Shri Vile Parle Kelavani Mandal’s Narsee Monjee

College of Commerce and Economics

(Autonomous)

FYBCOM

Semester I

CYBER CRIME

Submitted by:

C001 - Jenil Kamdar, Sap I’d: 45208220137

C002 - Ishana Kanunga, Sap I’d: 45208220479

C004 – Hussain Kapasi, Sap I’d: 45208220374

Roll No:

C001, C002, C004

 TABLE OF CONTENTS

Sr. Content Page

No. Number

1. Case let 3-4

2. Introduction 5
3. Types of Cybercrimes 6-8
4. Effects and Prevention of Cybercrime 9
5. Bibliography 10
 THE AIR INDIA SECURITY BREACH

Recent events throughout the world have evidenced that high-profile hackers and state-
sponsored attempts at security breaches have been steadily increasing since 2020. It is
becoming rapidly apparent that no sector is immune to becoming a victim of a data breach,
including the airline industry, where the safety of crew and passengers is put at grave risk.

What is Known about Air India’s Data Breach

Air India announced in May 2021 that its customer database had suffered a massive security
breach. It informed its affected passengers that the “breach involved some personal data
registered between August 2011 and February 2021” and that “no password data was
affected.”
Approximately 4.5 million records may have been leaked in this massive security breach.
Leaked data included passengers’:
 Name
 Contact information
 Date of birth
 Ticket information
 Passport information
 Credit card data
 Frequent flyer data
The details surrounding Air India’s security breach are not entirely clear. What is known is
that the breach occurred during a recent cybersecurity attack of the airline’s third-party data
processor, SITA PSS, which handles the storage and processing of passengers' personal
information in the cloud.
Air India Response to the Security Breach
In its response to its massive security breach, Air India announced it took the following steps
to ensure passenger data safety by:
 Investigating the security breach
 Securing the servers that were compromised
 Working with external data security incident specialists
 Notifying and working with credit card issuers
 Resetting passwords for its Frequent Flyer program

The Air India security breach was India’s second major airline data breach within six months

What needs to be done to protect business and customer data

The question is whether companies like Air India and others are doing enough from a data
security and data privacy point of view to protect themselves and their customers that put
their trust in them. It is of the utmost importance that organizations take further steps to
bulletproof their data from cyberattacks, especially if they are using external third-party
services.
Compliance with best-practice data security guidelines and international standards is a
significant step to prevent future breaches. Additionally, to mitigate the potential damage of
breaches that may occur, it is of utmost importance that an organisation employs a strong
encryption strategy and operational processes. To prevent unencrypted data being accessed
by unauthorized parties, Air India must take steps to ensure that:
 Its data remains encrypted while at rest in its databases.
 Its data remains encrypted while in transit while it migrates between clients,
applications, and Air India personnel.
 The HSMs must not be accessible by the third-party data processor.
 Only Air India performs all key management.
 Its encryption keys must never be with its third-party data processor and must remain
stored in Air India’s vaulted data center.
 Third parties will not have access to readable data.
The mandatory multifactor authentication of clients is implemented to generally limit the
access to data to only authorized persons like passengers who can only view their personal
data.
These steps towards best practice emphasizes the need for strong cryptography (using HSMs)
and lifecycle key management - to enable a business to be confident that its sensitive data is
(at rest or in use) is protected against breaches - so confidential data remains encrypted
regardless of whether attackers gain access to it.
 INTRODUCTION

Cybercrime is any criminal activity that involves a computer, networked device or a network.
While most cybercrimes are carried out in order to generate profit for the cybercriminals,
some cybercrimes are carried out against computers or devices directly to damage or disable
them. Others use computers or networks to spread malware, illegal information, images or
other materials. Some cybercrimes do both -- i.e., target computers to infect them with a
computer virus, which is then spread to other machines and, sometimes, entire networks.
A primary effect of cybercrime is financial. Cybercrime can include many different types of
profit-driven criminal activity, including ransomware attacks, email and internet fraud, and
identity fraud, as well as attempts to steal financial account, credit card or other payment card
information.
Cybercriminals may target an individual's private information or corporate data for theft and
resale. As many workers settle into remote work routines due to the pandemic, cybercrimes
are expected to grow in frequency in 2021, making it especially important to protect backup
data.

HOW DOES CYBER CRIME WORK?

