Tools and Techniques used to Commit Cyber Crimes

12Apr

Tools and Techniques used to Commit Cyber Crimes

By crime, cyber, cyber crime, Definitions, Description , Comments Off on Tools and Techniques used to Commit Cyber Crimes

Cyber Crimes make use of various tools and techniques and many of these tools are used for the commission of the cyber crimes and are installed on the victim’s systems through – exploitation of the vulnerabilities in the systems / networks or by surreptitiously gaining access to the victim’s systems which may include physical access or by making use of the intermedi- ary systems or by deceiving the victim to allow access to his system or by gathering the victim information.

buffer overflow: The condition when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or overwriting the valid data held in them

Cracking: Cracking is breaking into someone else’s computer system, often on a network; bypassing passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this either for profit, or maliciously, or for some altruistic purpose or cause.

Data Didling: Involves altering the raw data just before a computer processes it and then changing it back after processing is completed.

Malware: A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or of otherwise annoying or disrupting the victim.

Phishing: Using spoof E-mails or directing the people to fake web sites to deceive them into divulging personal financial details so that criminals can access their accounts.

Rootkit: A set of tools that enables continued privileged access to a computer, while actively hiding its presence from the administrator. Typically, a cracker installs a rootkit on a computer after first obtaining user-level access, either by exploiting a known vulnerability or cracking a password. Once the rootkit is installed, it allows the attacker to mask intrusion and gain root or privileged access to the computer and, possibly, other machines on the network

Salami Attack: A programmed attack which is implemented in small (meant to be unnoticeable) increments. This attack involves making alteration so insignificant that it is easily concealed and would go completely unnoticed. Attacks are used for commission of financial crimes.

Sniffer: A program and/or device that monitors data traveling over a network. Sniffers can be used both for legitimate net- work management functions and for stealing information off a network. Unauthorized sniffers can be extremely dangerous to a network’s security because they are virtually impossible to detect and can be inserted almost anywhere.

Social Engineering: A hacker term which involves non-technical intrusion for deceiving or manipulating unwitting people into giving out information about a network or how to access it.

Spoofing: Refers to a situation in which the incoming information from an attacker is masqueraded as one that appears to come from a trusted source to the recipient or to the recipient network. Often the messages from the fraudster appearing to be from a genuine source (like bank), seeks personally identifiable information to perpetrate fraud on the victim.

Spyware: It is a type of malware that is secretly or surreptitiously installed into an information system to gather information on individuals or organisations without their knowledge; a type of malicious code.

Steganography: The art and science of writing hidden messages in such a way that no one, apart from the sender and in- tended recipient, suspects the existence of the message An image file may contain hidden messages between terror groups, which will be known only to the intended recipient and the sender.

Trojan: A malicious program that masquerades as a benign application andcan take complete control of the victim’s com- puter system.

virus: A self-replicating program that runs and spreads by modifying other programs or files.

Worm: A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself.

Zombie: A program that is installed on a system to cause it to attack other systems.

Share this post

Author

Related Posts

12Apr

Cyber Crimes

There are various definitions of Cyber Crimes and couple of them are discussed below: Any violations of criminal law that involve... read more

20Apr

What is Digital Evidence and the Nature of Digital Evidence

Digital evidence or electronic evidence is “any probative information stored or transmitted in digital form that a party to a... read more

12Apr

Overview of Cyber Crimes

Information Technology and the Internet have led to innovation and economic growth, but have also created new avenues for malicious... read more

05Sep

New Zeus Variant for Sale on the Black Market

The 0Day marketplace was a busy beaver this weekend. I’ve been waiting and watching Sphinx for the past 10 days... read more

12Apr

Types of Cyber Crimes

Cyber crimes cover a wide range of illegal activities, which are either done solely using computer resources (as defined under... read more

20Apr

Crimes targeting computer systems

a. Hacking (Under Section 66 ITAA 2008) Hacking is a broader term and can be defined as gaining entry into a... read more

20Apr

Crimes in which computer systems are used as tools/instruments

a.Financial fraud (Several sections under IPC, ITAA 2008 and other applicable laws) Financial frauds include business frauds, investment frauds, mass marketing frauds,... read more

15Jul

Android’s Sandbox

Android's foundation of Linux brings with it a well-understood heritage of Unix-like process isolation and the principle of least privilege.... read more

28Apr

Computer Ethics

Definition Computer Ethics is a part of practical philosophy which deals with how computing professionals should make decisions regarding professional and... read more