Presented by Khadri S S

INTERNET INFRASTRUCTURE FOR DATA TRANSFER AND GOVERNANCE

• Internet infrastructure for data transfer and governance encompasses the physical and virtual systems, protocols, and regulations that enable the secure, efficient, and reliable exchange of data across the global network.
• This infrastructure plays a critical role in ensuring data privacy, security, and compliance with regulations.

​

Here are key components and considerations for internet infrastructure related to data transfer and governance:

1. Network Infrastructure

- Backbone Networks: High-speed, long-distance networks that form the core of the internet, connecting major data centers and internet exchange points (IXPs).

- Last-Mile Connectivity: The connection from service providers to end-users, including wired (e.g., fiber-optic, DSL) and wireless (e.g., 5G, Wi-Fi) technologies.

- Data Centers: Facilities that house servers and storage devices, providing the infrastructure for web hosting, cloud computing, and data storage.

2. Protocols and Standards

-Internet Protocol (IP): The foundation of internet communication, ensuring data packets can be routed across networks.

-Transport Layer Security (TLS): Encryption protocol for securing data in transit.

-Hypertext Transfer Protocol (HTTP) and HTTPS: Protocols for web data transfer, with HTTPS adding a security layer.

-DNSSEC: Enhances the Domain Name System (DNS) by adding a layer of security through digital signatures.

Here are key components and considerations for internet infrastructure related to data transfer and governance:

3. Data Centers and Cloud Services: Major providers like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud offer robust infrastructure and tools for data storage and processing.

4. Data Governance and Regulation

-Data Privacy Regulations: Compliance with laws like GDPR (in Europe), CCPA (in California), and HIPAA (for healthcare data).

-Data Retention Policies: Guidelines for storing and managing data for specific periods.

-Data Access Controls: Systems to restrict and monitor who can access and modify data.

-Data Encryption: Ensuring data at rest and in transit is properly encrypted to protect against unauthorized access.

5. Cyber Security: Robust security measures, including firewalls, intrusion detection systems, and regular security audits, are essential to protect data during transfer.

6. Internet Governance Bodies

- Organizations like ICANN (Internet Corporation for Assigned Names and Numbers) oversee domain name system management and policy.

- Multi stake holder governance models involve various stakeholders, including

governments, businesses, and civil society, in shaping internet governance.

7. Content Delivery Networks (CDNs)

-CDNs like Akamai and Cloudflare optimize data delivery by caching content at various locations worldwide, reducing latency.

8. Quality of Service (QoS)

- Ensuring data transfer meets performance requirements, especially for applications. like video conferencing and online gaming.

9. International Collaboration

-Cooperation among nations is essential to establish international norms and agreements related to data transfer and governance.

10. Data Transfer Agreements

- Agreements like Privacy Shield and Standard Contractual Clauses facilitate the lawful transfer of data across borders.

​

INTERNET SOCIETY

• Internet Society (ISOC) A professional membership society that promotes the use and future development of the Internet. It has individual and organization members all over the world and is governed by an elected board of trustees. ISOC coordinates various groups responsible for Internet infrastructure.

These include

• The Internet Engineering Task Force (IETF),
• The Internet Architecture Board (IAB), and
• The Internet Engineering Steering Group (IESG).
2. The IETF develops technical standards for the Internet.
3. The IAB has overall responsibility for the architecture and adjudicates on disputes about standards.
4. The IESG, along with the IAB, reviews standards proposed by the IETF.

​

Regulation of Cyberspace

• Cyberspace spans worldwide, but it has no formal framework. The lack of formal framework makes cyberspace nobody's domain, No single individual, entity, or government owns or controls cyberspace.
• Regulation in cyberspace is an emerging challenge.
• The default in cyberspace is anonymity. Anonymity encourages and enhances the exercise of freedom. A child too shy to express himself in physical space can feign to be somebody else in virtual space, and express himself freely.
• Crimes of global repercussion are also committed with the use of the internet. Trafficking of persons, child pornography, kidnapping for ransom, and terrorism are perpetrated with the use of cyberspace. Freedom thus in cyberspace should not be exercised without the concomitant responsibility of its users.

