Cyber Security unit 6

PII : personally Identifiable Information

PII is any piece of information that can be used to distinguish or trace an individuals identity, either
alone or in combination with other personal or identifiable information that is lined to specific
individuals

Example: Full name of person can alone identify a person and a birth date, gender, and ZIP code
together can uniquely identify the majority of people in the U.S.

it is not a legal term but is commonly used in businesses context

Sharing PII can have its benefits, such as allowing businesses to tailor products and services to the
wants and needs of their customers, but it also attracts the attention of cybercriminals who may
use this information to steal identities or commit other crimes.

Under the GDPR (General Data Protection Regulation) in the EU, “personal data” refers to any
information that can directly or indirectly identify a person

Individuals have several rights regarding their personal data under GDPR, such as the right to be
informed, the right of access, the right to rectification, the right to erasure/to be forgotten, the right
to restrict processing, and the right to data portability.

Cyber Stalking
In Cyber Stalking, a cyber criminal uses the internet to threaten somebody consistently

Cyber Stalking is the use of the internet or digital tools to repeatedly harass, threaten, or stalk
someone

it includes sending unwanted message, hacking accounts or spreading lies online

This crime is often done through email, social media, and other online mediums.

Consequences of Cyberstalking
Legal consequences can include fines, restraining orders, or sentence to imprisonment.

Victims may experience anxiety, depression, and fear which can affects their mental health.

Public harassment or false information can harm the victim’s reputation causing reputational
damage.

Personal privacy is compromised, making the victim feel vulnerable.

Types of Cyber Stalking

Webcam Hijacking

Cyber Security unit 6 1

 internet stalker would attempt to trick you into downloading and putting in a malware infected file
that may grant them access to your webcam

Observing location check-ins on social media

in case you’re adding location check-ins to your Facebook posts, you’re making it overly simple for
an internet stalker to follow you by just looking through your social media

Catfishing
Catfishing is when someone creates a fake profile on social media (like Facebook) to trick others.

They might pretend to be a friend of your friend to seem trustworthy, then try to get close to you
by chatting or sending friend requests — but they're not who they say they are.

Visiting virtually via Google Maps Street View

If a stalker discovers the victim’s address, then it is not hard to find the area, neighbourhood, and
surroundings by using Street View.

Cyber Crime
Cyber crime refers to illegal activities involving computers, networks or the internet as a tool to
commit offenses

These crimes include:

Identity Theft – Stealing personal information to commit fraud.

Financial Fraud – Online scams, fake transactions, and credit card fraud.

Cyberbullying – Harassment or threats through digital platforms.

Phishing Attacks – Deceptive emails or websites tricking users into revealing sensitive data.

Hacking – Unauthorized access to systems and data breaches.

Malware Attacks – Spreading viruses, ransomware, and trojans to damage or steal data.

As the internet becomes an essential part of daily life, from online shopping to business operations
and communication, cybercrime cases have surged globally.

Criminals exploit system vulnerabilities to steal personal data, manipulate financial transactions,
and disrupt critical services

Types of Cyber Crime

Malware Attacks
This kind ofcyber threat relates to malware viruses, worms, Trojans, etc. for interfering, damaging,
or unauthorized access to computer systems.

Denial-of-Service (DoS) Attacks

Cyber Security unit 6 2

 Here, the attackers focus on a system and flood it with high traffic, hence making it inaccessible to
the users. Another dangerous variant of DoS is DDoS, wherein many compromised systems target
one, thus making it much more difficult to defend against.

Phishing Attacks:
Phishing is a type of cyber threat where attackers send fake emails or messages that appear to
come from trusted or official sources, such as banks, government agencies, or well-known
companies.

These messages often try to trick the user into clicking on malicious links or sharing sensitive
information, like usernames, passwords, or credit card numbers.

The goal is to gain unauthorized access to accounts or steal personal and financial data

Botnets (Zombie Networks):

A number of hijacked computers can become a “botnet” of malware that can be used by an
attacker for coordinated attacks or spamming.

Cyber Criminals
Cyber criminals are individuals or groups who use computers, networks, or the internet to commit
illegal activities

Their goal is often to steal information, damage systems, make money disrupt services

Some cyber criminals act alone (lone hackers), while others are part of organized cybercrime rings
or even state-sponsored groups.

Types of Cyber Criminals

Hacking
Unauthorized access to or control over a computer system , network or data

Hackers may steal sensitive data, modify files, or disrupt services.

Phishing
Sending fake emails or messages that look like they are from trusted sources (like banks or
websites) to trick people into giving away personal information, such as passwords or credit card
details.

