cyber crime introduction awareness program at st. xavier

CYBER AWARENESSPresented By: Mohan H. DahalMSIT, MCT, Executive Member of CAN, Cyber Security Export , Firewall export

1

Some Internet Facts

Some Internet Facts

Countries where users face the highest risk of local infectionCountries where users face the highest risk of local infectionThe data includes detected objects located on user computers or on removable media connected to the computers, such as flash drives, camera and phone memory cards, or external hard drives. This statistic reflects the level of infected personal computers in different countries around the world.

Gadgets

By 2020 2.5 Billion gadgets will be on this world and law enforcement be in ready state to combat cyber related crime5

Old Storage Devices

The Hard Disk DriveThe first hard disk drive was the IBM Model 350 Disk File that came with the IBM 305 RAMAC computer in 1956. It had 50 24-inch discs with a total storage capacity of 5 million characters (just under 5 MB)

, , , , , (), , , , ?

WHY Cybercrime ?

Passion of youngsters Desire of Making quick moneyConfidential Information is onlineNegligenceLoopholes in systemInaccessibility to CriminalsLack of EvidenceCybercrime ?

1. Passion of youngsters :Cyber crimes can be committed for the sake of recognition. This is basically committed by youngsters who want to be noticed and feel among the group of the big and tough guys in the society. They do not mean to hurt anyone in particular; they fall into the category of the Idealists; who just want to be in spotlight.2. Desire of Making quick money :Another cause of cyber-crime is to make quick money. This group is greed motivated and is career criminals, who tamper with data on the net or system especially, e-commerce, e-banking data information with the sole aim of committing fraud and swindling money off unsuspecting customers.3. Misconception of fighting a Just cause :Thirdly, cyber-crime can be committed to fight a cause one thinks he believes in; to cause threat and most often damages that affect the recipients adversely. This is the most dangerous of all the causes of cyber-crime. Those involve believe that they are fighting a just cause and so do not mind who or what they destroy in their quest to get their goals achieved. These are the cyber-terrorists.4. Capacity to store data in comparatively small space :The computer has unique characteristic of storing data in a very small space. This affords to remove or derive information either through physical or virtual medium makes it much easily.5. Confidential Information is online :Confidential data from security firms, scientific databases, financial institutes and even governmental organizations is stored online and on networks. This allows cyber criminals to initiate unauthorized access and use it for their own needs. Complex technology can be manipulated and firewalls can be bypassed, allowing criminals to gain access to security codes, bank accounts and other information.6. Negligence :Sometimes simple negligence can give rise to criminal activities, such as saving a password on an official computer, using official data in a public place and even storing data without protecting it. The cyber criminal can take advantage of such negligence and use it to obtain, manipulate and forge information. Negligence is very closely connected with human conduct. It is therefore very probable that while protecting the computer system there might be any negligence, which in turn provides a Cyber Criminal to gain access and control over the computer system.7. Complexity in understanding :The computers work on operating systems and these operating systems in turn are composed of millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer system.8. Loopholes in system : Operating systems have complex codes that can be decoded or manipulated to gain access to the system. There are always loopholes in security that a professional cyber criminal can find and hack into. The traditional bank robber researched the security system and took advantage of it; a cyber thief is not much different, except he can breach security virtually.9. New Form of Crime : There are so many modes of criminal activity on the Net that the traditional policing methods and the laws that bind criminals at times lose jurisdiction in cyber crime cases. This is why there are so many crimes being committed online.10. Accessibility to Victims :The amount of people online allow criminals to target their victims without being physically present. Police find it impossible to implicate people when the trail is online. Child pornography, pedophiles who bait their victim's online; rapists who meet their targets through online social networks and hackers who gather information and use it to their own criminal ends without ever being a part of the network are just a handful of criminal examples.11. Inaccessibility to Criminals :The problem encountered in guarding a computer system from unauthorized access is that there is every possibility of breach not due to human error but due to the complex technology. By secretly implanted logic bomb, key loggers that can steal access codes, advanced voice recorders; retina imagers etc. that can fool biometric systems and even bypass firewalls can also be utilized to get past many a security system. Though technology is improving there is a long way to go before cyber criminals can be policed vigilantly.12. Lack of Evidence : One cause of increasing cyber crime is the lack of evidence to bind the criminal by law. There are so many ways to hide the trail of a cyber crime and little to actually police the criminal. Consider a pedophile who baits his victim through email or social networks. The police can trace the information to the criminal, but unless solid physical evidence is found, the trail cannot be used in a court of law. Loss of evidence is a very common & obvious problem as all the data are routinely destroyed. Further collection of data outside the territorial extent also paralyses this system of Crime Investigation.13. Drawbacks in judiciary system :Large number of vacancies in trial courts,Unwillingness of lawyers to become judges,Failure of the apex judiciary in filling vacant HC judges posts.Judiciary corruptionThis delays the decision making and punishment and might also lead to wrong decisions. This encourages other criminals to be casual and fearless.8

The Types of Criminals ?