Concept of Cyber Security

• Cyber security is the practice of protecting computer systems, networks, and data from theft, damage, or unauthorized access.
• It encompasses a wide range of technologies, processes, and practices designed to safeguard digital information and ensure the confidentiality, integrity, and availability of data.
• Confidentiality: This principle focuses on ensuring that sensitive information is only accessible to authorized individuals or systems. It involves encryption, access controls, and data classification to prevent unauthorized access or disclosure.
• Integrity: Integrity in cyber security means that data and systems are accurate and trustworthy. Any unauthorized modification or tampering with data or systems should be detected and prevented. Techniques like checksums and digital signatures are used to maintain data integrity.
• Availability: Availability ensures that systems and data are accessible when needed. Cyber attacks can disrupt services or make them unavailable, so cyber security measures aim to prevent or mitigate such disruptions through redundancy, load balancing, and disaster recovery planning.
• Authentication: Authentication is the process of verifying the identity of users, devices, or systems trying to access resources. This can be achieved through passwords, biometrics, two-factor authentication (2FA), and multi-factor authentication (MFA).

Cyber Attacks

• A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft.
• Cyber-attacks can be classified into the following categories:

1. Web-based attacks

2. System-based attacks

​

Web-Based Attacks

These are the attacks which occur on a website or web applications. Some of the important web-based attacks are as follows-

• Injection attacks: It is the attack in which some data will be injected into a web application to manipulate the application and fetch the required information.
• Session Hijacking: It is a security attack on a user session over a protected network. Web applications create cookies to store the state and user sessions. By stealing the cookies, an attacker can have access to all of the user data..
• Phishing: Phishing is a type of attack which attempts to steal sensitive information like user login credentials and credit card number. It occurs when an attacker is masquerading as a trustworthy entity in electronic communication.
• Denial of Service: It is an attack which meant to make a server or network resource unavailable to the users. It accomplishes this by flooding the target with traffic or sending it information that triggers a crash.

System-based attacks

• These are the attacks which are intended to compromise a computer or a computer network. Some of the important system-based attacks are as follows-
• Virus: It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. It can also execute instructions that cause harm to the system.
• Worm: It is a type of malware whose primary function is to replicate itself to spread to uninfected computers. It works same as the computer virus. Worms often originate from email attachments that appear to be from trusted senders.
• Trojan horse: it is a malicious program that occurs unexpected changes to computer setting and unusual activity, even when the computer should be idle. It misleads the user of its true intent. It appears to be a normal application but when opened/executed some malicious code will run in the background.

Cyber Threat

• A Cyber threat is any malicious act that attempts to gain access to a computer network without authorization or permission from the owners.
• It refers to the wide range of malicious activities that can damage or disrupt a computer system, a network or the information it contain.

​

Difference

Issues and challenges of cyber security

Cyber security faces numerous issues and challenges due to the ever-evolving nature of technology and the increasing sophistication of cyber threats.

Some of the key issues and challenges in cyber security include:

1. Cyber Attacks: The constant threat of cyber attacks from various actors, including hackers, cybercriminals, nation-states, and hacktivists, is a significant challenge. These attacks can take various forms, such as malware, ransomware, phishing, and distributed denial of service (DDoS) attacks.

2. Data Breaches: Data breaches can have severe consequences for organizations and individuals. The theft or exposure of sensitive data, such as personal information, financial records, or intellectual property, can lead to financial losses, reputational damage, and legal liabilities.

3. Security Vulnerabilities: Software and hardware vulnerabilities are exploited by attackers to gain unauthorized access or control over systems. Identifying and patching these vulnerabilities in a timely manner is a constant challenge.

4. Insider Threats: Insider threats, where individuals within an organization misuse their access and privileges, can be particularly challenging to detect and prevent. This includes. employees, contractors, or partners who intentionally or unintentionally compromise security.

