cyber affairs

Oct - Dec 13 N CYBER AFFAIRES n 1

CONTENT

MEMBERSHIP PLAN Magazine cost : INR 55One year (I) : INR 200

Two years (II) : INR 400Three years (III) : INR 600Life time : INR 1000

Disclaimer

The contents/ article publishedin the magazine "CYBER

AFFAIRS" cannot be republishin any other magazine/form

without the reference and writ-ten permission from Cyber Law

Pioneers.The articles/ contents are taken

from different writers /sources. Cyber Law Pioneers isnot responsible for any error/mistake in the articles/ content.

Er. Arvind ShrivastavaEditor in chief

Er. Yashdeep ChaturvediExecutive Editor / Controller

Er. Syed Zeeshan Hussain Zaidi Consultant Editor

Er. Ankit ChoubeyCo-Editor

Er. Sonal Sudha SaxenaCo- Editor

Er. Saurabh SameleMarketing Manager

PUBLISHED BY

Er. Yashdeep ChaturvediCyber Law Pioneers

235,1st Floor, MP Nagar Zone-1 Bhopal, Madhya Pradesh

Phone:0755-4222664

+91-9977257408,9981218678Email:

[email protected] Page

www.cyberlawpioneers.com

PRINTED BYVIKAS OFFSET

Printers & publisherPlot no. 45 sector-F, Industrial Area,Govindpura, Bhopal- 462023.Ph:0755-2601952,9425005624

Email: [email protected]

CYBER AFFAIRESVol -1 | October - December 2013

Know Your Rights

12

Internet banking 16 Internet banking 16

Copyright

13Story Of A Genius

24

Superstars activeon NetworkingSites, Why!

42

EditorCYBER AFFAIRS

It is hearting to learn that Cyber Law Pioneers is bringing out mag-azine "CYBER AFFAIRS".

The magazine intends to cover wide variety of issue such as cybercrime, auditing, cyber crime analysis, IPR issues and E- governance ininitiation.

I am very sure that the magazine would be contributing a lot in this field and would play important role in generating public awareness. It would also be helpfulfor professionals working in the field.

I take this opportunity to convey my congratulation and best wish-es for all the success for your endeavors.

Thank you and regards

2 N CYBER AFFAIRES n Oct - Dec 13


TO

EditorCYBER AFFAIRS

Now a day, people are getting habitual to use the tech-nology, they depend on the internet for the normal routinetask. They are using the technology without knowing thethreats and Risks.

These are the reasons of increasing cyber crime exponen-tially, so it is challenging for government as well as for policeto control cyber crime. Government is implementing newpolicies to monitor cyber crime state cyber police state cyberpolice Bhopal is equipped appropriately in terms of man-power and resources to tackle the menace of cyber crime. Tobring about awareness of cyber crime is a very challengingtask in which apart from the police, the social media andpublic have to play a pivotal role.

This magazine provides pertinent information about cybercrime and related issues to common people. So I appreciate"CYBER AFFAIRS" as this magazine will be very beneficialfor everyone.

Mr. Anil Kumar GuptaInspector General of Police

State Cyber Police Bhopal (MP)

CONGRATULATION LETTER


Internet, Technology & CYBER CRIME

Nowadays, mostly people shar-ing information online, storepersonal information by

maintaining private account onlineand communicate to each other.

Technology and electronic media isgrowing rapidly. People are havingvery advance technical instru-ments with large functions.Computer, laptop, PDA, camera,micro camera, Mobile phone etc, these makeeasy to access internet from anywhere and per-form multiple functions like sending message,capture photograph and video, playing game,music, create MMS and sound recordings etc.

The rapid growth of technology has generat-ed a new category of crime and also providestools for criminals to commit traditional crimesuch as theft, fraud, intimidation, and harass-ment by using that technology, easily fromanywhere and anytime.

People believe on internet and use it to dosome personal and private activity but they

don't have sufficient knowledge. Sodue to lack of awareness they becomevictim of cyber crime. The easy useand availability of internet and elec-tronic media invite the criminal to usethese things in committing criminalactivities.

CYBER CRIME: A crime whichis committed by using computerand other electronic media. In

cyber crime a computer system may used astool or target. Cyber crime may committedonline or offline. The internet performs a leadrole in cyber crime because of its global avail-ability as communication medium and easy touse. Traditional forms of crime violate state,national, and local laws. High-tech crime (orcomputer crime) encompasses a wide variety ofcriminal activities that also breach state,national, or International laws, but it is donethrough the computer, including hacking, soft-ware piracy, malware, electronic money laun-dering, harassment, and even identity theft.

Internet is a worldwideglobal network of com-munication which isaccessed by any onefrom anywhere. It is thesource of informationwhich holds all type ofinformation related todifferent types of arealike education, health,news, music, entertain-ment etc.

Er. Yashdeep Chaturvedi

CYBER LAW POINT


CYBER LAW POINT

way. It is necessary to prevent cyber crime infuture because if you ignore it this may be pos-sible criminal again try to commit and resultserious. If any person harassed and stalkedyou, report the person to the police. Withoutthe information about incident the crimepolice unable to help you. Many police depart-ments now have entire units that do investigat-ing cyber crime. The government establishedseparate police department which deal withcyber crime. Remember that cyber crime isdefined as crime that takes place electronical-ly between people.

HOW TO FACE THE CYBER CRIMEAccording to Indian law, these all activities

are illegal or may be cover under criminalactivities and all are punishable with seriouspunishment or fine.. So never do this. If youperform any type of illegal activities andanybody make complaint against you than lawwill punished you according to crime.

There are only two ways to protect you fromcyber crime. The first thing is Awareness aboutcyber crime and second is to make complaintagainst cyber crime and take legal action.

1. Awareness about cyber crimeAwareness is only tool which may strongly

defeat cyber crime. In our country mostly peo-ple not have complete knowledge of technolo-gy but somewhere they used many technologybased services like online banking, reservation,shopping, and mobile phone etc. these alltechnical services require proper knowledge tooperate. Criminal take the advantage of thisthing and easily committed online fraud andcrime.

So proper technical knowledge and aware-ness about technical crimes, can save the peo-ple against cyber crime.

2. Reporting of cyber crimeWhen a person of criminal mind committed

a crime against another and victim does notreport about this to police so the criminalthink it's a normal activities and nobody noticeme, after that he committed same crime againand again.

The first step to deal with cyber crime isReporting of cyber crime to police or take thehelp of cyber consultant who guide you in right

The term 'cybercrime' covers a widerange of activities that are carried outagainst businesses and individualsusing computers and the internet.People use various services of internetand may do online activity . Someactivities which are done by personnormally without bad intention onlyfor enjoy, which may be illegal butthey don't aware about it and someactivities done with bad intention toharm someone online. But illegal orcriminal activities are always wrongwhich are committed with any inten-tion. According to Law any activity isillegal whether it is performed in anymanner law decide punishment for it,that prevents the criminal to againcommiting a crime.

1. Report to cyber Police againstCyber crime to cyber Police.

2. Take the Help of cyber consul-tant for proper guidence.

3. File a suite at the office of adju-dicating officer, in case of datatheft, hacking tec.

4. Seek a case against predator incourt.

STEPS THE VICTIM CAN TAKE

ACTIVITIES COVERED UNDER CYBER CRIME

TO HARASSED SOMEONE BYINTERNET OR MOBILE PHONE m Sending threatening and abusive emails to a

person.m Sending threatening and abusive messages

by mobile phone.m Give the missed call repeatedly in odd

hours.p Call to a person, related to intimidation,

false information, threatens.m Sending obscene content by email to target

person.

TO DEFAME SOMEONE BY INTER-NET OR MOBILE PHONE

m To publish the false information on inter-net.

m To share the private information of a per-son by internet or mobile phone.

m Capture the image or video of person's pri-vate area and publish it without his/herconsent.

PROVIDE FAKE AND FALSE INFOR-MATION

m Provide false information and identity topurchase SIM card.

m Create fake profile of anyone on social net-working sites.

m Provide false information to create self e-mail ID on internet.

m Talk to a person in behalf of another and

treat as original.m To stalk someone by internet or mobile

phonem To collect the private information of a per-

son.m Monitor the activities of a person online or

by mobile phone.m Try to access the private information or sys-

tem of a person.

OTHER CYBER CRIMES

m Unauthorized access to computer system.Means to access computer without the per-mission of owner.

m Data theft means to copy and take photos,videos, computer programs and other datawithout the permission of owner.

m Stolen the computer resources like pendrive, CD, mouse, printer etc.

m To capture the image of women private areaby mobile phone, digital camera and otherelectronic device is violation of privacy.

m Cyber pornographym Physically damaging computer system.


CYBER LAW POINT

Online Banking Fraudsn Money launderingn Credit card fraudn Password theftn Unauthorized use of ATMcard, Credit card, Debit Cardetc.


On 25th April 2012, GDC Technology (“GDC Tech”), a world leading digital cinema solutionprovider, was chosen as the exclusive digital cinema provider to convert all the cinema multiplexes oper-ated by Inox Leisure Limited (“INOX”) The proposed contract involved GDC Tech supplying INOXwith 300 units of integrated systems comprising GDC’s Integrated Media Block (“”IMB”) and Barco

projectors, as well as 75 units of GDC’s Theatre Management System (“TMS”) with theatre automationsystem, and the construction of a Network Operations Center (“NOC”) complete with full centralized

cinema chain management solution. The deployment of the project got over recently and INOX is now a 100 percent Digital chain.