Unaware and Under-age criminalsYoungsters between the age group of 6 18 years.Curiosity to know and discover stuffTo Show themselves as wonderful and the coolest personSome could be even emotional and psychological Structured hackers:Structured mutual attackers to attain a goalFundamentalismPolitical Prejudice


Expert hackers :Expert hackers who only understand moneyMostly hired by other organizations or state-level authorityTo hack and crack the system to find vulnerabilities For unethical reasons

Dissatisfied employees:Unsatisfied employees who are removed wrongfullyFor revenge, they may go to unethical measures for attackInternal Threats to the organization


Even your BrotherYour Girl FriendYour Best FriendHello Far FriendYour Senior'sYour TeacherThird party people

Why Internet ?More time efficientCan reach more peopleLess expensive to contact individual peopleCan be more difficult to locate and prosecute offenders.

Cyber Crime (types)Computer as a TOOLFinancial crimesCyber pornographySale of illegal articlesOnline GamblingIntellectual Property CrimesEmail SpoofingForgeryCyber Defamation Cyber stalking

Computer as a TARGETUnauthorized access Theft of informationEmail bombing Data diddling Salami attacksVirus / worm attacks Denial of Service attackLogic bombs Internet time theftsTrojan attacks Web jackingTheft of computer systemPhysically damaging

What are social media?

The "social" part:refers to interacting with other people by sharing information with them and receiving information from them.The "media" part:refers to an instrument of communication, likethe internet(whileTV, radio and newspapers are examples of more traditional forms of media).Websites and applications that enable users to create and share content or to participate in social networking, The term is used so vaguely that it can basically be used to describe almost any website on the internet today.----------------------------------------------------------Facebook, My Space, YouTube, TwitterLinked-in, Google (and other) business directoriesBlogsInteractive Web sitesEmails, texts, MMSSmart phones and apps

14

What Are The Security Risks?

15

You are been watched !!Friends\familyFriends Of Friends\familyParentsEmployers And Co-workersAdvertising CompaniesUniversitiesCriminals\hackersEveryone Else

16

" , (Imposter) (Photo Mutilation) .. .. , Website Hacking (website deface)

Trends of Cyber Crime

Social MediaOnline Banking IssueEmail / Internet FraudPublication of Illegal Material in Electronic FormWebsite IssueMalicious SoftwareBlogSpot IssueEmail ThreatsSMS ThreatCyber StalkingPhoto MutilationExchange of Sexual Materials'Identity Theft

18

Present Scenario..

Statistics of Technical CrimeTechnical Crime Investigation Statistics Report (CIB)CasesFiscal Year 071/72 Fiscal Year 072/73 Fiscal Year 073/74Online Banking Issue200ATM Issue202Unauthorized Access110Email Issue120Exchange of Sexual Material100Publication of Illegal Material form200Website Issue220Malacious 100Group Web/SMS Issue100Social Site Issue16316Blog Spot Issue110Internet Fraud000Computer Forensics1246Mobile Forensics10184VSA Report8101Total606919

Prevention and PrecautionInstall OS/Software UpdatesRun Anti-virus SoftwareTurn On FirewallsPreventing Identity Theft Avoid Spyware/Ad-wareBack Up Important FilesProtect PasswordsEncryptionParental ControlApproach Professionals

Install OS/Software UpdatesDownload patches for your system and software, visit official websites

Run Anti-Virus SoftwareAlways use latest and updated antivirus software to be protected against virus attacks and One should also repeatedly check ones computer for viruses and worms.Anti-virus software removes viruses, quarantines and repairs infected files, and can help prevent future viruses.

Turn on FirewallsIt forms wall between the system and possible trespassers to guard the classified documents from being accessed. It would only let the data to flow in computer which is recognized and verified by the system. It only permits access to the system to ones already registered with the computer.

Preventing Identity Theft Use common sense, Beware of scams, surf safely and Avoid checking mail or using credit card details online in cyber cafes..Don't offer financial account numbers, Social Security numbers, drivers license numbers or other personal identity information unless you know exactly who's in receipt of it. Never send personal (confidential) information via email or instant messages as these can be easily seized.

Avoid Spyware/Ad-wareSpyware and ad-ware take up the memory and can slow down the computer or lead to other problems. Use Ad-Aware and Spy-bot to remove spyware/ad-ware from the computer. Watch for references to spyware and ad-ware in user agreements before establishing (installing) free soft-wares. Be cautious of invitations to download software from unknown internet sources

Back Up Important FilesReduce risk of losing files to a virus, computer collapse, robbery or tragedy by producing back-up copies. Keep your critical files in one place on your computers hard drive so you can easily create a back up copy.