5. Lack of Cyber security Awareness: Many individuals and employees lack awareness of cyber security best practices, making them susceptible to social engineering attacks and other cyber threats.

6. Resource Constraints: Smaller organizations and even some larger ones may lack the resources and expertise needed to implement robust cyber security measures. This can leave them vulnerable to attacks.

7. Ransomware: Ransomware attacks have surged in recent years, with cybercriminals encrypting data and demanding a ransom for decryption keys. These attacks can disrupt critical operations and result in significant financial losses.

Module-II

Cyber-Crime and Cyber law: Classification of Cyber-crimes, Common cyber-crimes

Understanding Cybercrime:

• Cybercrime refers to criminal activities carried out in the digital domain, targeting computer systems, networks, and data. It encompasses a broad range of illicit activities, including hacking, Identity theft, financial fraud, malware distribution, and cyber espionage.

​

Types of Cybercrime:

• Hacking and Unauthorized Access: Intrusion into computer systems or networks without permission.
• Phishing and Social Engineering: Deceptive tactics to trick individuals into revealing sensitive information.
• Malware Attacks: Dissemination of malicious software to compromise systems or steal data.
• Ransomware: Encrypting data and demanding payment for its release.
• Identity Theft: Unauthorized acquisition and use of someone's personal information for fraudulent activities.
• Financial Fraud: Illicit activities aimed at financial gain, such as online scams and credit card fraud.

The Legal Landscape - Cyber Law

1. Information Technology Act, 2000 (India):

In India, the Information Technology Act, 2000, and its subsequent amendments form the foundation of cyber law. This legislation provides legal recognition to electronic transactions, defines cyber offenses, and prescribes penalties for cybercrimes.

Provisions:

-Unauthorized Access (Section 43): Penalties for unauthorized access to computer systems.

-Data Theft (Section 43A): Compensation for improper disclosure of sensitive personal data.

-Cyber Terrorism (Section 66F): Offenses related to cyber terrorism, including unauthorized access to critical infrastructure.

CYBERCRIME TARGETING COMPUTERS AND MOBILES

• The pervasive use of computers and mobile devices in our daily lives brings unparalleled convenience but also exposes us to the ever-growing threat of cybercrime. Cybercriminals employ diverse tactics to exploit vulnerabilities and compromise the security of individuals, businesses, and critical infrastructure.

Types of Cybercrime Targeting Computers and Mobiles

1. Hacking and Unauthorized Access:
1. Computer Hacking: Intrusion into computer systems to gain unauthorized access, often with the intent to steal data, disrupt operations, or compromise security.
2. Mobile Device Hacking: Exploiting vulnerabilities in mobile operating systems to gain unauthorized access, control the device remotely, or extract sensitive information.

2. Malware Attacks:

Computer Viruses: Malicious software that attaches itself to legitimate programs, spreading and infecting other files.

Mobile Malware: Malicious apps or software designed to exploit vulnerabilities in mobile operating systems, leading to data theft, financial fraud, or unauthorized access.

3. Phishing and Social Engineering:

Phishing Attacks: receptive attempts to trick individuals into divulging sensitive information, often through fraudulent emails, messages, or websites.

Mobile Phishing: Targeting mobile users through SMS, social media, or malicious apps to trick them into revealing login credentials or personal information.

Types of Cybercrime Targeting Computers and Mobiles

4. Ransomware:

Computer Ransomware: Encrypting files on a computer and demanding payment for their release.

Mobile Ransomware: Targeting mobile devices to encrypt files or lock the device, demanding a ransom for decryption or device unlock.

5. Identity Theft:

Computer Identity Theft: Unauthorized access to personal information on computers for fraudulent activities.

Mobile Identity Theft: Exploiting vulnerabilities in mobile devices to steal personal information, often for financial fraud or unauthorized access to accounts.