TECH SECURITY

A s the cyber crimes are increasing,the risk of information theft alsoincreasing and now it's very com-

mon in media as well. Our Websites representus and our business on cyber space and theseare on big risk by unauthorized access knownas hacking. So to be protected online and dobusiness effeciently on cyberspace you need toperform security auditing and penetrationtesting of website, as it is theneed of present scenerio. Thegovernment websites containvery sensitive data that can berelated to national security etc.According to the guideline byNIC, Department ofInformation TechnologyGovernment of India -n Every website/applicationmust undergo a security auditfrom empaneled agencies andclear the same, prior to hostingand after addition of new mod-ules.

Secure your business platform in virtual world

n Deparment must formulate a security policyto address of various security issues related tothe website.

AUDITINGThe word 'audit' usually has a negative con-

notation, but a website audit is very different.The purpose of performing one is to help com-panies determine how well their site is working

A comprehensive audit can prove to be a boon for your website. It helpsin budding your site's traffic and page rankings and increases your

return on your investment (ROI). Website audit solutions provide every-thing you need to supervise and maintain your website.


TECH SECURITY

ethical hacking, IT health check or informa-tion security consulting but they are generallyall referring to the same activity. Penetrationtesting can be defined as the process of simu-lating a cyber attack on computer systems forthe purposes of discovering and eliminatingsecurity vulnerabilities. But both vulnerabilityscanning and penetration testing are different,vulnerability scanning is just identifying vul-nerability and pen test is attempted to exploitthe vulnerabilities. Pen Test is a legal attemptat gaining access to your protected computersystems or networks, often conducted by athird party organization. Two of the morecommon types of penetration tests are blackbox and white box penetration testing. In ablack box test, no prior knowledge of the cor-porate system is given to the third party tester.Pen test is conduct on website, systems,servers, networks etc.

REASONS TO CONDUCT A PEN TESTn Determining the feasibility of a particular

set of attack vectors

m Analysis of your website can give youinsight into new graphic andstrategic ideas.

m It can help you tweak compo-nents that are hampering yourweb site's current performance.

m Such reports can give you insightinto your website's traffic ranking,bounce rates and search percentages.

m Response time and download time arealso reviewed during the analysis.

m Character setting is checked as wrong out-puts of a page can hinder the indexing ofyour website by search engines.

m It is important to check the file size of yourwebsite, (optimize your bandwidth usage)as large files of pages or images mayincrease your download time.

m The website audit will ensure that your sitecontains link juice flows to your pages asyou want the optimum ranking withinsearch engines.

m This analysis can also help you to create

new online marketing strategies.m A traffic report within a web-

site audit indicates where trafficto your site is coming from and

which search terms (keywords) arebeing used to trigger your site.

m A complete website audit alsoprovides feedback on certain linksor problems with your websites

links.m Broken website links are validated, ensur-

ing your site is free of current brokenlinks which could hamper the functioningof your website.

m HTML errors are also corrected as errorsto your HTML can present your pagesincorrectly in web browsers.

m Meta descriptions are also verified, rele-vant and optimized.

m If you have chosen Search EngineOptimization (SEO) to optimize yourwebsite, a website audit will monitor itsoptimizing process.

IMPORTANCE OF WEBSITE AUDIT

and what improvements may be needed.The purpose of a website audit is to aid

webmasters or owners in the understanding ofthe functionalities and components of a web-site's performance on the Internet. This auditis very important to your online campaign.Mostly website auditing services are used toimprove the performance of the website,Boosting up SEO and Perking up conversionrates. A website audit zones is on the func-tionalities of a website, forms, information,content, evaluation of ranking, and the qualityof a website are reviewed.

Your website should be audited once peryear or more than once per year if you'readding or changing a lot of your website eachmonth. According to latest guidelines of SEBI,every brocker have to audit their system inevery six months.

PENETRATION TESTINGpenetration testing can be referred to by

many different terms including pen testing,


TECH SECURITY

n Identifying higher-risk vulnerabilities thatresult from a combination of lower-risk vul-nerabilities exploited in a particularsequence

n Identifying vulnerabilities that may be diffi-cult or impossible to detect with automatednetwork or application vulnerability scan-ning software

n Assessing the magnitude of potential busi-ness and operational impacts of successfulattacks

n Testing the ability of network defenders tosuccessfully detect and respond to theattacks

n Providing evidence to support increasedinvestments in security personnel and tech-nology

AUDIT AND PEN TEST?As the security of information is major issue sothis is important that the company which isperforming audits and pen test must be reli-able. Indian Government organization CERT-in has empanelled some companies to performsecurity Audits and Pen Test. CERT-in(Computer Emergency Response Team) is a

national nodal agency for responding to com-puter security incidents as and when theyoccur. And only CERT- in empanelled com-pany's certificate will be acceptable as authen-tic and by NIC (National Informatics Centre).

BENEFITS OF AUDIT AND PEN TEST?Anyone can get performed Audit and Pen Testas per their need, but for the Govt. websites it'smandatory to get performed Audit and PenTest by the Guidelines of CERT-in and for theBrokers it must be done in every 6 months bythe rule of SEBI (Security Exchange Board ofIndia).

IMPORTANCE OF CERTIFICATEThe Certificate of Audits and Pen Test is veryvaluable because any website whether it's aGovt. or private organization requires a validcertificate of Audit and Pen Test by CERT-into host on server of NIC and second thing it isan evidence of your website secure in cyberspace.

m

Expert-ViewA comprehensive audit can prove to be a boonfor your website. It helps in budding yoursite’s traffic and page rankings and increasesyour return on your investment (ROI).Website audit solutions provide everythingyou need to supervise and maintain your web-site. Peneration takes network security to nextlevel by actually exploring the network forvulnerabities.Simply deploying a firewall, vul-nerability scanner, and an antivirus programis not enough to protect the system from anoutside invasion.

ER. SYED ZEESHANHUSSAIN ZAIDISecurity Expert


CYBER IPR TIDINGS

T his is the time of computerand technology where nothingis impossible. The computer

and technology is controlled by soft-ware programs, people do their differ-ent tasks with the help of softwaretools. Almost every day a new softwaretool is launched in the market withmore advanced functions andmore users friendly.

The software launched by so many compa-nies while the software is actually developed bydeveloper (programmer) understand the prob-lem and requirement, develop concept, designalgorithm then he writes programs in this waya software is finally developed.

At present there are so many people areworking in this field as developer, engineer etc.Some of them are working individually andrest them are working as employees in compa-nies. The truth is that a creator of softwarewho writes the programs has its own intellec-tual property rights on the work done by himbecause he is the author of the work.

It is very necessary for the developer to docopyright registration of their work. Aftercopyright registration if anybody theft, copy,

distributes the work without anyauthorization, you can file complaintas well as claim for compensation.The copyright law protects the soft-ware developer at same time somedevelopers break the rules and docopyright infringement. Some soft-

ware developers copy and use thesource code of other's software,use contents and designs of

other's website with the help of available tech-nology, all of these activities come undercopyright infringement.

KNOW YOUR RIGHTSPROTECT YOUR COMPUTER PROGRAM AND PRODUCT

IMPORTANT POINTS FOR SOFTWARE DEVELOPERSm Never theft/ use source code of other's soft-

ware.m Never use copyrighted content of anyone in

your software without permission of itsowner.

m Always do copyright registration of youroriginal work.

m Know your rights and enjoy your work.

Er. Arvind Shrivastava


CYBER IPR TIDINGS

COPYRIGHTRIGHTS AND PROTECTION IN SOFTWARE PRODUCTS

C omputer software means a set ofinstructions that control and enablethe computer system to perform the

task.Software is an intellectual property of

developer or creator because in copyrightlaw the computer program is con-sidered as literary work like writinga book or any other literarywork. The software is easilyreproducible and can becopied in low cost.

The intellectual propertyrights protect the propertywhich is creation of mind.There are some conditions,like the work should be new,original and there should not beany type of duplication and repeti-tion. Software industry plays a vitalrole in economical development of ourcountry. So, there is need of stronger legalprotection of software products.

Unauthorized production, piracy, counter-feiting, and duplicity are dangerous to thesoftware industry. There are two form of legalprotection for computer software in India.First one is the Indian copyright Act, 1957and second is the patent Act, 1970.

Law provides the criminal as well as civilremedies to the owner of the copyright ofsoftware products against the infringements.

Elements of a computer software are-Codes,Commands ,Words, Algorithms,Schemes, Database,Source code, Object code(Machine readable code), Desired output.

The software is first written in source code,in any of programming language used bydeveloper. After complete the program insource code is compiled and converted intoobject code or machine code which understand

and executed by CPU(Central processingunit).

All the source code, object codeand the desired output of software

are protected under copyright.Basically, software can be cate-gorized into two categories.The first one is system soft-ware which runs and controlsthe functions of computer.

The other one is applicationsoftware which is designed for a

particular function and performedthat function only."The software products are legally

protected under copyright Act, as literarywork. This provides the special exclusive intel-lectual property rights to the owner".

Protection under copyright Act:Copyright subsist in original works that are

capable of being published or reproduced froma medium. The copyright law describes therights given to the creators for their new andoriginal work. The copyright law covers artis-tic, literary, musical work like paintings, songs,sculpture, cinematographic films, technicaldrawings as well as computer software anddatabases.

The copyright is the exclusive right i.e. theowner of copyright can exclude others from

The copyright law covers artistic, literary, musical work like paint-ings, songs, sculpture, cinematographic films, technical drawings as

well as computer software and databases.


