Module 1

1. Compare active attacks vs Passive attacks. Classify the cybercrimes and explain any one
briefly.

🔒 Active Attacks vs Passive Attacks

1. Active Attacks
 Definition: In active attacks, the attacker actively interferes with the system or network to
disrupt its normal operation.
 Goal: The aim is to change or damage the system's data, services, or network.
 Characteristics:
o Modification of data (e.g., altering files, commands, etc.)
o Denial of Service (DoS) or Disruption (e.g., crashing a website)
o Requires immediate interaction (e.g., inserting malware, injecting data).
 Examples:
o Man-in-the-Middle Attack: An attacker intercepts and alters communication
between two parties.
o Denial of Service (DoS): The attacker floods the system with too much traffic,
causing a crash.

2. Passive Attacks
 Definition: In passive attacks, the attacker does not interfere with the system but silently
monitors or eavesdrops on the network traffic or system.
 Goal: The aim is to gather information without detection, which may be used later for
malicious purposes.
 Characteristics:
o No change or disruption to the data or system.
o Monitoring network traffic, collecting passwords, or reading sensitive information.
o No immediate impact on the system’s performance.
 Examples:
o Eavesdropping on network traffic to steal passwords or other sensitive data.
o Traffic Analysis: The attacker listens to or monitors network data without altering it.

✅ Comparison Table: Active vs Passive Attacks

Feature Active Attack Passive Attack

Actively interferes or disrupts Quietly listens or monitors

Definition
systems the system

Steal data or gather

Goal Damage or alter data/system
information

Impact on High: Disrupts or alters Low: No direct effect on the

System operations system

DoS, Man-in-the-Middle, Virus Eavesdropping, Traffic

Examples
injection analysis
Feature Active Attack Passive Attack

Easier to detect, as it causes Harder to detect, as it’s

Detection
visible disruption mostly stealthy

✅ Explanation of One Cybercrime: Hacking

Hacking is the act of gaining unauthorized access to a computer system, network, or device.
Hackers can exploit vulnerabilities in software or hardware to enter systems and often steal
sensitive data, like passwords, personal information, or financial records.
 Types of Hackers:
o Black Hat Hackers: Malicious hackers who exploit systems for personal gain or to
cause damage.
o White Hat Hackers: Ethical hackers who find vulnerabilities to help improve security.
o Grey Hat Hackers: Hackers who explore systems without permission but often report
vulnerabilities to the owner.
Example of Hacking:
A hacker might use phishing emails to trick users into revealing their usernames and
passwords. Then, the hacker can log in to the victim’s online banking account and steal
money.

2. Explain Hackers, Crackers, Phreakers.

1. Hackers

Hackers are individuals who gain unauthorized access to computer systems. However, not all hackers
are bad; some use their skills to improve cybersecurity.

Hackers access computer systems without permission.

They can be ethical (good) or malicious (bad).
They use techniques like password cracking, coding, and network scanning.
Ethical hackers help companies protect data from cybercriminals.
Some hackers steal data, spread viruses, or disrupt services.
They exploit system weaknesses but can also help fix them.
Governments and companies hire ethical hackers for cybersecurity.

🔹 Example: A hacker breaks into a company’s network to steal customer information.

Types of Hackers

1. White Hat Hackers (Ethical Hackers)

✔ Work legally to protect systems from cyberattacks.

✔ Help organizations find security loopholes.
✔ Example: A cybersecurity expert testing a bank’s security.
2. Black Hat Hackers (Malicious Hackers)

❌ Illegally hack systems to steal data, money, or disrupt services.

❌ Use malware, phishing, and ransomware to harm victims.
❌ Example: A hacker steals credit card details for fraud.

3. Grey Hat Hackers (Both Good and Bad)

⚠ Sometimes break into systems without permission but don’t harm them.
⚠ May inform the company about security flaws after hacking.
⚠ Example: A hacker finds a bug in an app and informs the developer.

2. Crackers

Crackers are criminal hackers who break into systems to harm, steal, or destroy data. They focus on
cracking security measures like passwords and software protection.