6. Financial Fraud:

Online Banking Fraud: Unauthorized access to online banking accounts for financial gain.

Mobile Payment Fraud: Exploiting weaknesses in mobile payment systems for fraudulent transactions.

CYBER-CRIME AGAINST WOMEN AND CHILDREN

Cybercrime against women and children represents a complex and pervasive challenge in the digital era. The profound impact on victims necessitates a concerted effort from governments, technology companies, law enforcement agencies, and civil society to address and prevent these offenses.

Definition and Scope

• Cybercrime against women and children encompasses a wide range of illicit activities carried out in the digital space with the specific intent to target and victimize these groups. These crimes can include online harassment, cyberbullying, online grooming, sextortion, non- consensual intimate image sharing (commonly known as "revenge porn"), and human trafficking facilitated through digital platforms.

​

Types of Cybercrime Against Women and Children

1. Online Harassment and Cyberbullying:

Online Harassment: Persistent and unwanted online behavior with the intent to intimidate, humiliate, or cause emotional distress.

Cyberbullying: Harassment using digital platforms, including social media, messaging apps, or online forums, often involving peers or acquaintances.

2. Online Grooming and Child Exploitation:

Online Grooming: The process where an individual befriends and establishes an emotional connection with a child for the purpose of exploitation, which may escalate to offline harm.

Child Exploitation: The creation, distribution, or possession of child sexual abuse material, commonly known as child pornography.

3. Sextortion:

The act of coercing individuals, often through the threat of sharing explicit images or information, to engage in sexual acts or provide additional explicit content.

4. Non-consensual Intimate Image Sharing ("Revenge Porn"):

The unauthorized sharing of explicit images or videos, often with the intent to harm, embarrass, or blackmail the victim.

5. Human Trafficking and Online Exploitation:

Human Trafficking: The use of force, fraud, or coercion to recruit, transport, or harbor individuals for exploitation, including through online platforms.

Online Exploitation: The use of the internet to facilitate human trafficking, often involving recruitment and advertisement on online platforms.

CYBER-CRIME FINANCIAL FRAUDS

Cybercrime financial frauds encompass a range of illicit activities that leverage digital technologies to compromise financial systems, defraud individuals or organizations, and illicitly gain access to funds. These offenses exploit vulnerabilities in online banking, payment systems, and other financial platforms, posing significant threats to the global economy and individual financial security.

​

Types of Cybercrime Financial Frauds:

Online Banking Fraud:

Phishing and Spoofing: Deceptive techniques to trick individuals into revealing sensitive banking information through fraudulent emails or websites.

Account Takeover (ATO): Unauthorized access to a user's online banking account, often achieved through stolen credentials or phishing.

Payment Card Fraud:

Card Skimming: Illicitly capturing card information at ATMs or point-of-sale terminals.

Carding: Testing stolen credit card information for validity through small transactions.

Business Email Compromise (BEC):

Manipulating or compromising email accounts of business executives to authorize fraudulent financial transactions or initiate wire transfers.

Ransomware Attacks:

Encrypting critical financial data or systems and demanding ransom payments for their release.

Investment and Trading Frauds: Manipulating financial markets through false information or executing fraudulent trades for personal gain.

Crypto currency Scams:

Fraudulent schemes involving crypto currencies, such as Ponzi schemes, fake initial coin offerings (ICOS), and crypto currency thefts.

Social Engineering Attacks: Manipulating the Human Element

Definition and Scope: Social engineering is a psychological manipulation technique used by cybercriminals to exploit human behavior and gain unauthorized access to systems, networks, or sensitive information. Unlike traditional hacking methods that target technical vulnerabilities, social engineering focuses on exploiting the human element, relying on deception and manipulation.