CYBER IPR TIDINGS

using the work in any form. The term of copy-right in India is lifetime and 60 years after thedeath of author. The copyright does not pro-tect idea, while protect the expression based onthat idea. The basic rule is that the author ofthe work is the first owner of copyright.Whenever a new creativity is developed it isautomatically protected by copyright law but itmust be published once in any medium.

The computer software is defined as com-puter program under the copyright Act. Thecomputer software is covers as the literary workso; the developer of software is the first ownerof copyright on that software. If the develop-er is working as an employee in a company theownership of the work is depends on the termsand the conditions described in the contractsigned by the developer (employee).

Activities amounting to infringementThe use of computer software without

license or not follows the conditions of licenseagreement are known as infringement.Thelicense usually prohibits the following acts.

The software piracy, illegal use and distribu-tion are big challenge for software industry toprotect their products. The valid use of soft-

ware products, required licensed from itsowner and the mode of use is depend on terms& conditions of license agreement. If any per-son use the software illegally and not follow theagreement is copyright infringement andoffence under Indian law.

m Useful and capable of industrial application.

m The process or product must be new.

m The invention must be non-obvious.

CONDITIONS OF PATENTABILITY

Expert-Viewoffence Activities under copyright Act.m To use the software without license.m Reproduction and distribution of software

without owner permission.m To use the pirated or infringing copy.m To theft the algorithm or source code of

program.m To publish the original work of author

without permission.m Download the licensed software from

unauthorized websites.

VINITA MOHINDRAChief Coordinator of IPR CellMANIT Bhopal

PunishmentAny person knowingly uses infringing copy of softwareproduct is liable to be punishment with imprisonment of atleast7 days which may be extend upto three year and withfine at least 50,000 rupees which may be extend upto 2lacks rupees.

Protection under Patent ActAccording to the Indian law, the software is not patentableobject alone. The patent Act protects the new inventiononly. For any patent registration, product needs to crossand fulfill some conditions. Only software is not suited forpatent registration. The software product embedded withhardware is patentable in India.


CYBER IPR TIDINGS

S ource code in which,a software programdesign is very valu-

able to software developer. Inthis computer era it’s very easyto see a source code of anysoftware with some tools andreverse engineering.

Hackers and software devel-opers make some changes inany software’s source code andmake new software with differ-ent name and take minatoryadvantages, nowadays this isvery common activity. Sourcecode theft is a crime, for this

there is provision of fine andpunishment in Indian IT Act.

The information from web-site of MP cyber police a casetook place in Bhopal too. Inthis case an engineer com-plaint in cyber cell about thetheft of source code of his webportal by someone and hemade new portal with somechanges. After this policeinvestigates the whole case andwith the help of information ofdomain name registration,criminal traced in Australia.

SUGGESTIONEvery software developer should takecopyright of their software’s source code.And you can report tocyber police for sourcecode theft. With com-plaint you can alsoappeal to adjudicatingofficer for compensa-tion over which judg-ment comes within 6months.

SOURCE CODE THEFT


E - BANKING

Lalit Badhwani


E - BANKING


E - BUSINESS

T here are different kind of businessesrun by website like advertisement,sales, reservation, education, and dis-

tance saling. Broadly, operatability of onlinebusiness can be categorized into two modesthrough Non commercial website and transac-tional website.

In virtual world, you working as intermedi-ary or service provider and you have someresponsibility. You are the owner of website,so you are responsible for data or any activityon website. Don't allow objectionable, obsceneand defamatory statements on your website

When youthink online

businessthen first

you think asecure, userfriendly andattractivewebsite.

LEGAL PROTECTION TO ONLINE SHOPPERS

When planning your website project, or indeed if you already have a web-site, there are a number of legal issues that you need to consider and it is

your responsibility to ensure that all legal requirements are met. cyber secu-rity are vital issues to all businesses based on website and operating in theInformation Age. As per present scenario people required a legal protection

and awareness for running online business.


E - BUSINESS

IPR ISSUES

m Create your website with new idea, content and design.m Not use copyrighted material on your sitem Show copyright information with symbol © on your

website.m Don't use deeplinking or framing to other website.m To increase the TRP of website and search at top, not

use the name of big brand name like TATA, Relianceetc in metataging.

m Use only the words related to your work.m Never use the domain name similar to a domain name

of famous brand

PROTECT CUSTOMER RIGHTS

m After purchase, send the confirmation via email withfollowing information-date of deliver, action take bycustomer on delivery, Details of how to cancel, Addressfor complaint, Details of after sales service

m Protect the customer data, clearily defined purpose isthe data to be process for and don't use in another pur-pose.

m Include a privacy policy on the web site.m Maintain the privacy and confidentiality of customer.m Don't sale Impaired or poor material to customer.

ISSUES REGARDING SALES

m Use certified transaction and security method as perlaw.

m Use click wrap user license agreement to sale a productthough website and Include the contract file on website.

m Make sure that your contract is valid as per law. Itincludes all the components of a binding contract -Offer, Acceptance and Consideration.

m Mention the jurisdiction place and validity of contract.m Display your privacy policy, terms and condition, con-

dition for sale etc, on on website.m Define the complete produre of sale from selectin a

product to delivery at customer home.m Provide a simple user friendly form to sale like customer

name & address, description of goods, price, arrange-ments for payment, delivery costs, delivery arrange-ments, right to cancel the order, minimum duration ofcontract, how long the offer is valid.

m After purchase, send the confirmation via email.m Refund rights

business can charge for returning the goods, but youshouldn't.

and use the filter techniquesand tools. If any person uploadssome objectional content onyour website not access or editthe content, just remove it. Ifyou don't know about that con-tent then no problem but if youknow and recive a notice andnot remove the content with 36hours you are liable and punish-able under IT Act, 2000.Legally, there are so manythings which should be alwaysfollowed by shopper to run ane-commerce website.So whenyou run your online businessyou know these all the issuesthat you need to consider. Oneanother important thing is thatknow your role in virtual world.

Expert-ViewThe website owner is anintermediary. He receivesand stores the electronicrecord and provides theservice with respect to thatdata. Website owner mustpublish the name of thegrievance officer on itswebsite. The grievance offi-cer shall redress the com-plaints within one monthfrom the date of receipt ofcomplaint.

ER. SAURABH SAMELEIT Consultant


VIRTUL PAHCHAN

§UÜðÅþUæçÙ·¤ çâ»Að¿ÚU §U´ÅUÚUÙðÅU ÂÚU©UÂÜ�Šæ âÖè ÎSÌæßðÁæð´ ·ð¤ âˆØæÂÙ

·¤ÚUÙð ·¤è Âý×é¹ Âý‡ææÜè ãñUÐ çÁâðÖæÚUÌèØ ·¤æÙêÙ Öè ×æ‹ØÌæ ÎðÌæ ãñUÐ

·¤�ŒØêÅUÚU ÂÚU ÕÙæØð »Øð ÎSÌæßðÁô´ ·¤ôãSÌæÿæçÚUÌ ·¤ÚUÙð ·Ô¤ çÜ° §ÜñUÅþæçÙ·¤ãSÌæÿæÚU ·¤æ ©ÂØô» ç·¤Øæ ÁæÌæ ãñÐ¿æãð ßã §ü-·¤æ×âü âæçßüàæ ãUæð, §ü-

»ßÙðüâ Øæ âæŠææÚU‡æ âÖè Á»ã §â·¤æ·¤æÙêÙÙ ßñŠØ ãñÐ âæ×æ‹Ø ãU× ·¤ãU

â·¤Ìð ãñU•ç·¤ §ÜñUÅþæçÙ·¤ Á»Ì ¥õÚUÙðÅUß·¤ü ÂÚU ç·¤âè §‹ÅUÚUÙðÅU ©ÂÖôQ¤æ ·¤èâãè Âã¿æÙ °ß´ §ÜñUÅþæçÙ·¤ ÎSÌæßðÁô´·Ô¤ âãè âˆØæÂÙ ·Ô¤ çÜ° §ÜñUÅþæçÙ·¤

ãSÌæÿæÚU ·¤æ ©ÂØô» ·¤ÚUÌð ãñUÐ§ÜñUÅþæçÙ·¤ ãSÌæÿæÚU ç·¤âè Öè ÃØçQ¤·¤è ¥æòÙÜæ§Ù ×æŠØ× ×ð´ Âã¿æÙ ÕÙæÙð·Ô¤ çÜ° ©âè ÌÚUã ©ÂØô» ãôÌæ ãñ çÁâÌÚUã ßæSÌçß·¤ ÎéçÙØæ ×ð´ ç·¤âè ÃØçQ¤·Ô¤ ãSÌæÿæÚU âð ©â·¤è °ß´ ©â·Ô¤ mæÚUæ

ãSÌæÿæÚU ç·¤Øð »Øð ÎSÌæßðÁô´ ·¤èÂã¿æÙ ãôÌè ãñÐ Áñâð- ØçÎ ç·¤âè

¥æßðÎÙ Øæ ÎSÌæßðÁ ÂÚU ç·¤âè ÃØçQ¤·Ô¤ ãSÌæÿæÚU ãñ Ìô ©â·Ô¤ ÎSÌæßðÁ ÂÚUçÜ¹è âê¿Ùæ ÂÚU ÃØçQ¤ ·¤è Sßè·¤ëçÌ

×æÙè ÁæÌè ãñ´Ð

§´ ÅUÚUÙðÅU ÂÚU ÃØßâæØ ·¤ÚUÙð Øæ ç·¤âè âðßæ·¤æ ©ÂØô» ·¤ÚUÙð ·Ô¤ çÜ° §Üñ�UÅþæçÙ·¤ÎSÌæßðÁô´ ·¤æ ¥æÎæÙ-ÂýÎæÙ ãôÌæ ãñÐ §ü-