Crackers break into computers and networks illegally.

Their goal is to steal, damage, or destroy data.
They often crack software to remove security features.
They spread viruses, malware, and ransomware.
Some crackers steal credit card information or bank details.
Law enforcement agencies track and arrest crackers.
Crackers cause major financial and security risks.

Crackers are people who hack into computers and networks without permission. They break security
to steal, damage, or destroy important data. Some remove protections from software to use it for
free, while others spread harmful programs like viruses and ransomware.

Many crackers focus on stealing money by hacking bank accounts or credit card details. Their actions
cause big financial and security problems. Police and cyber experts work to catch and stop them to
keep people and businesses safe.

🔹 Example: A cracker removes copy protection from paid software and shares it for free.

Black Hat Hackers – Hack systems illegally to steal data or cause harm.

 Example: A hacker stealing credit card details.

Script Kiddies – Use pre-made hacking tools to attack systems.

 Example: A beginner using hacking software to crash a website.

Cyber Criminals – Hackers involved in financial fraud, identity theft, and ransomware.

 Example: A hacker spreading a virus to demand ransom.

3. Phreakers

Phreakers are telephone hackers who manipulate telecom systems to make free calls or break into
communication networks.

Phreakers hack telephone networks to make free calls.

They manipulate signals used in telecom systems.
Phreaking was popular before the internet era.
They sometimes steal data from phone networks.
Some phreakers break into voicemail systems.
Modern phreaking involves hacking mobile networks.
Many phreaking techniques are now illegal and outdated.

Phreakers are hackers who exploit telephone networks to make free calls by manipulating telecom
signals. Before the internet era, phreaking was a popular practice, allowing individuals to bypass
billing systems. Some phreakers also broke into voicemail systems or stole data from phone networks.

In modern times, phreaking has evolved to target mobile networks, but many traditional techniques
are now illegal and outdated. While telecom security has improved, some vulnerabilities still exist,
making phone networks a target for hackers.

🔹 Example: A phreaker hacks a telecom system to make long-distance calls without paying.

Black Hat Hackers – Some black hat hackers specialize in breaking into telecom networks.

 Example: A hacker accessing someone’s call records illegally.

Script Kiddies (Phreaking Tools) – Use pre-made tools to exploit telecom systems.

 Example: A teenager using software to make free calls.

Hacktivists (Sometimes) – Some hacktivists hack telecom networks for political messages.

Example: A hacker disrupting a government’s telecom services

3. What are the primary goals of ethical hacking and what are its phases?

Ethical hacking, also known as penetration testing, is the process of breaking into computer systems
or networks (with permission) to find and fix weaknesses that attackers could exploit.

In simple terms, ethical hackers look for loopholes in systems that bad hackers might use to steal
data, cause financial loss, or harm the system.

The main goal of ethical hacking is to strengthen security by identifying and fixing these
vulnerabilities.

Ethical hackers use the same tools and techniques as malicious hackers, but they do it with proper
approval and for the purpose of protecting the systems.

After testing, ethical hackers share their findings with the management, helping them understand
the risks and fix the issues to prevent future attacks.
✅ Primary Goals of Ethical Hacking

1. Find Weak Spots

– Look for holes in a system that bad hackers could use.
– Example: Spotting a way into a website’s admin panel.

2. Fix Problems Before They’re Exploited

– After finding a hole, help patch or close it.
– Example: Updating software so the hole can’t be used.

3. Keep Data Safe

– Stop hackers from stealing personal or company information.
– Example: Ensuring customer credit-card details can’t be copied.

4. Test Defenses
– Pretend to be an attacker and try to break in.
– Example: Running a fake “phishing” email campaign to see if employees fall for it.

5. Meet Rules and Laws

– Make sure the company follows security laws (like GDPR or PCI-DSS).
– Example: Checking that all password rules are up to standard.

6. Train People
– Teach staff how to spot scams and stay safe online.
– Example: Showing employees what a fake login page looks like.

There are mainly 6 phases in hacking.