Protect PasswordsWhen selecting a password:

o Mix upper letters also

o Apply a minimum of 8 characters

o Utilize mnemonics to help you remember a tricky password

o Ex: Use !@#$%^&*()+= or remember a sentence like Im not sleepy when stars shine and the password would be Insw*s.

Do not share your passwords, and always make new passwords difficult to guess by avoiding dictionary words, and mixing letters, numbers and punctuation. Change your passwords occasionally.

EncryptionThis is best way to protect information transfer. Plain text (readable) is changed to cipher text (coded language) and the addressee of the data can decrypt it by converting it into plain text again by using the private key. This way except for the addressee with private key to decrypt the data, no one can gain access to the understandable information. The information stored on computer can be protected by using cryptography method. A problem lies during the distribution of keys as anyone if overhears it or catches; it can make the whole object of encryption to be idle. Public key encryptograpy is solution to it where the public key could be known to the whole world but the private key was only known to addressee and its very difficult to derive private key from public key.

Parental controlMonitor the online activities of your children. They should only have access to a computer located in a central area of your home and you should regularly check all browser and email activity. A wise thing to do is to use parental control software that limits the types of sites the user can gain access to. Always observe the sites that the children entre to prevent any kind of depravation, distraction or harassment in children. Educate the children in relation to the hazards of cyber crime.

Approach professionalsOn top of looking for the Common Criteria evaluated products list to find the highest certified products, consult organizations such as the advocacy organization, a Non-profit cyber-security analysis and Cyber Secure Institute devoted to increasing awareness of the need for honest computing to CIOs and other IT professionals.21

Use a strong, unique password (dont use the same password on multiple sites; dont use DOB password on social networking sites)Provide as little personal information as possible avoid revealing birth date, address, etc.Understand and customize the privacy settings in all of your social networking accountsDont allow 3rd party applications to accessyour information (if possible)Be careful about what you postPhotos of self or othersOpinions on controversial topicsDont rip classmates, professors, coworkers,employers, etc. It WILL come back to haunt youDont post anything related to youremployer (unless youre authorized)Supervise your family members and friends use of socialnetworking sitesTips for Safer Social Networking

RockYou can stash 32 million passwords in the clear; when RapLeaf can index 600 million email accounts; and when Intelius can go public by buying 100 million profile pages; then our social networks have traded away our privacy for mere privacy theater.over the past few years and negligently stored them in plaintext in an incompetently protected database.RockYous official bluster about illegal intrusion should fool no one: blaming Imperva, the firm who exposed the flaw , or accusing the hacker(s) of being the identity thieves is misdirection: it was actually RockYou who stole those credentials, and RockYou should be held to account.Read more: http://techcrunch.com/2009/12/27/privacy-theater/#ixzz0oaNyV1XL

22

Safe Surfing Best Practices

Using a strong passwordAvoid using D.O.B., Use combination of letters, symbols and numbers(ex: M@55w0rd)Longer passwords are harder to guessMake passwords that you can easily remember, such as your hometown(ex: H@lp4n3p@l)Don't write down password on notebooks or personal dairiesDon't use same password for different accounts. (Ex:for gmail:p@55w0rdgm@1lp@lp4n3p@l yahoo:p@55w0rdy@h00p@lp4n3p@lChange password every few monthsDon't share your password


23

Tips for staying SAFE

Be suspicious of friend/follow requests, ads, 3rd party applications, chat messages, etc.Minimize exploration dont carelessly click on lots of ads, videos, games, etc.Use built-in and add-on features in web browsers to warn you of malicious sitesGoogle yourself and scrutinize resultsThink before you click!!


24

Safe Surfing Social Media

Only add people on social media that you personally knowNever agree to meet person you know onlineBe aware about the information you share specially on social site (ex:facebook, instagram, twitter)Don't give out personal information such as full name, address, phone number


25

Basic Router Security

Choose WPA2 and disable WPS on your router for securityHide your SSID (router display name) [IF POSSIBLE]If possible use MAC binding with the help of a IT professional. **Only share wifi password to people you trust.Change router password every 2 - 4 weeks .


26

, ( )

: , : ,,/- : : ,,/- : : ,,/- : : () ,,/- ()() - : : ,,/- : : ,,/- : : () ,,/- () () ,,/- () ,,/- : : ,/- : : ,,/- : : ,/- : : : : : : , , , , : : () () () ,, , , , : : ,/- : : :

Cyber Bullying (Aggressive)


28

Help to stop Cyber Bullying


29

Emergency Response

In Case of Any problems related to Internet Fraud, scams etc.Contact Nepal Police 100 (remember to be clear about your problem) Nearest Police Station Ask someone you trust for help


30

cyber crime introduction awareness program at st. xavier

Technology