×ðÜ ·¤æ ©ÂØô» ·¤ÚU·Ô¤ ·¤æòÅþð�UÅU ÕÙæØð ÁæÙð Ü»ð ãñ,âÚU·¤æÚUè ÅUð´ÇÚU ·Ô¤ ¥æßðÎÙ Öè §ü-×ðÜ âð ¥æòÙÜæ§ÙÖÚUð ÁæÙð Ü»ð ãñÐ Ìæð ÙðÅUß·¤ü °ß´ §´ÅUÚUÙðÅU ÂÚU Åþæ´âÈ¤ÚUãô ÚUãð §Üñ�UÅþæçÙ·¤ ÎSÌæßðÁô´ ·¤æ âˆØæÂÙ ·¤ÚUÙð¥õÚU ÖðÁÙð ßæÜð Âýæ#·¤Ìæü ·¤è âãè Âã¿æÙ ·Ô¤ çÜ°§Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU ·¤æ ©ÂØô» ç·¤Øæ ÁæÌæ ãñÐ

§Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU çÁâ·Ô¤ ¥´Ì»üÌ çÇçÁÅUÜãSÌæÿæÚU Öè ¥æÌð ãñ ç·¤âè Öè §Üñ�UÅþæçÙ·¤ çÚU·¤æÇü·Ô¤ âˆØæÂÙ ·Ô¤ çÜ° ÖæÚUÌèØ âê¿Ùæ Ì·¤Ùèç·¤¥çÏçÙØ× ·Ô¤ ¥´Ì»üÌ ·¤æÙêÙ ßñÏ ãñÐ

§Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU ç·¤âè ÂðÙ âð ÙãØ ç·¤ØðÁæÌð ãñ, Øã °·¤ Âýô»ýæ× ·¤ôÇ ãôÌæ ãñ, çÁâð °·¤âæò�UÅUßðØÚU mæÚUæ §Üñ�UÅþæçÙ·¤ çÚU·¤æÇü ¥õÚU çÙÁè ·¤ôÇ(ÂæâßÇüU/Âýæ§UßðÅU•·¤è) ·¤ô ç×Üæ·¤ÚU ÕÙæØæ ÁæÌæãñÐ

§Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU ·¤æ ©ÂØô» ·¤ÚU ç·¤âè·¤�ŒØêÅUÚU âð ÕÙð çÇçÁÅUÜ â´Îðàæ/§Üñ�UÅþæçÙ·¤ÎSÌæßðÁ ·¤ô ÖðÁÙð ßæÜð ·¤è Âã¿æÙ ·¤è ÁæÌè ãñÌÍæ âéçÙçpÌ ç·¤Øæ ÁæÌæ ãñ ç·¤ â´Îðàæ ¥ÍßæÎSÌæßðÁô´ ×ð´ ·¤ô§ü ÀðÇÀæÇ¸ Øæ ÁæÜâæÁè Ùãè´ ·¤è»Øè ãñÐ

çÇUçÁÅUÜ çâ»Að¿ÚU Âýæ# ·¤ÚUÙæÖæÚUÌ ×ð´ âê¿Ùæ Âýæôç»·¤è ¥çÏçÙØ× w®®® ·Ô¤

ÌãÌ çÇçÁÅUÜ ãSÌæÿæÚU ·¤ô çÇçÁÅUÜ ÎSÌæßðÁô´ ·Ô¤âˆØæÂÙ ÌÍæ ÖðÁÙð/Âýæ# ·¤ÚUÙð ßæÜè ·¤è âãèÂã¿æÙ ãðÌé ßñæçÙ·¤ ×æ‹ØÌæ Âýæ# ãñÐ

çÇçÁÅUÜ ãSÌæÿæÚU Âýæ# ·¤ÚUÙð ·Ô¤ çÜ° ÃØçQ¤ ·¤è©×ý v} ßáü ÁM¤ÚUè ãñ. ·¤´ÅþôÜÚU ¥æòÈ¤ âçÅüUÈ¤æ§UÅU

¥ÍæðüçÚUÅUè ·¤éÜ | °Áð´âè ·¤ô ×é�Ø M¤Â âð çÇçÁÅUÜãSÌæÿæÚU ÁæÚUè ·¤ÚUÙð ·Ô¤ çÜ° âçÅUüÈ¤æçØ´» ¥æòÍôçÚUÅUèƒæôçáÌ ç·¤Øæ »Øæ ãñÐ âÖè °Áð´âè ·¤è ßðÕâæ§ÅU (www.tcs-ca.tcs.co.in,

www.e-mudra.com,

www.ncodesolution.com)

ÂÚU ¥æßðÎÙ È¤æò×ü ©ÂÜ�Ï ãñÐçÁâð ÖÚU·¤ÚU ç·¤âè Öè âçÅUüÈ¤æçØ´» ¥æòÍôçÚUÅUè ·¤ô

¥æßðÎÙ Îð·¤ÚU çÇçÁÅUÜ ãSÌæÿæÚU Âýæ# ç·¤Øæ Áæâ·¤Ìæ ãñÐ

çÇUçÁÅUÜ çâ»Að¿ÚU ·¤æ ©ÂØô» âçÅU´È¤æçØ´» ¥æòÍôçÚUÅUè mæÚUæ çÇçÁÅUÜ ãSÌæÿæÚU ·Ô¤

çÜ° âæò�UÅUßðØÚU ·¤è âè.Çè ÌÍæ ÅUô·¤Ù/ S×æÅUü ·¤æÇü

§ÜñUÅþæçÙ·¤ ãSÌæÿæÚU ©ÂØô»·¤ÚUÙð ·Ô¤ È¤æØÎð

m §Üñ�UÅþæçÙ·¤ çÚU·¤æòÇü ×ð´ ÀðÇ¸ÀæÇ¸ Ù ãôÙð ·¤è»æ´ÚUÅUèÐ

m §Üñ�UÅþæçÙ·¤ çÚU·¤æòÇü ·¤æ âãè âˆØæÂÙÐm §Üñ�UÅþæçÙ·¤ çÚU·¤æòÇü ÖðÁÙð ßæÜð °ß´ Âýæ#

·¤ÚUÙð ßæÜð ·¤è âãè Âã¿æÙÐm §Üñ�UÅþæçÙ·¤ çÚU·¤æòÇü ·¤æÙêÙè ×æ‹ØÌæ Âýæ#

ãôÙæ ¿æçã°Ðm ØçÎ ç·¤âè ÎSÌæßðÁ ÂÚU §Üñ�UÅþæçÙ·¤

ãSÌæÿæÚU ãñ, Ìô ßð ·¤æÙêÙ âãè ãñ ÌÍæ ·¤ôÅUü×ð´ ×æ‹Ø ç·¤Øð ÁæØð´»ðÐ


VIRTUL PAHCHAN

ÂýÎæÙ ç·¤Øæ ÁæÌæ ãñÐØêÁÚU ·¤ô âæò�UÅUßðØÚU âèÇè ·¤æ ©UÂØæð» ·¤ÚU ÅUæð·¤Ù ÇþèßÙ

âæò�UÅUßðØÚU §´SÅUæÜ ·¤ÚUÙæ ÂÇÌæ ãñÐ çÈ¤ÚU Øê. °â. Õè. Çþæ§ß ·Ô¤×æŠØ× âð ÅUô·¤Ù ·¤ô ·¤�ŒØêÅUÚU ×ð´ §´âÅUü ·¤ÚUÙæ ãôÌæ ãñÐ âÕâðÂãÜð ÅUô·¤Ù ÅUô·¤Ù ÇþèßÙ âæò�UÅUßðØÚU §´SÅUæÜ ç·¤Øæ ÁæÌæ ãñ,çÁâ×ð´ °·¤ token Ùæ× ·¤æ ¥æòŒàæÙ ãôÌæ ãñ Áô çÇçÁÅUÜãSÌæÿæÚU Âý×æ‡æ Â˜æ ·¤ô ÂýÎçàæüÌ ·¤ÚUÌæ ãñÐ Øã Âý×æ‡æ Â˜æ§´ÅUÚUÙðÅU ÂÚU internet administration çÜ´·¤ ¥ôÂÙ·¤ÚUÙð ÂÚU Öè ç×Üð ÁæÌæ ãñ Øãæ¡ ØêÁÚU ¥ÂÙæ ÅUô·¤Ù ·¤æ ÂæâßÇüÕÎÜ â·¤Ìæ ãñ §â·Ô¤ ÕæÎ çâSÅU× ÂêÚUè ÌÚUã ÌñØæÚU ãñ ¥õÚUØêÁÚU çÇçÁÅUÜ ãSÌæÿæÚU ©ÂØô» ·¤ÚU â·¤Ìæ ãñÐ

çÇÁèÅUÜ ãSÌæÿæÚU ·¤è âãè °ß´ àæéhU ·¤æØü ·¤ÚUÙð ·Ô¤ ·¤æÚU‡æâæ§ÕÚU Á»Ì ×ð´ §â·¤è Âýæâ´ç»·¤Ìæ, ©ÂØôç»Ìæ °ß´ ×ãˆßÂýçÌçÎÙ ÕÉ¸ ÚUãæ ãñÐ