1. Reconnaissance (Footprinting & Information Gathering)

 What it is: This is the first step, where the hacker collects information about the target
(system or network).

 How it’s done:

o Active Footprinting: Directly interacting with the target, like using a tool (e.g., Nmap)
to scan the target.

o Passive Footprinting: Gathering information without touching the target, such as

checking public websites or social media.

 Tools used: Nmap, Hping, Maltego, Google Dorks.

2. Scanning

 What it is: The hacker looks for vulnerabilities or weaknesses in the system or network that
they can use to break in.

 Types of scanning:

o Port Scanning: Finding open ports and services running on the target.

o Vulnerability Scanning: Looking for weaknesses that can be exploited, often using
automated tools.

o Network Mapping: Mapping out the network’s layout, including routers, firewalls,
servers, etc.

 Tools used: Nessus, Nexpose, Nmap.

3. Gaining Access

 What it is: The hacker breaks into the system or network.

 How it’s done: After getting in, the hacker tries to gain admin privileges so they can make
changes, install programs, or hide their tracks.

4. Maintaining Access

 What it is: The hacker keeps control over the system even after getting in.

 How it’s done: The hacker may install malicious software (like Trojans or rootkits) to stay
connected to the system secretly, without the user knowing.

5. Clearing Tracks

 What it is: The hacker removes any evidence of their activity to avoid getting caught.

 How it’s done: This could involve deleting logs, modifying system files, and uninstalling any
tools or software used during the hack.

6. Reporting

 What it is: The final step where the hacker writes a report.

 What’s included: The report includes details about the test, tools used, vulnerabilities found,
and how the attack was carried out. This helps the organization improve security.

4. Explain cybercrime and its types.

Cybercrime refers to illegal activities carried out using computers, networks, or the internet.

It involves hacking, stealing data, spreading viruses, and other harmful actions that target individuals,
organizations, or governments.

Categories of Cyber Crime & Their Types

1. Crimes Against Individuals

These crimes affect a person’s privacy, security, or personal information.

Types:

 Identity Theft – Stealing personal details to commit fraud.

 Cyber Stalking – Harassing someone online through messages, emails, or social media.

 Phishing – Tricking people into sharing sensitive information like passwords and bank details.

 Online Scams & Fraud – Fake websites or emails used to steal money.

 Credit card Fraud, Harrasement, Exortion (Aims at damaging the reputation of an

individual for making money)

Example: You receive an email pretending to be from your bank, asking you to click on a link and
enter your login details. If you enter your details, hackers steal your banking credentials and misuse
them.

2. Crimes Against Property

These involve damaging or stealing digital assets like files, money, or intellectual property.

Offences against cvonfid3ntilty, integrity and availability of computer data and system.
Types:

 Hacking – Gaining unauthorized access to a system.

 Virus & Malware Attacks – Spreading harmful software that damages or steals data.

 Ransomware Attacks – Locking a person’s files and demanding money to unlock them.

 Intellectual Property Theft – Copying or distributing copyrighted materials without

permission.

 Illegal Interception – it means secrtly capturing or listening to data while it is being sent

Example: You download a file from an untrusted website, and suddenly, all your files are locked. A
message appears demanding money (ransom) to unlock your data. If you don’t pay, you lose access
to your files.

3. Crimes Against Organizations & Governments

These cybercrimes target businesses, government systems, or critical infrastructure.
Types:

 Cyber Terrorism – Hacking government or military systems to cause panic or harm.

 Corporate Espionage – Stealing confidential company data for business advantage.

 DDoS Attacks – Overloading a website or server to make it crash.

 Financial Cybercrime – Stealing money through online banking fraud or stock market
manipulation.

 Cyber laundering – act of electronically transferring black money without rvealing the source
and possibly destination

Example: Hackers flood a government website with excessive traffic, making it crash and
become unavailable to the public. This disrupts services and creates chaos

5. Differentiate White, Black and Grey Hat Hackers.

Hackers are individuals who explore computer systems and networks in different ways.
Depending on their intentions and actions, hackers are categorized into White Hat, Black
Hat, and Grey Hat hackers.

