CYBER CIRME & INFOMATION SECURITY TRENDS

On 12th October 2008, French president “Mr. Nicolas Sarkozy” came to know that his bank account has been hacked and small sums of money have been withdrawn without his authorization. French Secretary of State for Consumer Affairs, Luc Chatel, confirmed the security breach.
The explosive growth of internet brought many good things but as we know everything in universe has pros as well as cons. As with most technological advances, there is also a dark side - in context of internet it’s cyber crime.
“Cybercrime is defined as the use of information technology infrastructure for crime which covers a huge range of illegal activities including illegal access, interception, data interference, system interference and electronic fraud that promote a racial hatred”.
“Who are cyber criminals”?
The cyber criminals constitutes of various groups/ category with different objectives in their mind:
1. Children and adolescents between the age group of 6 – 18 years :
The simple reason for this type of delinquent behaviour pattern in children is seen mostly:
Due to the inquisitiveness to know and explore the things. To prove themselves to be outstanding amongst other children in their group.
2. Organised hackers:
These kinds of hackers are mostly organised together to:
Fulfil certain objective such as shaping their political bias, fundamentalism etc.
A relevant example is the Pakistani hackers who are considered to be one of the best quality hackers in the world. They mainly target the Indian government sites with the purpose to fulfil their political objectives.

3. Professional hackers / crackers:
Motivated by the colour of money.
Mostly employed to hack the site of the rivals and get credible, reliable and valuable information.
Employed to crack the system of the employer basically as a measure to make it safer by detecting the loopholes.

4. Discontented employees:
To avenge their sack or their dissatisfaction with their employer, they normally hack the system of their employer.
Mode and manner of committing cyber crime:
1. Hacking: Hacking in simple terms means an illegal intrusion into a computer system or network. There is an equivalent term to hacking i.e. cracking. Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction.

2. Denial of service Attack: This is an act by the criminal, who floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide.

3. E-mail spoofing: A spoofed e-mail may be said to be one, which misrepresents its origin, different from one which actually it originates. Recently spoofed mails were sent by terrorist in context of Mumbai attack and that was completely fake mail sent from somewhere else.

4. Trojan attacks: This term has its origin in the word ‘Trojan horse’. In software field this means an unauthorized programme, which passively gains control over another’s system by representing itself as an authorised programme.

5. Web jacking: This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the website of another. This may be done for fulfilling political objectives or for money. E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the hackers and some obscene matter was placed therein.

6. Salami attacks: This kind of crime is normally prevalent for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. E.g. The Ziegler case wherein a logic bomb was introduced in the bank’s system, which deducted 10 cents from every account and deposited it in a particular account.
As the evil consequence of cyber crime grew, the various systems and organisations demanded for security and protection measures of the database and systems. Security =prevention + detection + response.
Security is a social as well as a technical process, the by-product of a community of trust created by having appropriate systems properly set up to support stakeholders’ evolving needs and good operating procedures appropriately implemented in context of respectful interaction with and valued service to all stakeholders.
Therefore, different people across the world shown their interest towards this which includes:
1. IT experts from the industrial sector.
2. Professional hackers.
3. Law enforcement agencies.

These professionals implied the various techniques and methods for security measures which may be shortlisted as below:
1. Investing in antivirus, firewalls and SPAM blocking software.
2. Detecting secure websites when conducting transaction online.
3. Blocked response to e-mails and checking header of the information from unknown sources.

4. Constant supervision of our assets, careful scrutiny of payments or rewards, and discrimination when releasing personal information might help reduce the success of an attack by way of the salami technique
5. Data entry typically must be protected using manual controls. Manual controls include separation of duties or responsibilities, which force collusion among employees to perpetrate fraudulent acts.
6. Another common control is the use of check digits or characters or sequence numbers and time of arrival that can be associated with the embedded data on the basis of various characteristics of each field.
7. Secure SQL injection method opting and having new techniques in web certification
Innovative trends in security management:
More enterprises are turning to role-based access control and fine-grained authorization to enforce data and application restrictions and comply with a variety of regulations.
It emphasizes that security technologies must be deployed in accordance with a well thought information security architecture.
Enterprise technologists must look beyond the confusion to build an effective security control layer and to construct comprehensive information security architecture.
In a nut shell the cyber crime has emerged as one of the major and fastest growing criminal activities on the planet. The modern era wants secured network and system and the best road to protect our-self is “being aware”. Knowledge of the modern hacking techniques and staying on the top of current cyber crime trends can help to extract the best use of cyber world and move to a more progressive and meaningful life. After all there is a whole other world that exits in cyber space...