âÚU·¤æÚU mæÚUæ §Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU ·Ô¤©ÂØô» ·¤ô ÕÉ¸æßæ çÎØæ Áæ ÚUãæ ãñÐ ’ØæÎæÌÚUÚUæ’Øô´ ×ð´ §Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU ·¤æ ©ÂØô»·¤ÚUÙæ ¥çÙßæØü ãô »Øæ ãñÐ×.Âý. âÚU·¤æÚU ·¤èMAP-IT çßÖæ» ·¤è ßðÕâæ§ÅU ÂÚU ÎèÁæÙ·¤æÚUè ·Ô¤ ¥ÙéâæÚU ×.Âý. ·Ô¤ âÖè âÚU·¤æÚUèçßÖæ»ô´ ×ð´ °ß´ ç·¤âè Öè ÅUð´ÇÚU ·Ô¤ ¥æòÙÜæ§Ù¥æßðÎÙ ×ð´ §Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU ·¤æ ©ÂØô»¥çÙßæØü ãUæð »Øæ ãñUÐ §´ÅUÚUÙðÅU ÂÚU ãôÙð ßæÜðÃØæßâæçØ·¤ ·¤æØü Áñâð- Õñ´ç·¤´», àææòçÂ´» ÌÍæ§Üñ�UÅþæçÙ·¤ ÎSÌæßðÁô´ ·Ô¤ ¥æÎæÙ ÂýÎæÙ ×ð´ Öè§Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU ·¤æ ©ÂØô» ãô ÚUãæ ãñÐ¥ÍæüÌ âÖè âÚU·¤æÚUè ÌÍæ çÙÁè ÿæð˜æô´ ×ð´ âÖèÁ»ã çÇçÁÅUÜ ãSÌæÿæÚU ·¤æ ©ÂØô» ãô ÚUãæ ãñÐ

çÇçÁÅUÜ ãSÌæÿæÚU ·¤æ ©ÂØô» ·¤ÚUÙð ·Ô¤ çÜ°·¤�ŒØêÅUÚU °ß´ §´ÅUÚUÙðÅU ·¤æ ™ææÙ ãôÙð ·Ô¤ âæÍ-âæÍ ãSÌæÿæÚU ·¤æ âãè ©ÂØô», Áôç¹× °ß´âæßÏæçÙØæ¡ ×æÜê× ãôÙæ ¥ˆØ´Ì ¥æßàØ·¤ ãñÐ

Üðç·¤Ù âæ§ÕÚU ¥ÂÚUæçÏØô´ mæÚUæ Ù·¤Üè§Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU Âý×æ‡æ Â˜æ ·¤æ ©ÂØô»·¤ÚU·Ô¤ Üô»ô´ ·¤ô Õðß·¤êÈ¤ ÕÙæ·¤ÚU ¥ÂÚUæÏ ·¤ÚUÙð·¤è ƒæÅUÙæ°¡ âæ×Ùð ¥æ ÚUãè ãñÐ âÚU·¤æÚU ·¤ôçÇçÁÅUÜ ãSÌæÿæÚU ·Ô¤ ©ÂØô» ·¤ô ÕÉæßæ ÎðÙð ·Ô¤âæÍ-âæÍ ÂêÚUè ÁæÙ·¤æÚUè, ©ÂØô» ·¤ÚUÙæ °ß´âéÚUÿææ çÙÎðüàæô´ ·¤è âãè âê¿Ùæ ©ÂØô» ·¤ÚUÙðßæÜô ·¤ô ÎðÙæ ¿æçã°Ð âæ§ÕÚU Üæò, §üU-·¤æò×âü,§üU-»ßÙðüâ, °ß´ §´UÅUÚUÙðÅU Èý¤æòÇU ·Ô¤ ¥ßðØÚUÙðâÂýô»ýæ× °ß´ ÅþðçÙ´», âÚU·¤æÚUè çßÖæ»ô´ ×ð´ ·¤ÚUßæÙð·¤è ÁM¤ÚUÌ ãñ ãæÜæ¡ç·¤ ç·¤âè Öè ÌÚUã ·¤æÙ·¤Üè §Üñ�UÅþæçÙ·¤ ãSÌæÿæÚU Âý×æ‡æ Â˜æ ÕÙæÙæ°ß´ ©ÂØô» ·¤ÚUÙæ, âãè Âý×æ‡æ Â˜æ ·¤æ »ÜÌ·¤æØôü ×ð´ ©ÂØô» ·¤ÚUÙæ ÌÍæ ßñŠØÌæ â×æ# ãUæðÁæÙð ÂÚU Øæ çÙÜ´çÕÌ Âý×æ‡æ Â˜æ ·¤æ ©ÂØô»·¤ÚUÙæ ·¤æÙêÙÙ ¥ÂÚUæÏ ãñÐ çÁâ·Ô¤ çÜ° âê¿ÙæÂýôôç»·¤è ¥çÏçÙØ× w®®} ·Ô¤ ¥´Ì»üÌ w âæÜ·¤è âÁæ Øæ Áé×æüÙæ ÎôÙô´ ·¤æ ÂýæßÏæÙ ãñÐ

fully thought out your password, no matterhow complex it is, if you type it on a keyboard,as we all must do, it is not a big challenge toa hacker.

information much easier than you think,and then he might just be able to get into youre-mail, computer, or online banking. After all,if he gets into one he'll probably get into all of


KNOW! BUT NO

RISKY PASSWORDn Your parents, partner, child, or pet's

name, possibly followed by a 0 or 1.n "password"n Your city, or college, football team name.n Date of birth - yours, your partner's or

your child's.n "god", "money", "love"n The last 4 digits of your social security

number.n 123 or 1234 or 123456, 654321etc.

BECOME A PASSWORD CRACKER

P assword is the first line of defenseagainst hackers. It's crucial to pickstrong passwords that are different for

each of your important accounts and it is agood practice to update your passwords regu-larly.

Sometimes user forgets the password. Theyneeds to recover their password but they don'tknow how. There are so many tricks and toolswhich can help you to recover your password,this known as cracking The process of recover-ing passwords from data that has been stored inor transmitted by a computer system and whofollow this known as cracker.

Password cracking can be done for severalreasons, but the most malicious reason is inorder to gain unauthorized access to a com-puter without the computer owner's awareness.This results in cybercrime such as stealing pass-words for the purpose of accessing personalinformation of someone, hack an account,banking information etc. Always remember onething that cracking is in order to gain unautho-rized access to a computer, this is an offence asper Indian law. Don't do the cracking in pranksand normal activity.

General approach follows by crackers. Itsounds like an interesting challengem, couldthey, use only free tools and the resources ofthe Internet, successfully.No matter how care-

GENERAL APPROACH OF CRACKERS.1. Find a set of passwords to crack2. Find a password cracker3. Find a set of high-quality wordlists and4. Get them all running on commodity laptophardware in order to5. Successfully crack at least one password

It is not a goodpractice to carckpassword for fun.It is a serias workdoing for specialpurpose. manytimes it happed inlife when it isneeded to crackpassword


KNOW! BUT NO

them.Statistically speaking that should probably

cover about 20% of you. But a perfect crackerdidn't get it yet it will probably only take a fewmore minutes before they do.

One of the simplest ways to gain access toyour information is through the use of a BruteForce Attack. Figuring out or guessing a pass-

word. There are programs that will try thou-sands of combinations of characters in a shortamount of time, also called the 'brute force'method

The average person uses weak passwords,and re-uses them on multiple different sites, soif one site is compromised, down come thehouse of cards.

With each major security breach over theyears, over millions of real-world passwordshave been provided to hackers with animmense database of compiled data, givingthem a broad picture about password behavior.This compiled information allows CRACK-ERS to program sophisticated software tocrunch through algorithms and immenseamounts of data, which leads to a reason.

What is an understatement. The fact is,passwords are becoming totally useless for sev-eral reasons. But first, it's important to knowHOW hackers get your password in the firstplace. The vast majority of the public don'thave a clue what is really happening out there.

Expert-ViewAlways keep in mind that cracking isunauthorized access to a computer, soit's an illegal activity and is an offenceunder Information Technology Act,2000. If anybody do this, then he shallbe punishable imprisonmeant for a termthree years. Don't do the cracking inpranks and normal activity.

ER. HAMID KHAN Software Consultant - CRISP

SURABHI GROUP


COVER STORY

STORY OF A GENIUSWell known name in worldAnkit Fadia (born 1985) isan Indian independent com-puter security consultantand author. Fadiaknown as anethical hacker,and has writtenseveral bookson the topicof computersecurity

Fadia came into limelight when he wroteUnofficial Guide to Ethical Hacking atthe age of 15, and made several hack-

ing claims, including working with intelligenceagencies against terrorists. Subsequently, hestarted offering computer security consultingservices, wrote more books, and became asought-after speaker in India. In the mid-2000s, he developed a certification program oncomputer security for corporations in alliancewith Reliance World.

EARLY LIFEHe was gifted a PC when he was 10.

He says he started taking an interest inhacking after a year of playing videogames. He later joined a BS degreeprogramme in Computer Science atStanford University.

At the age of 14, Fadia started awebsite hackingtruths.box.sk, whichhe says, acquired many readers,encouraging him to write a book.At the age of 15, his book on eth-ical hacking made him theyoungest author to be publishedby Macmillan, India The bookreceived favorable response inIndia, and made Fadia popu-lar in the country. at the ageof 16 he Trained variouspolice departments acrossIndia on cyber security andcyber crime investigation. at18 he Started his own certi-fication course on

Computer Security thathas trained more than25,000 people global-ly.at 23 he Started hisown show on MTV

called MTV What theHack! at 26 he Chosen as

a Global Shaper by the


COVER STORY

World Economic Forum.And now he is Widely recognized as a

Computer Security Expert. He is a bestsellingauthor who has written 14 books, deliveredmore than 1000 talks in 25 countries, receivednumerous awards, has trained more than25,000 people globally, offers scholarships &awards to students, advises corporates on cybersecurity issues and also studied at StanfordUniversity.

