sold to other spammers.


    Logic Bombs

    When discussing cybersecurity threats, it is essential to mention logic bombs, which are detrimental programs designed to activate upon meeting a specific logical condition. This condition could be triggered by the completion of a specific number of transactions or the arrival of a predetermined date (also known as a time bomb). It is worth noting that logic bombs are frequently embedded within malware like worms, which initially operate in a certain manner and subsequently alter their tactics at a predefined date and time.

    Logic bomb
    Logic bomb


    A logic bomb, sometimes referred to as slag code, is a set of malicious code utilized to inflict harm on a network once certain conditions are met. The term is derived from the concept that a logic bomb "explodes" when activated by a specific event, such as a particular date or time, the deletion of a specific record from a system, or the initiation of an infected software application.

    How logic bombs work

    The insertion of logic bombs into a computer network is accomplished through the use of malicious code, done in a clandestine manner. This code can be embedded within the computer's pre-existing software or bundled alongside other malicious software like viruses, worms, or Trojan horses. Subsequently, these logic bombs remain inactive and often remain undetected until the specified trigger event occurs.


    Triggers are typically classified as positive or negative. Positive triggers for logic bombs are triggered after a specific condition is met, such as the date of a major corporate event. On the other hand, negative triggers activate a logic bomb when a condition is not fulfilled, for example, if an employee does not enter the correct code by a certain deadline. In both instances, once the conditions are satisfied, the logic bomb will activate and carry out its programmed damage.

    Denial-of-service attack (DOS attack)

    A denial-of-service attack, also known as a DOS attack, is a type of cyber-attack where the attacker aims to render a machine or network resource inaccessible to its rightful users by disrupting the services of a host connected to the Internet, either temporarily or permanently. This is usually done by overwhelming the targeted machine or resource with excessive requests in order to overload systems and block legitimate requests from being processed.

    Dos Attack
    Dos Attack

    Distributed Denial-of-service attack (DDoS attack)

    In a distributed denial-of-service attack (DDoS attack), the victim is bombarded with incoming traffic from numerous sources, making it extremely challenging to halt the attack by blocking a single source. This creates a situation similar to a group of individuals crowding the entrance of a shop, impeding the entry of genuine customers and causing disruption to normal business operations.

    DDos Attack
    DDos Attack

    The primary targets of criminal perpetrators who carry out DoS attacks are typically sites or services hosted on well-known web servers, particularly those associated with banks or credit card payment gateways. These attacks are often motivated by factors like revenge, blackmail, or activism.

    Hacking

    Hacking & their types
    Hacking & their types

    Hacking involves the deliberate act of exploiting a computer system or infiltrating a private network within a computer. In essence, it refers to the unauthorized manipulation or control of computer network security systems with the intention of carrying out illicit activities.

    The roots of hacking date back to the early days of computing, as individuals with a thirst for knowledge sought to uncover the inner workings of systems. Over time, hacking has transformed into a complex domain, incorporating diverse motivations and techniques.

    Hackers utilize a variety of methods, encompassing social engineering, deploying malware, and exploiting vulnerabilities in software. The motivations driving hacking activities can differ significantly, ranging from seeking financial benefits and engaging in espionage to promoting activism and satisfying curiosity.


    Protect computer against hacker
    Protect computer against hacker

    In order to provide a more accurate description of hacking, it is essential to have a thorough understanding of hackers. It is common to perceive them as individuals with high intelligence and exceptional computer skills. Contrary to popular belief, hacking into a security system demands a greater level of intelligence and expertise compared to building one from scratch. There are no definitive criteria for classifying hackers into distinct categories. Nevertheless, within the realm of computer terminology, they are often referred to as white hats, black hats, and grey hats.


    hackers & their classification
    hackers & their classification



    1. White hat hackers conduct security tests on their own systems to enhance their security measures against hacking attempts. Typically, these professionals are affiliated with the same organization.

    2. Black hat hackers infiltrate systems with the intention of gaining personal benefits by either causing damage, stealing information, or blocking authorized users from accessing the system. They exploit vulnerabilities within the system. Some refer to them as crackers instead of hackers.