​

1. Common Social Engineering Techniques:

• Phishing: Phishing involves using deceptive emails, messages, or websites to trick individuals into revealing sensitive information, such as login credentials or financial details.
• Pretexting: In pretexting, attackers create a fabricated scenario or pretext to trick individuals into divulging information. This may involve impersonating someone in authority, such as a colleague or technical support personnel.
• Baiting: Baiting involves offering something enticing, such as a free download or software, to lure individuals into providing sensitive information or installing malicious software.
• Quizzes and Surveys: Cybercriminals create seemingly innocent quizzes or surveys that prompt individuals to disclose personal information, which can then be used for malicious purposes.

2. Impact of Social Engineering Attacks:

1. Data Breaches: Successful social engineering attacks can lead to data breaches, exposing sensitive information, including personal data and corporate secrets.
2. Financial Losses: Individuals or organizations may suffer financial losses due to fraudulent transactions resulting from compromised information.
3. Identity Theft: Stolen personal information can be used for identity theft, causing long-lasting damage to an individual's financial and personal well-being.

Malware Attacks: Exploiting Software Vulnerabilities

• Malware, short for malicious software, encompasses a broad category of software designed to harm, exploit, or compromise systems. Cybercriminals deploy malware to gain unauthorized access, steal information, or disrupt operations.

1. Common Types of Malware:

• Viruses: Viruses attach themselves to legitimate programs and replicate when those programs run, spreading and infecting other files.
• Trojans: Trojans disguise themselves as legitimate software to deceive users. Once installed, they can enable unauthorized access or perform malicious actions.
• Worms: Worms are self-replicating malware that spread across networks without user interaction, exploiting vulnerabilities in connected systems.
• Ransomware: Ransomware encrypts files or systems, rendering them inaccessible. Attackers then demand a ransom payment for the decryption key.

2. Techniques Employed by Malware:

• Exploiting Vulnerabilities: Malware often exploits vulnerabilities in software or operating systems to infiltrate and compromise systems.
• Drive-by Downloads: Cybercriminals use compromised websites or malicious ads to automatically download malware onto a user's device without their knowledge.
• Malvertising: Malvertising involves distributing malware through online advertising, exploiting vulnerabilities in the ad network or user's browser.

​

3. Impact of Malware Attacks:

• Data Loss and Theft: Malware attacks can lead to the loss or theft of sensitive data, including personal information, financial records, and intellectual property.
• System Disruption: Some malware is designed to disrupt systems, causing downtime for businesses, critical infrastructure, or individual users.
• Financial Consequences: The financial impact of malware attacks includes the costs of remediation, system restoration, and potential legal liabilities.

Ransomware Attacks: Holding Data Hostage

• Ransomware is a type of malware that encrypts files or entire systems, rendering them inaccessible. The attackers then demand a ransom payment, usually in cryptocurrency, for the decryption key.

​

Ransomware Attacks: Holding Data Hostage

1. Evolution of Ransomware:

Encrypting Ransomware: Early ransomware primarily encrypted files or systems, demanding payment for their release.

Locker Ransomware: Locker ransomware locks users out of their systems, making the entire device unusable until a ransom is paid.

DDoS-Enabled Ransomware: Some ransomware strains are equipped with distributed denial-of-service (DDoS) capabilities, threatening to launch DDoS attacks unless a ransom is paid.

2. Tactics Employed by Ransomware:

Phishing Emails: Phishing emails remain a common vector for ransomware distribution, with attackers tricking users into clicking on malicious links or opening infected attachments.

Exploiting Remote Desktop Protocol (RDP): Attackers exploit weak or compromised RDP credentials to gain unauthorized access and deploy ransomware on target systems.

Watering Hole Attacks: Cybercriminals compromise websites frequented by their target audience, infecting visitors with ransomware.

​

Ransomware Attacks: Holding Data Hostage

3. Impact of Ransomware Attacks:

Financial Extortion: Ransomware attacks result in financial extortion, with victims forced to pay a ransom to regain access to their files or systems.

Operational Disruption: Businesses and organizations may experience significant operational disruptions, leading to downtime and potential loss of revenue.

Reputation Damage: Publicized ransomware incidents can tarnish the reputation of affected individuals, businesses, or even entire industries.