Cybercrime attacks can begin wherever there is digital data, opportunity and motive.
Cybercriminals include everyone from the lone user engaged in cyberbullying to state
sponsored actors, like China's intelligence services.
Cybercrimes generally do not occur in a vacuum; they are, in many ways, distributed in
nature. That is, cybercriminals typically rely on other actors to complete the crime. This is
whether it's the creator of malware using the dark web to sell code, the distributor of illegal
pharmaceuticals using cryptocurrency brokers to hold virtual money in escrow or state threat
actors relying on technology subcontractors to steal intellectual property (IP).
Cybercriminals often carry out their activities using malware and other types of software, but
social engineering is often an important component for executing most types of cybercrime.
Phishing emails are another important component to many types of cybercrime but especially
so for targeted attacks, like business email compromise (BEC).
 TYPES OF CYBER CRIME

There are literally a dozen ways in which a cybercrime can be perpetrated, and
you need to know what they are;
In order to protect yourself you need to know about the different ways in which your
computer can be compromised and your privacy infringed. In this section, we discuss a
few common tools and techniques employed by the cyber criminals. This isn’t an
exhaustive list by any means, but will give you a comprehensive idea of the loopholes in
networks and security systems, which can be exploited by attackers, and also their
possible motives for doing so. Some of the ways are briefly explained below:

1. Hacking
In simple words, hacking is an act committed by an intruder by accessing your computer
system without your permission. Hackers (the people doing the ‘hacking’) are basically
computer programmers, who have an advanced understanding of computers and
commonly misuse this knowledge for devious reasons. They’re usually technology buffs
who have expert-level skills in one particular software program or language. As for
motives, there could be several, but the most common are pretty simple and can be
explained by a human tendency such as greed, fame, power, etc.

2. Virus dissemination
Viruses are computer programs that attach themselves to or infect a system or files, and
have a tendency to circulate to other computers on a network. They disrupt the
computer operation and affect the data stored – either by modifying it or by deleting it
altogether. “Worms” unlike viruses don’t need a host to cling on to. They merely
replicate until they eat up all available memory in the system. The term “worm” is
sometimes used to mean self replicating “malware” (Malicious Software). These terms
are often used interchangeably in the context of the hybrid viruses/worms that
dominate the current virus scenario. “Trojan horses” are different from viruses in their
manner of propagation.
3. Phishing

This a technique of extracting confidential information such as credit card numbers and

username password combos by masquerading as a legitimate enterprise. Phishing is

typically carried out by email spoofing. You’ve probably received email containing links

to legitimate appearing websites. You probably found it suspicious and didn’t click the

link. Smart move.

4. Email bombing and spamming
Email bombing is characterised by an abuser sending huge volumes of email to a target
address resulting in victim’s email account or mail servers crashing.

5. Web jacking
Web jacking derives its name from “hijacking”. Here, the hacker takes control of a web
site fraudulently. He may change the content of the original site or even redirect the
user to another fake similar looking page controlled by him. The owner of the web site
has no more control and the attacker may use the web site for his own selfish interests.

6. Software Piracy
Thanks to the internet and torrents, you can find almost any movie, software or song
from any origin for free. Internet piracy is an integral part of our lives which knowingly or
unknowingly we all contribute to. This way, the profits of the resource developers are
being cut down. It’s not just about using someone else’s intellectual property illegally but
also passing it on to your friends further reducing the revenue they deserve.

8. Cyber stalking
Cyber stalking is a new form of internet crime in our society when a person is pursued
or followed online. A cyber stalker doesn’t physically follow his victim; he does it virtually
by following his online activity to harvest information about the stalkee and harass him
or her and make threats using verbal intimidation. It’s an invasion of one’s online
privacy.
 EFFECTS OF CYBER CRIME ON BUSINESS

The true cost of cybercrime is difficult to assess accurately. In 2018, McAfee released a
report on the economic impact of cybercrime that estimated the likely annual cost to the
global economy was nearly 600 billion.
While the financial losses due to cybercrime can be significant, businesses can also suffer
other disastrous consequences as a result, including the following:
 Damage to investor perception after a security breach can cause a drop in the value of
the company.
 In addition to potential share price drops, businesses may also face increased costs for
borrowing and greater difficulty in raising more capital as a result of the cyber attack.
 Loss of sensitive customer data can result in fines and penalties, businesses may also
be sued over the data breach.
 Damaged brand identity and loss of reputation.

HOW TO PREVENT CYBER CRIME

While it may not be possible to completely eradicate cybercrime and ensure complete internet
security, businesses can reduce their exposure to it by maintaining an effective cybersecurity
strategy using a defensive-in-depth approach to securing systems, networks and data.

Cybercrime risks can be reduced with the following steps:

 Develop clear policies and procedures for the business and employees;
 Create cybersecurity incident response plans to support these policies;
 Outline the security measures that are in place about how to protects systems and
corporate data;
 Use two-factor authentication apps or physical security keys;
 Create intrusion detection system (IDS) rules that flag emails with extensions similar
to company emails;
 Carefully scrutinize all email requests for transfer of funds to determine if the requests
are out of ordinary;
 Continually train employees on cybersecurity procedures and what to do in the event
of security breaches.
 BIBLIOGRAPHY

CONTENT

1. www.techtarget.com

2. www.researchgate.net

3. www.McAfee.com

IMAGES

1. Google images