Identity Theft
Stealing someone's personal information (like name, address, or social security number) and using
it to impersonate them — often to access bank accounts, make purchases, or commit fraud.

Cyber Stalking

Cyber Security unit 6 3

 Repeatedly harassing, threatening, or following someone online using email, social media, or other
digital tools, often to instill fear or exert control.

DOS & DDOS

Overloading a website or system with traffic so it crashes and becomes inaccessible. DDoS
attacks use multiple compromised computers to launch large-scale attacks

Information Protection Law

India does not yet have a single, comprehensive law titled “Information Protection Law”, but is has
developed a legal framework to protect personal data and regulate cyber activities through
various laws and regulations

Below is an overview of how information protection is handled in India:

Information Technology (IT) Act, 2000 (Amended in 2008)

This is India’s primary law dealing with cybercrime and electronic commerce. It includes provisions
related to:

Data Protection (Section 43A): Organizations handling sensitive personal data are liable to
compensate individuals if they fail to protect that data and it leads to harm.

Cybersecurity and Hacking (Section 66): Punishes unauthorized access and hacking of computer
systems.

Identity Theft and Privacy Violations (Section 66C & 66E): Criminalizes identity theft and
publishing private images without consent.

Punishment for Cyber Offences: Includes imprisonment and fines for various cybercrimes.

Indian Penal Code (IPC), 1860

Some cybercrimes are also punishable under the IPC, such as:

Cheating (Section 415, 420)

Forgery (Section 463, 465)

Criminal intimidation and threats (Section 503)

Personal Data Protection Bill (PDP Bill), 2019 (Superseded)

This bill aimed to provide a comprehensive data protection framework, similar to the GDPR in the EU. It
introduced concepts like:

Consent-based data processing

Classification of personal, sensitive, and critical data

Cyber Security unit 6 4

 Data fiduciaries and data principals

Data localization

Sector-Specific Regulations
Certain sectors like banking, telecom, and healthcare have their own data protection standards:

RBI Guidelines for financial institutions.

TRAI Regulations for telecom companies.

Aadhaar Act for biometric data protection.

VoIP Hacking
Voice over IP hacking is a type of attack carried out by malicious user for the purpose of infiltrating
the phone system or unauthorized access to the phone system in order to steal the data

This lets the malicious user listen to all the conversion and calls, steal critical information, to make
calls and international calls to frame up huge bills

These attacks usually happen when an insider unknowingly gives out information or conspires
with the malicious actors

The severity of these attacks could range from being totally useless to even dangerous enough to
make the organization go bankrupt.

These attacks could also lead to other fraudulent activities such as impersonation, phishing,
accessing customers’ information and using them like using their credit cards, extorting them, etc.

Types of VoIP Hacking

Unauthorized use
unauthorized use attack is when the malicious user make use of the organizations’ phone network
to make cells to other people or organizations pretending to be someone from the organization

Eavesdropping
Eavesdropping is when an attacker listen to the business calls, conversations without users
knowledge

Spoofing of Caller ID
In this type of attack, the malicious actors use forged caller IDs and control them in coordination
with other attacks.

Countermeasures:
Choose a trusted VoIP provider with a good track record.

Cyber Security unit 6 5

 Admin access should be implemented in a controlled and careful manner.

VPNs should be used in case of remote access.

Detailed network tests should be done periodically.

VPNs should be used and their endpoint filtering should be enabled.

Regularly checking history, access, and call logs.

Passwords used should be strong.

Wireless hacking
Wireless hacking is the a wireless network to gain unauthorized access to the devices, data or
internet connection linked to it

hackers target wireless networks because they often transmit data over open airwaves, which can
be intercepted more easily than wired connection

Wireless networks use signals (usually radio waves) to transmit data. If not properly secured, these
signals can be captured by attackers using special tools and software.

Common Example
Man-in-the-Middle (MITM) Attack
Packet Sniffing: Attacker use tools to intercept and read data packets being transmitted
Wi-Fi Cracking: Attacking the network's password using brute-force methods or exploiting
weaknesses in older encryption types
Evil Twin Attack: The hacker creates a fake Wi-Fi network with a similar name (SSID) to a real one.

Mobile Hacking
Mobile hacking refers to the unauthorized access, control or manipulation of smartphones and
tablets to steal personal information, track activity pr cause harm

Since mobile devices store sensitive data and are always connected, they are a prime target for
hackers.

What Can Hackers Do Through Mobile Hacking?