CAREERAfter his first book came in the limelight,

Fadia became sought-after among the corpo-rate clients in India as well as on the confer-ence speaking circuit. He wrote more books oncomputer security, and spoke at several semi-nars across schools and colleges in India.Healso started a consultancy out of Malaysia. Hehas done paid consulting to intelligence anddefence agencies. In addition, he started pro-viding his own computer security courses,including the "Ankit Fadia Certified EthicalHacker" programme in alliance with RelianceWorld.

In 2008, the IMT Ghaziabad Centre forDistance Learning signed an MoU with Fadiato organise its one-year Post-GraduateDiploma in Cyber Security.[18]

In 2009, Fadia was working in New York asan Internet security expert for "prestigiouscompanies".Fadia also endorsed the FlyingMachine jeans brand of Arvind Mills.

HACKING CLAIMSIn 2002, Fadia at the age of 13, he had

defaced the website of an Indian magazineSubsequently, he named the magazine as theIndian edition of CHIP magazine, and editorhad offered him a job when informed about thedefacement. In 2012, the Forbes India execu-tive editor Charles Assisi (who was editor ofCHIP India at the time of the supposed inci-dent), denied that such an incident ever tookplace after verifying with his predecessor andsuccessor at the magazine as well.

After the 9/11 attacks, "American investigat-ing agencies" ("U.S. Government" in oneinterview) invited him to decode an encrypted

message posted by Al-Qaeda. He has success-fully cracked the encryption.

In a 2002 interview published on rediff.com,Ankit Fadia stated that at the age of 16, hefoiled an attempt by the Kashmiri separatisthackers to deface an Indian website. He gath-ered information about the attackers, eaves-

dropped on their online chat using one of their iden-

tities, and then mailed the transcript to a US spy

organisation that had hired him.He did not divulge

the name of the organization he worked for, citing

security reasons. In 2003, he claimed to have infil-

trated a group of hackers and stated that the Pakistani

intelligence agencies were paying "Westerners" todeface Indian websites with anti-India or pro-Pakistan content.

AWARDS & RECOGNITIONSf One of eight people named MTV India's

Youth Icon of the Year (2008)f Global Ambassador for Cyber Security

(National Telecom Awards 2011,Government of India)

f Global Shaper (World Economic Forum)

Fadia has himself sponsored SingaporeManagement University's Ankit Fadia StudyAward, which consists of a $1,000 cash prizeand certificate that is annually awarded to "anoutstanding student" Information Security andTrust course under the Bachelor of Science(Information System Management) degree.

Source - Ankit fadia and wiki pedia


CYBER NEWS

As we are listeningdaily in news andreading in newspaper

about the internet bankingfraud which is very commonand a major heddle in internetbanking security and promo-tion of online banking & E-commerce. A credit card casecame in light in MP, butappreciable thing is that bankrepay to the customerwho was victimof this.

In Bhopal a creditcard fraud occurredand the victim wasMr. SubrahmanyamChavali who works asGeneral ManagerQuality in reputedPharma Company(i.e. Lupin Limited-Mandideep) andlives in SagerRoyal Homes - HoshangabadRoad - Bhopal (MP). Mr.Subrahmanyam has got a mes-sage on phone at 13-02-13 atbetween 21:10 to 21:20 hrs.He got details of transaction-sof rupees 210.91 made atMELISSA B PAINT COM-

PANY, rupees 58,289.40made at TOTAL STAY LIM-

ITED andTransaction of rupees8,273.46 made atEASYJET on 13-02-13. Upon receipt oftransaction messagesMr. Subrahmanyam

promptly tookaction against thefraudulent and

immediately above card wasblocked via SBI help line &requested not to disburse thepayment towards above dis-puted transactions.

On occurrence of fraudu-lent transection Mr.Subrahmanyam understandthe severity of problem andimmediately launched com-

plained in Cyber PoliceStation Bhopal under IPC act420 & IT act 66C, 66D forFIR and same informed toSBI via email service. As fur-ther course of action Mr.Subrahmanyam simultaneous-ly filled complaint in "BankingOmbudsmen" with respect tofraudulent transaction. On thebasis of customer vigilanceand firm response, SBI took itvery seriously and gave properreplies of victim's email andstart the investigation at theirend. To avoid follow-up forbill payment SBI immediatelygiven temporary credit offraudulent transactionamount. SBI done the inves-tigation and closed the disputeat bank end. Further tempo-rary credit was regularized andtreated as a permanent credit-into the account of credit cardholder. Demonstration ofappropriate legal knowledgeand timely action towards theproblem resulted into thefavour of customer.

To defeat the cyberfrauds like internetbanking, ATMbanking and otherbanking serviceetc.. It is importantto understand thecustomer service,aware about thetechnical thingsand precautionsregarding services,reporting fraudsand their duties bycustomer.

BANK REFUND MONEY CREDIT CARD FRAUD

SBI DEFEATS CYBER CRIMESBI took victim's complaint

very seriously and gave properreplies of victim's email andafter inside investigation of

this whole transaction processSBI refund the amount

Subrahmanyam Chavali


CHILD CARE

C yber crime is an Umbrella whichcovers various types of crimes. Thereis no age limit of people for become

victim or Criminal of cyber crime. The inter-net is providing a very attractive platform touser which has everything for every category ofperson and it changing the way of talking toeach other. Children's trust and confidence onthe Internet is increasing exponentialy that iswhy they use Internet for everything like fordoing homework, keeping in touch withfriends, chat rooms, instant messages, browsingthe pictures, music and games etc.

Now the education has reached up to veryadvanced level. Kids get the knowledge abouttechnology and internet; also use it from pri-mary level. Because of these things are veryattractive so children want to use it more andmore but they don't have sufficient knowledgeregarding this matter so sometime may be theycommit wrong.

The technology is growing in very highspeed and different types of devices are avail-able in the market at very low cost with lot offunctions. The software industries are provid-ing lots of software which are operated veryeasily and freely available on internet.

So with help these software and technologypeople use internet smartly with basic knowl-edge. Sometimes children use internet inwrong manner while they don't know that it isillegal or may be its crime.

According to Indian law, InformationTechnology Act, Indian penal code, defineserious punishment or sfine for each crimecommitted on internet.

Unfortunately, some of these children don'trealize that they are committing crimes until itis too late while they just use these applicationsfor enjoyment.

At the same time, cyber criminal or hackerstake advantages of children activity and moreuse of internet; first create friendship thanencourage him to do wrongs things.

CHILD SAFETYIN CYBER WORLD

Cyber criminal or hackers take advantages of children activity and theyencourage him to do wrongs things. also there is some other activities which

are unsafe for children.


CHILD CARE

There are some crimes where the childrenmay become victim:1. The first step in this process is finding a vic-tim. This can be done in a chat room or byreading blogs. The criminal will often look forsomething to share with the victim and makefriendship. Once they get confidence they per-form crime like record some objectionablemessage and obscene videos in live chat andthen distribute it further.2. Hackers also find children as victim inonline medium. After getting the victim theyprovide some hacking tools free on internetwith guidelines like how to use it. These typesof criminal find the children to make victim,encourage them to do inappropriate things oninternet and easily complete their task by usingchildren.3. Cyber Bullying is a special type of crimewhich is mostly observed nowadays; in cyberbullying children may be a victim or predator.We can say in simple words, when a child per-forms illegal activity like harassment, stalking,threaten against another child online. Both the

WRONG ACTIVITIESPERFORMS BY CHILDREN

1) Sending abusive and defamatory messagesonline or by mobile phone.

2) Watching obscene video.3) Create fake profile of friends (Mostly of

girls).4) Create obscene MMS and upload on inter-

net.5) Download obscene photographs or videos

and distributing among friends.6) Cyber Bullying.7) To harass someone by sending threatening

mails or call again and again by mobilephone.

8) To stalk someone online or by mobilephone.

9) To give the miss call by phone to otherrepeatedly.

10) Capture objectionable photograph bymobile phone or camera.

PARENTALCONTROLSFILTERING AND BLOCKING

This limits access to specific websites, words,or images.

BLOCKING OUTGOING CONTENTThis prevents your children from sharing per-

sonal information online and via email.

LIMITING TIMEThis allows parents to set time limits for how

long their children are online and the time ofday they can access the Internet.

MONITORING TOOLSThis alerts parents to their children's online

activity without blocking access and can beused with or without the child's knowledge.

Some software records websites a child has vis-ited, others display a warning message when a

child visits a certain website.

KEEP EYES ON INTERNET ACTIVITYPlace your computer in an area of your homewhere you can easily supervise your child's

Internet activity.

It is very important for parents to monitortheir children when they are using computer

and internet. Parental controls are available onmost Internet-enabled devices, like computers,Smartphones, tablets, gaming systems. When

enabling parental controls, use age-appropriatesettings to filter, monitor and block your child's

activities. As a parent, you should allow yourchildren to use technology for communications,

learning and more but be sure that your chil-dren use the Internet safely and securely.


CHILD CARE

victim and predator are children. For onemoment children become victim and anothermoment they become criminal. If any adultperson involve in this activity than it becomesimple crime. Adult cyber-harassment or cyberstalking is not cyber bullying.

From legal point of view, these all illegalactivities may performed by children againstanyone, or anyone performed against are crimeaccording to The Indian law. Law defines var-ious types of punishment for different crime.Like for: obscenity three year to five years, vio-lation of privacy three year imprisonments,Identity theft three years, sending offensive andabusive message by internet or phone mayextend to three year imprisonments. These alldefine in Information Technology Act.

