Cyber Crime and Digital Forensics

UNIT-IV

Mr.V.Yuvaraj
Assistant Professor – Department of Computer Applications
Dr. N.G.P. ARTS AND SCIENCE COLLEGE
Dr. N.G.P.-KALAPATTI ROAD
COIMBATORE-641 048
Tamil Nadu, India
Mobile: +917502919891,
E-mail: yuvaraj.v@drngpasc.ac.in

Dr. NGPASC
COIMBATORE | INDIA
 Web-Based Criminal Activity

• Computer crime can involve more than

Internet-based activities:
– Financial losses
– Threats to personal security (i.e., identity
theft)
– Industrial espionage
– Threats to international security
– Threats to public safety

Dr. NGPASC
COIMBATORE | INDIA
 Web-Based Criminal Activity

• Online crime, however, can include:

– Interference with lawful use of computers,
such as eco-terrorism, DOS attacks, use of
malware (e.g., viruses, worms) malware,
cybervandalism, cyberterrorism, spam, etc.
– Theft of information and copyright
infringement, such as industrial espionage,
ID theft, and ID fraud.

Dr. NGPASC
COIMBATORE | INDIA
 Web-Based Criminal Activity

• Dissemination of contraband or offensive materials, such as

pornography, child pornography, online gaming, and
treasonous or racist material
• Threatening communications, such as extortion, cyberstalking,
cyberharassment, and cyberbullying
• Fraud, such as auction fraud, credit card fraud, theft of
services, and stock manipulation
• Ancillary crimes, such as money laundering and conspiracy

Dr. NGPASC
COIMBATORE | INDIA
 Malware: Viruses

• Viruses, their design, and dissemination,

have gone through different phases:
– Classical Era (1960s–1970s): Involved pranks
or were accidentally distributed
– Floppy Era (1980s–1990s): Targeted DOS
machines; primarily distributed via floppy
disks
– Macro Era (1990s–2000s): Infected documents
and templates, rather than programs
– Internet Era (2000–present): More
sophisticated, seeking out vulnerable systems
Dr. NGPASC
COIMBATORE | INDIA
Malware: Worms, DoS, and Botnets

• Worms seem primarily used to set up a

large-scale DoS attack.
• DoS (Denial of Service) and DDOS
(Distributed Denial of Service) Attacks
– Attempt to overwhelm servers, such as
through mail-bombing.

• Botnets and Zombie Armies

– Using zombies, compromised computers linked
to Internet as an army (or botnet), for theft,
extortion, or DDOS attack, for example.
Dr. NGPASC
COIMBATORE | INDIA
 Malware: Spam
• Spam
– Abuse of electronic messaging systems,
taking up resources, across multiple
platforms

Dr. NGPASC
COIMBATORE | INDIA
 Malware: Ransomware
• Ransomware and the Kidnapping of
Information
– Malware program that makes digital
resources inoperable or inaccessible in
extortive scheme
– Critical factors can include level of user's
education (less educated, more
vulnerable), sophistication of product (not
amenable to common software remedies)

Dr. NGPASC
COIMBATORE | INDIA
 Malware: Ransomware
– Examples include the PC Cyborg/Aids
information Trojan, distributed through
ordinary mail via a floppy, so that once
installed, victims had to pay $378 to regain
access to all directories and to unencrypt
files.

Dr. NGPASC
COIMBATORE | INDIA
 Theft of Information, Data Manipulation,
and Web Encroachment
• Traditional methods of proprietary information theft
can occur due to:
– Insiders, on the job or through maintenance back doors
– Social engineering, including shoulder surfing and
dumpster diving
– Theft of equipment
– Malware

Dr. NGPASC
COIMBATORE | INDIA
 Theft of Information, Data Manipulation,
and Web Encroachment
• Trade Secrets and Copyrights – Concerns:
– These forms of intellectual property have value
independent of whatever owner produces, such as a razor
company designing a new shaving system.
– Theft can come from disgruntled employees, competitors,
and government entities.

Dr. NGPASC
COIMBATORE | INDIA
 Theft of Information, Data Manipulation,
and Web Encroachment
• Political Espionage – Seriousness:
– FBI estimates that over 120 foreign governments have
intelligence operations targeting the U.S.
– For example, Israeli intelligence secretly monitored
Presidential communications.

SEARCH (2000). The Investigation of Computer Crime. The National Consortium for Justice Information and Statistics: Sacramento, CA.