    3. Grey hat hackers are individuals with a level of computer knowledge that allows them to explore potential weaknesses in network security systems by hacking into them out of curiosity.

    Grey hats distinguish themselves from black hats by responsibly reporting any weaknesses they find in the system to the network system administrator. Conversely, black hats engage in hacking activities solely for their own gain. It is crucial to understand that all types of hacking are illegal, with the exception of the work carried out by white hat hackers.

    Type of Hacking

    •      Email

    •      Website

    •      Password

    •      Network

    •      Computer

    •      Online Banking


    Phishing

    Phishing involves cyber attackers deceiving individuals into revealing confidential information, like passwords, credit card numbers, or personal data, by pretending to be reliable sources. This fraudulent scheme often takes place through fake emails, text messages, or websites imitating legitimate entities, such as financial institutions, social networking sites, or e-commerce platforms.

    The objective of phishing is to manipulate victims into disclosing confidential data or interacting with malicious links, thereby exposing them to risks such as identity theft, financial losses, or unauthorized account breaches. Phishing attacks often exploit psychological tactics, urgency, or fear to coerce recipients into immediate action without questioning the legitimacy of the communication.

    To prevent falling victim to phishing, individuals must exercise caution when responding to unsolicited requests for personal information, confirm the legitimacy of communication from unfamiliar sources, and avoid clicking on suspicious links or attachments. Implementing security measures like spam filters, antivirus software, and two-factor authentication can also aid in reducing the risk of falling for phishing scams.


    Phishing
    Phishing

    Spoofing

    Spoofing is a method of cyber attack in which malicious individuals manipulate information to trick people or systems into thinking that the data or communication is coming from a reliable source, when in reality it is not. This deceitful tactic is frequently employed in different ways, including email spoofing, IP spoofing, and caller ID spoofing.
    The act of spoofing entails the art of disguising an unfamiliar source's communication to appear as if it originates from a known and reliable source. Spoofing can manifest in multiple forms, encompassing emails, phone calls, websites, or even more intricate techniques. Its applications can range from acquiring a target's personal information, propagating malware through infected links or attachments, evading network access controls, to redirecting traffic for the purpose of conducting a denial-of-service attack.

    Spoofing attacks come in many forms, primarily:

    • Email spoofing:-Email spoofing involves the manipulation of email headers by attackers in order to create the illusion that the message originates from a credible sender, frequently impersonating well-known organizations or individuals.

    • Website and/or URL spoofing:-Website spoofing is the act of developing counterfeit websites that imitate authentic ones in order to trick individuals into providing confidential details, like login information or credit card numbers.

    • Caller ID spoofing:-Caller ID spoofing enables attackers to manipulate the caller identification information displayed on recipients' phones to mask their true identity and deceive them into answering or trusting the call. 

    • GPS spoofing:-GPS spoofing involves manipulating GPS signals to provide false location information to navigation systems, mobile devices, or unmanned vehicles. 

    • IP spoofing:- IP spoofing is the act of falsifying the source IP address of network packets in order to hide the true origin of the communication or to mimic a different system.


    Spoofing
    Spoofing

     

    When organizations experience successful attacks, it can lead to infected computer systems and networks, data breaches, and potential revenue loss, all of which can damage the organization's public image. Additionally, spoofing attacks that reroute internet traffic can overload networks or direct customers to malicious websites that are designed to steal information or spread malware.

    Identity Theft

    Identity Theft & their types
    Identity Theft & their types

    Identity theft, also known as identity fraudIdentity theft is a widespread criminal act that entails the theft of an individual's personal data in order to engage in fraudulent or illicit behavior. This purloined information may encompass social security numbers, credit card details, bank account information, and additional sensitive data. Culprits frequently exploit this data to conduct unauthorized transactions, establish fake accounts, or even fully adopt the victim's identity.