Suggestions:To protect the children from cyber crime is

only awareness. Computer and internet userscan make them aware about the vulnerabilitiesit creates and can take further steps to reducetheir risks.

This is not only the responsibility of Parents,it also need the help of teachers, government,and industry to protect children in online envi-ronment. They should make policies, guide-lines and working hard to protect childrenonline. In case of children and internet, wealso need to think about protecting theInternet from children who may use it in awrong way.

Parents and teachers are very closed to chil-dren so its duty of them to guide the childrenfor proper use of internet in right way, awarethe children about misuse and bad activity ofinternet and periodically checking the activityof children like how they use internet, mobilephone, other technology.

Expert-ViewAs we know this is technical era, so nodoubt if there is a big generation gapbetween parents and children, new gen-eration is totally depend on technologyand digital gadgets. In these days chil-dren are not safe inside the home, evenin presence of parents. That’s not meanto keep them away from the technologyinstead of parent have to be beware andaware about cyber crimes and keep eyeson activities of children while they areon computer and mobile.

MRS. R. H. LATAMember of MP commissionfor protection of child’s right.


SOCIAL MEDIA - FACE

MAY BE THE

FUTURE OFCYBER CRIME

T he newly released InternetThreat Trends Report shows thatFacebook is still the most com-

mon place that web users are targeted bycyber crimals. Officials from CommTouch,who authored the report, said that this maybe because the website fosters personalconnections, which makes some usersunaware that they may be targeted by crim-inals.

Additionally, the report states that theuse of malware, or malicious software, onFacebook has also grown. This year, theresearchers found that one of the mostcommon techniques for spreading malwarewas through a program that promisedFacebook users that they could see whowas viewing their profile if they clicked on

a link.Another scam that cyber criminals used

this year was sending Facebook users mes-sages that said their their accounts wereshut down and prompting them to click ona link in order to revive their pages, eWeekreports. When people do so, the link down-loads a virtual worm on their computers,which essentially hijacks their Facebookaccounts.

People who click on this link are not ableto access their Facebook pages until theycomplete a questionnaire that asks for acellphone number, the news source states.When individuals complete this form, theirmobile phones will be charged a fee everyweek.


SOCIAL MEDIA - FACE

BE CAREFULL

m Not share your password with others.m Make your password unique to your life andnot something that is easily guessed.

m Have a different password for each onlineaccount.

m Write down your password and store it in asafe place away from your computer.

m Change your password several times a year.

SECURE YOUR PASSWORDS

When creating a password,make sure it is long and

strong, with a minimum ofeight characters and a mixof upper and lowercase

letters, numbers and sym-bols like @, &, # etc.

TWO STEP VERIFICATIONFor authentication it uses a username and password andanother form of identification, often times a security code.This type of security available in gmail service when youenter username and password it sends a security code onyour mobile phone through SMS. We can only login after

entering that security code.


SOCIAL MEDIA - FACE

FACEBOOKCONFESSION

PAGE

Expert-View


IT PATRA

PROMOTERS OF E-GOVERNANCE IN

MADHYA PRADESHI

ndia has yet to reap the benefits of IT asfar as e-Governance is concerned. The e-Governance statistics in the Indian con-

text are disappointing. Some other bad newsregarding IT services survey and provide byNASSCOM. The Nasscom report on informa-tion technology on the economy of India high-lights that India has a low level of IT invest-ment and minimal dispersal of IT capitalamong 30 countries evaluated.

In this knowledge and E-based economy,information is key. Technology can act as acatalyst in cat-egories such asg o v e r n anc e ,health, educa-tion and learn-ing, inclusion,infrastructure,travel andtourism, envi-ronment, com-munity broad-

GOVERNMENT REVIEW "The central government has mandated that 3per cent of the total budget allocation perdepartment must be spent on e-Governance.Sadly, a lot of money is returned unspent atthe end of the fiscal year." -

INDUSTRIAL REVIEWTata Consultancy Services (TCS), says, "Atthe end of its five-year tenure, the governmentat the centre had accomplished only two outof 26 mission-mode (the highest priority rat-ing assigned by the Indian government) pro-jects." -

Madhya Pradesh has reached at top in pro-motion and implementation of IT and e-gov-

ernance services. MP got so many awards inthe field of information technology. The stategovernment starts so many e-governance pro-jects such as MP Online some of these are forconsumers, students, government services, jobrecruitments and others.,

The state government established specialorganizations and made tie-up with privatecompanies to provide, control and manage ITservices in MP. Principal columns of MadhyaPradesh to run the E - governance projectssmoothly are MAP-IT, NIC, CRISP, MP-Online, these organization play a major role tomanage and take initiatives to implement newIT projects.

casting, entertainment, agriculture and liveli-hood, localization, news and media, scienceand business and enterprise.

To read more visit- http://www.mapit.gov.in/

AWARDS FOR EXCELLENCEIN E-GOVERNANCE FOR MP GOVERNMENT"IT Awards 2011-2012IT Awards 2007-2008IT Awards 2006-2007Govt. MP-NASSCOMCSI event 10th National e - Governance Conference


IT PATRA

E-U PARjAn PRojECT-[Department of Food, Civil Supplies& Consumer Protection] ? The BestIT for Masses Project Implementedby State Government Department/Agency [Winner]

I-ASHRYA -Integrated Automation System forHousing in Rural Areas Yojana[Madhya Pradesh Rural Road &Housing Authority] - The BestApplication Software Developed &Implemented in Madhya Pradesh[Winner]

GEoSEARCH -Geomatics?based Application enabledSearch in Madhya Pradesh ? TheBest use of GIS in bringinge?Governance Solutions in MadhyaPradesh [Joint Winner]

GEoFoREST -Geomatics?based Forest Mapping forentire Madhya Pradesh ? The Bestuse of GIS in bringing e?GovernanceSolutions in Madhya Pradesh [JointWinner]

on -LIn E REvEn U ERECovERY CERTIFICATE(RRC)Web?enabled BRISC SoftwareApplication [Directorate ofInstitutional Finance, FinanceDepartment, Government of MadhyaPradesh] ? Certificate ofAppreciation under Category 'TheBest Application Software devel-oped and implemented in MadhyaPradesh

jAn MITRA SAMAD HAnKEn D RA [D istrict Administration,Gwalior] - Certificate of Appreciation underCategory "The Best IT forMasses Project implemented by StateGovernment Department Agency"

U n IqU E ID En TIFICATIon (U ID )To develop and implement the nec-essary institutional, technical andlegal infrastructure to issue uniqueidentity numbers to Indian residents.

GOVERNMENT PROJECTSPrincipal columns of Madhya Pradesh

MAP-ITMAP-IT is an organization of state government forPromotion of Information Technology is the society pro-moted by state Government. The goal of MAP-IT is topropel the growth of Information Technology (IT) inMadhya Pradesh and implementation of the State ITAction Plan for socio- economic development of the stateAnd To coordinate with all the GovernmentDepartments/agencies for sectoral and cross-sectoral pro-motion and use of IT in Government and prescribe guide-lines to enable smooth and widespread induction of IT.

On Going e-Initiatives of Madhya Pradesh

State e-Governance Mission Team (SeMT)MAP_IT has appointed consultants from Wipro ConsultingServices for assisting department in implementation ofNeGP under State e-Governance Mission Team.

MP eD istricte-District has been envisaged by Government of MadhyaPradesh (GoMP) as automation of workflow and internalprocesses of District Administration with the possibility ofseamless integration of various departments for providingservices to the citizens.

E-ProcurementAs part of its e-Governance plan for the State of MadhyaPradesh, MAP_IT has initiated project of e-Tendering tobe implemented across all the Government Departmentand Statue PSUs in MP.

Food and Civil SuppliesThe Department of Food, Civil Supplies and ConsumerProtection, Government of Madhya Pradesh ensures sup-ply at all corners of Madhya Pradesh. The function of thedepartment is to implement the Public DistributionScheme through proper monitoring and policy making.

MP TourismMPSTDC desires for leveraging IT efficiently for meetingthe objectives and business needs of MP Tourism.

Town & Country PlanningTo develop GIS database for the State of Madhya Pradeshand deploy a customized Web GIS application for distri-bution of GIS data to support their decision making pro-cesses and issuance of digitally signed certificates online.


IT PATRA

IT InitiativesTraining & CapacityBuilding E-Readiness oftatesSoftware Tech. Parksof India IT Parks in M.P

The following are pre-requisites for effective e-Governance servicedelivery. m Development of applica-tions of various govern-ment departments alongwith back end computeri-zation.

m Service delivery platformfor citizens (CommonService Centers).

m Reliable communicationnetwork for providing con-nectivity between servicedelivery outlets and gov-ernment departments(State Wide AreaNetwork).

m State level data centre fordata warehousing and host-ing of application software.

Techno-Legal InitiativesRight to InformationIT Policy of MPIndustrial PolicyIndustrial Promotion PolicyBroadband PolicyPolicy framework for.in Domain NameWebsite DevelopmentGuidelines

MP online

MPonline seeks to encourage new initiatives using informa-tion and communicationstechnology for social devel-opment. The main goal ofMPonline is to provide gov-ernment services at thedoorsteps of citizen and busi-nesses.

Partnering the Indian gov-ernment in e-Governanceprojects, TCS is helping tobring transparency and effi-ciency into the system.

"MPOnline is a One Stop Window integrated withGovernment departments providing a plethora of Academic,Recruitment, Online Counseling, Online AssessmentExaminations and B2C Services". The MPonline is joint pro-ject of MP government and TCS (TATA consultancy ser-vices).