1. White Hat Hackers (Ethical Hackers)

 Definition: White Hat hackers are ethical hackers who use their skills to help organizations
improve security.
 Motivation: They find vulnerabilities and weaknesses in systems with permission from the
organization to fix them.
 Tools: They use the same tools as Black Hats but for legitimate purposes like vulnerability
scanning, penetration testing, and security audits.
 Legality: Their activities are legal because they have consent from the target system owner.
 Example: A cybersecurity professional hired by a company to test their system’s security and
fix issues.

2. Black Hat Hackers (Criminal Hackers)

 Definition: Black Hat hackers are criminal hackers who exploit systems and data for
malicious purposes like stealing data or causing harm.
 Motivation: They break into systems without permission for personal gain, such as stealing
sensitive information (bank accounts, social security numbers), or to cause harm (disruption
or damage).
 Tools: They use malicious tools like viruses, malware, and keyloggers to compromise
systems.
 Legality: Their activities are illegal and punishable by law.
 Example: A hacker who breaks into an online banking system to steal customers' financial
details.

3. Grey Hat Hackers

 Definition: Grey Hat hackers are a mix of White and Black Hat hackers. They may explore
systems without permission, but unlike Black Hats, they don’t intend to cause harm or steal
information.
 Motivation: They might identify vulnerabilities in a system and report them to the owner,
but they may do this without prior consent or expect a reward.
 Tools: They use the same tools as White and Black Hat hackers but often operate without
clear legal permission.
 Legality: Their activities may be illegal (due to lack of permission), but they often do it for
good intentions (such as reporting vulnerabilities) or curiosity.
 Example: A hacker who finds a security flaw in a website, informs the owner, but didn’t ask
for permission to test the site.

✅ Key Differences

Type of
Purpose Permission Legality Example
Hacker

White Improve security and Penetration tester hired

Authorized Legal
Hat help organizations by a company

Black Exploit systems for Stealing credit card

Unauthorized Illegal
Hat malicious purposes details from websites

Hacking a system and

Find vulnerabilities,
Grey Sometimes Sometimes reporting vulnerabilities
sometimes without
Hat unauthorized illegal without asking for
authorization
permission

6. What is malware? Explain in brief the concept of Virus.

✅ What Is Malware?
Malware (short for “malicious software”) is any program or code designed to harm, exploit,
or take unauthorized control of computers, networks, or devices.

Common Types of Malware

 Virus: Attaches itself to other files and spreads when those files run.
 Worm: Replicates itself over networks without needing a host file.
 Trojan Horse: Hides inside a harmless-looking program, then does damage once installed.
 Ransomware: Encrypts your files and demands payment to unlock them.
 Spyware/Adware: Secretly watches your activity or displays unwanted ads.

🎯 Concept of a Virus
A computer virus is a malicious program that can:
1. Attach itself to clean files (like documents or programs).
2. Spread to other files or computers when those files are opened or programs run.
3. Activate to carry out a “payload” (for example, deleting files or displaying annoying
messages).

🔄 Virus Life Cycle

1. Infection (Insertion)
o The virus code is added to a host file (e.g., a Word document or .exe program).
o Example: You download a “free game” that secretly carries a virus.
2. Replication
o Each time the infected file is run, the virus copies itself into other files or memory.
o Analogy: Like a real virus that makes more copies of itself inside your body.
3. Trigger (Activation)
o A condition makes the virus launch its payload (date, number of infections, user
action).
o Example: On the 1st of the month, the virus deletes all .docx files.
4. Damage (Payload)
o The harmful action the virus performs: deleting data, corrupting files, displaying
messages, or slowing down the system.
o Example: You see a pop-up that says “Your files are gone!” or your computer crashes.

🔒 How to Protect Against Viruses

 Use antivirus software and keep it updated.
 Don’t open attachments or programs from unknown sources.
 Keep your system updated with the latest security patches.
 Back up your data regularly so you can restore if infected.