    Various techniques are employed by cybercriminals to acquire this information, which includes phishing scams, data breaches, or even theft of physical documents. Once obtained, these stolen details can be utilized to fraudulently open accounts, make unauthorized purchases, or engage in other financial crimes using the victim's identity.

    Identity theft can result in serious repercussions for individuals, such as monetary setbacks, compromised credit scores, legal issues, and emotional strain. Uncovering and addressing identity theft can prove to be difficult, as victims must notify the authorities about the crime and implement measures to restore their credit and safeguard their accounts.

    Types of identity theft

    Identity theft is categorized in two ways:

    True name 

    The act of true-name identity theft involves the unauthorized utilization of personal details to initiate the establishment of novel accounts. This could encompass actions such as opening a credit card account, activating cellular phone service, or setting up a new checking account with the intention of obtaining blank checks.

    Account takeover 

    Account takeover identity theft refers to the act of an imposter exploiting personal information to gain unauthorized access to someone's established accounts. Typically, the fraudster manipulates the account's mailing address and incurs significant expenses before the victim detects any wrongdoing. The internet has played a pivotal role in enabling identity thieves to utilize the stolen data, as transactions can be conducted devoid of any personal interaction.

    identity theft & their type
    identity theft & their type

    Type of Identity -Theft

    1. Financial identity theft involves the fraudulent use of someone's identity for financial gain. The thief aims to benefit economically by utilizing the stolen identity.

    2. Medical identity theft occurs when an individual steals another person's information, such as health insurance member numbers, in order to receive medical services illegitimately.

    3. Criminal identity theft occurs when a person who is under arrest provides stolen identity information to the police, falsely assuming another person's identity for their own benefit.

    4. Child identity theft involves the misuse of a child's Social Security number to apply for government benefits, open bank accounts, and access other services fraudulently.

    5. Senior identity theft specifically targets individuals aged 60 and above. Given that senior citizens are often seen as vulnerable targets, it is crucial for them to remain vigilant and stay informed about the evolving methods employed by thieves to steal personal information.


    How to protect yourself against cybercrime

    How to protect yourself against cybercrime
    How to protect yourself against cybercrime

    1. Ensure that your software and operating system are always up to date.

    2. Utilize anti-virus software and ensure that it is regularly updated.

    3. Create and use strong passwords for your accounts.

    4. Avoid opening attachments in emails that are marked as spam.

    5. Refrain from clicking on links in spam emails or on websites that are not trusted.

    6. Only provide personal information on secure platforms.

    7. If you receive suspicious requests, contact the companies directly to verify.

    8. Be cautious of the URLs of websites you visit to avoid potential risks.

    9. Regularly monitor your bank statements for any unusual activity.


    conclusion

    In conclusion , this blog cover a brief description of following topics
    cyber crime, cyber attack, spyware, malware, spam mail, logic bombs, denial of service, DDOS attack, Cyber crime, email fraud, phishing, spoofing, hacking

    In summary, I can say that these topics are related to IT Trends and very helpful for those who pursuing BCA,PGDCA, DCA ,'O' Level Courses from different universities 
    I hope this blog helps you a lot Happy learning....

    Frequently Asked Question(FAQ)

    What is cybercrime?

    Cybercrime involves criminal activities that focus on exploiting or utilizing computers, computer networks, or networked devices.

    What is Malware?

    Malware, short for malicious software, refers to a variety of harmful computer programs such as viruses, worms, Trojans, and others that hackers use to cause damage and obtain unauthorized access to confidential information.

    What is Spyware ?

    Spyware denotes software that covertly implants itself on your computer and initiates concealed monitoring of your online behavior without your awareness or consent.

    What is Logic Bombs ?

    A logic bomb,is a set of malicious code utilized to inflict harm on a network or computer once certain conditions are met.

    What is Denial-of-service attack (DOS attack) ?

    It is a type of cyber-attack where the attacker aims to render a machine or network resource inaccessible to its rightful users by disrupting the services of a host connected to the Internet, either temporarily or permanently.





     




     

     


     




    Post a Comment

    Powered by Blogger.