Professional Documents
Culture Documents
Cyber Crimes
Cyber Crimes
Cyber Crimes
Maher Aljahdali
Criminology
Cyber Crimes
Summer 2020
2
Cyber Crimes
The first cybercrime was in 1988. This kind of crime is still growing, and many may not
know the potential risks. From business to family, the danger is around as. The first hacker was
playing with his computer; he was not aware of what he was doing. Furthermore, the first large
(DDoS) attack was from Dr. Frankenstein; he was also unaware of the capability of his malicious
program. As a result, he became one of the first convicts of cybercrime. These new technologies
are still growing, and people are still growing knowledge about these technologies. The internet
of things is growing, and it will eventually be in every house. Cybercrime is more than just bank
account fraud; it also invades our privacy. Cybercrime includes fights between companies and
fighting between two governments and individuals fight. Vulnerabilities on the internet could
open us to great danger, such as stealing trade secrets as what is happening between Russia and
Denial of service attack floods the target with many fake requests to fill the machine or
website's capacity.
Kinds of attacks.
* Buffer overflow. Send many requests to a website that will fill the website capacity to stop
* ICMP floods. An attacker tries to damage the whole system with many fake requests, and the
* SYN flood. Requesting the server and never completing it will stop the typical user from using
the server.
3
Cyber Crimes
This kind of attack will stop many customers from using the website, which will lead to a
This type of attack could be minimal when the website makes an alternative server to take fake
requests.
Cross-Site Scripting.
According to MSSP, 40 percent of attacks on the internet are from Cross-site Scripting.
The attacker hacks the website, giving the attacker advantage to fake up any website page to let
the user uses it, as it is the original website he wanted, or inject the user with a program.
* Reflected XSS. They inject the website content, which gives them the ability to infect all users
* Stored XSS. This type will give the visitor another page as an ad to steal their information, as
SQL Injection.
This type of attack steals the database from a company that gives them information about
* Boolean. They send a request to test out the database, then work out a way to accomplish their
* Time-based. Send request make delay in the system, which gives the attacker an idea if the
4
Cyber Crimes
They may steal the whole database, which can be used for many reasons. To prevent these types
of attacks, use firewalls. SQL injection makes up 24 percent of cybercrime, according to MSSP.
Affects vulnerabilities in websites where the attacker can take control over the site and execute
his code to the site. To these attacks, the site must be equipped with better security.
* Brute Force Attack. Will try as many passwords as possible, mostly a program that will try
* Credential Stuffing Attack. The attacker reused the old password or the stolen password and
username from another website or reused the stolen password in another site that the victim use.
In most businesses, the user needs to change his password monthly to limit these types of attacks.
However, many people use the same password for most of the sites that they use.
Social Engineers
play upon the victim to steal their identity or to steal confidential information. This type of attack
could harm companies, kids, and everyone. The attacker will look for sensitive information such
* Biting to leave a USB or CD, somewhere to let someone else take it, this USB or CD are
* Phishing the attacker may fake up his identity to steal important information.
* Quid pro quo the attacker may ask for information to give something else that's desirable to the
Internet of Things.
We rely on these types of devices to make our life easier—surveillance or a T.V, and many
These devices are connected with Bluetooth or directly with the router. An attack on these
devices could let them get to all the devices around, leading to sensitive information or privacy
invasion or sensitive devices. Most of these devices do not require a password or their original
manufacturer password 0000; they also are not equipped with advanced security or even an
update. According to Symantec, there were 5200 attacks per month involving the internet of
things. These types of attacks will grow as people come to understand technology.
finally Protecting family and business, with family monitor the kid's internet use, and only allow
safe sites to use, and always have antivirus. In the business, a cybersecurity team should manage
a policy. The policy should make employees change passwords frequently. Also, authentication
for their use, the policy should only allow them to use sites that the company uses and are not
allowed to use any other site than the business requires them to, and update to date all the
Sources
https://www.imperva.com/learn/application-security/rfi-remote-file-inclusion/
https://www.imperva.com/learn/application-security/sql-injection-sqli/
https://www.imperva.com/learn/application-security/cross-site-scripting-xss-attacks/
https://owasp.org/www-community/attacks/xss/
https://www.msspalert.com/cybersecurity-breaches-and-attacks/5-most-common-web-
application-attacks/
https://www.imperva.com/learn/application-security/credential-stuffing/
https://www.akamai.com/uk/en/resources/what-is-a-botnet.jsp
https://digitalguardian.com/blog/what-social-engineering-defining-and-avoiding-common-social-
engineering-threats
https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos
https://symantec-enterprise-blogs.security.com/blogs/expert-perspectives/istr-2019-internet-
things-cyber-attacks-grow-more-diverse?om_ext_cid=biz_social3_AMS_NAM-IV_twitter_
https://www.webroot.com/blog/2019/04/23/the-evolution-of-cybercrime/
https://www.floridatechonline.com/blog/information-technology/a-brief-history-of-cyber-crime/
https://us.norton.com/internetsecurity-how-to-how-to-recognize-and-protect-yourself-from-
cybercrime.html