Steal personal data (photos, messages, contacts, banking info)

Track your location in real-time

Listen to phone calls or record audio

Access your camera and microphone

Send messages or make calls without your knowledge

Install hidden apps or malware

Cyber Security unit 6 6

 Common Methods of Mobile Hacking:
1. Malicious Apps

Hackers create fake or infected apps that look legitimate.

When installed, these apps can steal data or spy on your activities.

2. Phishing Attacks

Fake messages or emails trick users into clicking harmful links or entering sensitive info on
fake websites.

3. Public Wi-Fi Attacks

Using unsecured Wi-Fi, hackers can intercept data sent from your phone (like passwords or
card numbers).

4. Spyware or Malware

Hidden software that secretly collects data from your device and sends it to the hacker.

5. SIM Swapping

Hackers trick the mobile provider into transferring your phone number to a new SIM card they
control.

This allows them to bypass two-factor authentication and access accounts.

6. Bluetooth Hacking

If Bluetooth is left on, attackers nearby can exploit weaknesses to access your device or data.

Cyber Forensic
Cyber forensics, also known as digital forensics or computer forensics, is the practice of
extracting, analyzing, and preserving digital evidence to uncover information about criminal
activities in the digital world.

The main aim of cyber forensics is to maintain the thread of evidence and documentation to find
out who did the crime digitally.

Working
Cyber forensics involves several key steps: identification, preservation, analysis, and presentation
of digital evidence

Identification involves determining which evidence is required for the investigation.

Preservation focuses on maintaining the integrity and security of the evidence.

Analysis aims to understand the insights provided by the evidence, while documentation and
presentation involve creating a structured report of the findings.

Cyber forensics is crucial for legal compliance, understanding the nature and extent of
cyberattacks, and prosecuting cybercriminals.

Cyber Security unit 6 7

 It also helps organizations mitigate damage, enhance their security posture, and prevent future
incidents

Cyber forensics can do the following:

It can recover deleted files, chat logs, emails, etc

It can also get deleted SMS, Phone calls.

It can get recorded audio of phone conversations.

It can determine which user used which system and for how much time.

It can identify which user ran which program.

Why is cyber forensics important?

Cyber forensics helps in collecting important digital evidence to trace the criminal.

Electronic equipment stores massive amounts of data that a normal person fails to see. For
example: in a smart house, for every word we speak, actions performed by smart devices, collect
huge data which is crucial in cyber forensics.

It is also helpful for innocent people to prove their innocence via the evidence collected online.

It is not only used to solve digital crimes but also used to solve real-world crimes like theft cases,
murder, etc.

Businesses are equally benefitted from cyber forensics in tracking system breaches and finding
the attackers.

The Process Involved in Cyber Forensics

1. Obtaining a digital copy of the system that is being or is required to be inspected.

2. Authenticating and verifying the reproduction.

3. Recovering deleted files (using Autopsy Tool).

4. Using keywords to find the information you need.

5. Establishing a technical report

Life Cycle of Cyber Forensics

The cyber forensics life cycle refers to the systematic process used by investigators to collect,
analyze, and present digital evidence in a legal and reliable manner. It ensures that the investigation is
thorough, evidence is preserved correctly, and findings are admissible in court.

1. Identification
Detect and define the incident or crime involving digital devices.

Determine the type of data needed (emails, logs, hard drives, network traffic).

Cyber Security unit 6 8

 Identify the sources of potential evidence (computers, mobile devices, servers).

🔹 2. Preservation
Secure the crime scene and protect digital devices from being tampered with.

Create a forensic image (bit-by-bit copy) of the original data to ensure integrity.

Ensure the chain of custody is maintained to prove the evidence hasn’t been altered.

🔹 3. Collection
Systematically collect relevant digital evidence from devices, networks, and storage.

Use certified tools and techniques to extract data without altering it.

Save collected data in a legally acceptable format.

🔹 4. Examination
Filter out unnecessary information and identify relevant data.

Recover deleted files, hidden partitions, or encrypted data if needed.

Analyze file systems, metadata, timestamps, and user activity.

🔹 5. Analysis
Connect the evidence to the crime by reconstructing events or user actions.

Correlate logs, communications, and digital footprints to understand what happened.

Identify the attacker, methods used, timeline, and impact.

🔹 6. Documentation
Keep detailed notes of each step taken during the investigation.

Record tools used, data collected, analysis performed, and findings.

Maintain logs to ensure the process is repeatable and defensible in court.

🔹 7. Presentation
Prepare a clear and structured report of the findings.

Present evidence in a format that is understandable to non-technical audiences, including judges

and lawyers.

If required, testify in court as an expert witness to explain the methods and results.

Cyber Security unit 6 9