Dr. NGPASC
COIMBATORE | INDIA
 Cyberterrorism

• Adeliberate, politically or religiously motivated attack against

data compilations, computer programs, and/or information
systems which is intended to disrupt and/or deny service or
acquire information which disrupts the social, physical, or
political infrastructure of a target.
• Typical array of methods, like viruses and worms, against U.S.
government

Dr. NGPASC
COIMBATORE | INDIA
Neo-Traditional Crime: Old Wine in New
Bottles
Dissemination of Contraband or Offensive Materials
• Child Pornography
– Difficult to define, but generally refers to any visual
depiction of a lascivious exhibition of the genitals or
pubic area or sexually explicit conduct of a minor
– Difficult to prosecute, as this raises First Amendment
issues about freedom of speech

Dr. NGPASC
COIMBATORE | INDIA
Neo-Traditional Crime: Old Wine in New
Bottles
• Child Pornography
– Illegal in all states, prohibited by Federal law
– Primary reason for possession is pedophilia or
hebephilia, to satisfy sexual fantasies about
prepubescent children
– Sexual miscreants: to satisfy a desire for new and
different sexual stimuli
– Curiosity-seekers: to satisfy a peculiar curiosity
– Criminal opportunists: to profit from its distribution

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Child Enticement/Exploitation
– As a way to generate child pornography and to molest children,
online predators use chat rooms to identify victims, especially
confused or ostracized kids.
– Law enforcement has had great success with sting operations or
“honeypots” by using the same strategy as predators, of
pretending to be a child and arranging for a meeting.

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Online Pharmacies
– Used to make legitimate and illegitimate
purchases (e.g. anabolic steroids,
amphetamines, and painkillers) privately and
conveniently

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Online Gambling
– Ease of access, including minors
– Open all day
– e-Banking makes it easier to play
– Might generate billions in profit
– Internet Gambling Prohibition & Enforcement
Act of 2006 makes it illegal, but is difficult to
enforce due to lack of public, international
cooperation.

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
Threatening and harassing communications:
• Cyberstalking and Harassment
– Stalking: Willful, malicious, and repeated
following and/or harassing another person in
an effort to inflict or cause fear of actual harm
through words or deeds committed via
electronic means
– Cyberstalking: Done via electronic
communication
– Cyberharassment: Focuses on actual harm
suffered, including defacement of character
Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Cyberbulling: An aggressive, intentional
act carried out by a group or individual,
using electronic forms of contact,
repeatedly and over time against a victim
who cannot easily defend him or herself
– Illegal only in some states, not under Federal law

Smith et al., 2008: 376.

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Online Fraud
– Intentional deception, misrepresentation, or
falsehood made with the intention of receiving
unwarranted compensation or gratification
– Cuts across gender, social class, and race
– Comes in a broad array of forms

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Internet auction fraud can come in the
form of:
– Nondelivery of goods
– Misrepresentation as to condition of an item
– Addition of hidden charges (fee-stacking)
– Shill bidding (where seller submits bids to
drive up price of item)

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Online Credit Card Fraud: Besides
traditional fraud, can include:
– Skimming (installing devices at ATMs, for
example, to steal info from cards)
– RFID (taking info from "wave and pay" device,
like toll highway transmitters)

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Web-Cramming/ISP Jacking
– Web-Cramming: The unauthorized charging of
consumers via monthly telecommunication
fees
– ISP Jacking: Disconnecting individual users
from their selected Internet service providers
and redirecting them to illegitimate servers to
generate long distance charges for those using
dial-up

Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Fraud via Data Manipulation
– Data Diddling: Any method of fraud via data
manipulation (usually involves redirecting or
rerouting data representing monies or
economic exchanges)
– Salami technique: Stealing fraction of a cent
from millions of accounts, so as to go
undetected
– IP Spoofing: Manipulation of data packets
between computers to mimic a third party and
falsely gain access to funds
Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles
• Securities Fraud and Stock Manipulation
– Having instant access to stock values and
statistics, encouraging day-trading, buying
stock with little or no actual knowledge of the
company
– Vulnerable to dissemination of false information,
used to trick individuals to purchase stock at
inflated prices
– Insider trading: Individuals with access to
confidential information unavailable to public
use it to make stock purchases/sales, for
personal gain
Dr. NGPASC
COIMBATORE | INDIA
 Neo-Traditional Crime: Old Wine in New
Bottles

• e-Fencing: Sale of stolen goods through

technological means

• Fraudulent Instruments: Including

counterfeiting and forgery through
technological means

Dr. NGPASC
COIMBATORE | INDIA
 Ancillary Crimes

• Money Laundering
– An enterprise or practice of engaging in deliberate
financial transactions to conceal the identity, source,
and/or destination of income
– Usually a critical element for organized crime to function

Dr. NGPASC
COIMBATORE | INDIA
 Ancillary Crimes

• Process of Money Laundering

– Placement (point of entry of illicit funds)
– Layering (using networks to obscure origins of funds)
– Integration (return of funds to legitimate economy)

Dr. NGPASC
COIMBATORE | INDIA
 Ancillary Crimes

• Combating Money Laundering

– Finding
– Freezing (accounts)
– Forfeiture (of funds)

• This can be accomplished by:

– Holding Internet service providers accountable
for failure to maintain adequate records
– Making financial institutions responsible for
inadequate security
– Enforcing “Know Your Customers” regulations
Dr. NGPASC
COIMBATORE | INDIA
 Conclusions

• Technology both enhances & threatens modern society.

• Computer crime is increasing for a variety of reasons:
– Computers are equivalent to storage warehouses
– Increasing connectivity & interdependence of infrastructures
– Technical expertise is decreasingly important
– Increasing number of threat groups with sophisticated
methodologies & advance technology
– Government apathy

Dr. NGPASC
COIMBATORE | INDIA
Dr. NGPASC
COIMBATORE | INDIA 32