CRISP

CRISP provides the ITservices for MP government.CRISP prides itself in provid-ing complete, integrated ITsolutions, with a high level oftechnical expertise and expe-rience. CRISP manage somany websites and portalssuch as jansampark, MAP-ITetc. of MP government.

The CRISP also play major role in education system ofMP. It converts the education system to e-education. Itmaintains the educational web portal of big institutes likeNutan College, RGTV. The web portal Rajiv Gandhi techni-cal university is a big project. Which control and mange theuniversity work online such as fee submission, form filling,online transaction, send the information to students, collegemanagement etc, apart from that it manage the student loginaccount.

A CEn TRE oF ExCELLEn CEThe CRISP become a centre of excellence to promoting

the IT services in MP. The CRISP is one of the companieswho support the Madhya Pradesh implementing e-Services indifferent area website implementation and management,

CITIZEN SERVICES of

MPonlinen Applicationn Bill Paymentn Counselingn Municipal Corp.n Online Assessmentn Reservationn Universityn Online Exam conduction

CRISP services n Commercen E - Learningn Data Digitizationn Infrastructure Service

Providern Manpower Monitoring

Solutionsn Software Applications


IT PATRA

database management, online education portal management etc. It's a leading centre of excel-lence for management training, education and research, the CRISP offers programmes to aspir-ing professionals pursuing a prosperous career in business and management.

National Information Center

NIC provides the infrastructure for network and e-gover-nance services. It is providing e-Government / e-Governance Solutions adopting best practices, integratedservices and global solutions in Government Sector. NICis playing role as backbone to implement the e-Governance and IT Services and support to StateGovernments. The basic requirement of an online pro-ject/service are web portal as platform, web space forhosting and publishing, network to spread it, domain toidentify, security to protect the service from unwantedthreats etc. the NIC fulfill all these requirements.All thewebsites and portals of government are host and manageby NIC. For the security of project NIC published theguidelines like before hosting of website auditing is com-pulsory.

The following major activities are being undertaken:n Setting up of ICT Infrastructuren Implementation of National and

State Level e-Governance Projectsn Products and Servicesn Consultancy to the government

departmentsn Research and Developmentn Capacity Building


CYBER GUIDE

Social network-ing sites ontop to use of

internet and it alsohot news topic formedia nowadays. Asthe world starts get-ting connectedonline, exceptfew people for allit became main communica-tion medium, it became newplace where people hangoutfor hours and share almosteverything of their life.Unknown person may becomefriend and just acquaintancemay become close friends, butaccept every friend requestonline can make you victimand put you in trouble.

Girls should be more awareon cyber space; the biggestmistake girls make on socialnetworking site is that they donot apply rules of real world.In real world you need refer-ence point for friendship withsomeone but in virtual worldalmost every friendrequestaccepted and then you

became an open book forunknown, even some girlspublically publish their phoneno. and email id too, that canbe misused. Some childrentake it as a competition tomake more friends on socialnetworking sites which putthem into trouble. Some

Students often usesocial networking sitesas mudslinging festsand they also madefake profile for postinsulting comment,you may defame

someone by yoursimple comment, some of them

share very personal things

about them and home, sothese type of activities alwaysin the surveillance of crimi-nals.

Defamation on social net-working sites damage morethan other online activity andmobile phone because it ispublicly defamation aroundthe world.

If you have not managedyour profile and use securityfeatures of networking sitesand add any unknown's friendrequest so you are easy targetof criminals in online worldand they can get your infor-mation and stalking you invirtual and real world, alsomisuse girls pics with badintention.

Technology attracts every-one and now it is basic needof us. But without knowingthe law which is forcyberspace use of technologymay harmful you. Sometimespeople knowingly andunknowingly target girls onsocial networking sites in thistype of case the person andgirl or child both are notaware about legal aspects andmay became victim or culpritof cyber crime.

To protect you online thereare legal provisions in IPCand IT act after that you needto be beware and aware.

ONLINEPERSONALITY SCAM

STAYING SAFE ONLINEm list your phone number on

social networking sites.m Tweak your online privacy set-

tings so that your photos areviewed only those whom youallow

m Too personal and intimate pho-tos should not be uploadedonline as they can be misused

m Never accept friend requestfrom total strangers.

m Immediately approach thepolice if you are being harassedor are offended by any onethrough phone calls or online.

"You may become easy target by accepting every friend request on socialnetworking sites."

Er. Ankit Choubey


CELEBRITIES & DIGITAL ERA

I nternet and social networking sites pro-vide a good platform to celebrity andtheir fans to connect each other, before

the internet and social networking sites likeFacebook and twitter, life of stars and celebri-ty were much mysterious. Fans always want toknow about every aspect of their superstar'slife, how they live, how they celebrate andwhat they do on weekends, what they think onany issue. Other hand celebrities also wantshare their activities but unfortunately they hadto depend on media and magazines, but thematter provides by media and magazines asinterviews are not sufficient to satisfy fanscuriosity and celebs also has a fear about mediathat they may publish their interviews with lotsof manipulation for increase their rating.

Some celebrities use social networks to pro-mote a project they are involved in, which is aclever self-promotion strategy; others alsoshare their personal opinions. This gives fansand followers a chance to read what a celebri-ty has to say about a certain topic, event in hisor her own life or about something importanthappening in the world. Before social net-works, celebrities seemed unreachable anduntouchable. Social media provide celebritieswith platforms to interact and connect withpeople all over the world.

But now most common ques-tion is from the fans: Where can Ifind my favorite celebrities officialTwitter page? How do I knowwhich of the Twitter pages is thereal Twitter page for my favoritecelebrity?

Facebook has started chargingUK users up to £11 to send mes-sages to celebrities such asOlympic diver Tom Daley and

others outside their circle of friends. It costs astandard 71p to contact less well-known fig-ures, such as BBC's Robert Peston or PrinceHarry's girlfriend Cressida Bonas, who do nothave an official army of fans or followers, inthe UK test scheme the firm has just launched.

The popularity of any celebrity in real lifeand in internet has world of difference, topIndian celebs on Twitter are in order AmitabhBachchan, Shahrukh Khan Salman KhanPriyanka Chopra Amir Khan and SachinTendulkar. In list Amitabh Bachchan andPriyanka Chopara are most active celebs inIndia on social networking sites.

Top celebrities on Facebook in world areRihanna, Eminem, Shakira,Michael Jackson, Lady Gaga,Cristiano Ronaldo, Justin Bieber,Linkin Park, AKON, Messi at12th, Obama at 27th, A.R.Rahman at 97th, Tendulkar at120th, Amir khan at 178th,Amitabh Bachchan at 241th andPriyanka Chopra at 249th.Find yourfavourite stars on

www.fanpagelist.com &

www.indiancelebsontwitter.com

SUPERSTARSACTIVE ON SOCIAL NETWORKING SITES. WHY?

ALL IT WORKS IN FUTURE WILL BE DONE ON CLOUD COMPUTING TECHNOLOGY ...

Cloud comput-ing is need offuture as therewill be morepressure onthe DataCenters,IDCprojects thatmore than 2.5billions users willconnect to theInternet over the next5 years,with more than10billion devices. Intelhas estimated that thiswill require 8 times theamount of storagecapacity, 16 times thenetwork capacity,andmore than 20 times thecurrent compute capaci-ty by 2015.

The VirtualData Centers

Madhur Malhotra


TECH-NEW-LOGY


TECH-NEW-LOGY

Today, if we need todefine Informationtechnology, it can be

summed up in two shortwords, just "Exchanging

D A T A " .T h i s

underlying fact governs the ITindustry where Data justchanges the format however,the process remainsunchanged "Data Exchange".In the era of digitization, theprimary focus of IT industry isto provide competitive advan-tage to its clients by streamlin-ing the data exchange process.Thereby the client's acumenremains on its core compe-tence rather than on secondaryattributes. Therefore this has

given rise to justification ofexpenses occurred for this dig-itization, ranging from veryhigh capital expense (CAPEX)to balancing residual opera-tional expenses (OPEX). Inlast few decades the IT giantshave made Billions & TrillionsDollar profits just by exploit-ing this imbalance betweenCAPEX vs. OPEX.

Therefore, to strike equi-librium between expensesand returns, led to a new

c o m p u t i n gmethodology

i.e., Cloud Computing.

Cloud Computing Modelhas quite a similar analogy tothe way we daily lead our Life.

For example for lightingyour room with bulb, yourequire electricity hence thequestion arises here is "do youput up a power house in yourhome to generate electricity?"or do you just grab services ofa electricity vendor to provideyou with required amount ofelectricity and you pay as per

your usage.With strikingly similar func-

tionality Cloud Computing is"facilitation of informationtechnology as a Servicethrough internet". This con-cept has its root been pro-posed by Mr. John McCarthyin year 1960, where he said"Computation may somedaybe organized as publicutility".This philosophy holds its truevalue today where the Cloudincloud computing providesthe means through whicheverything-from o Computing power to

computing infrastructure,o Applications, o Business processes or per-

sonal collaborationcan bedelivered to you as serviceubiquitously i.e. Wherever

a n d

whenever!!Subsequently, there is a

paradigm shift from traditionalnetworking models to moreoptimized virtualization tech-nologies, leading to the adventof cloud where we efficiently

MAIN ATTRIBUTES OFCLOUD COMPUTING

m On-demand self servicem Ubiquitous network accessm Location independence and

homogeneitym Elastically scalable m Measured service


TECH-NEW-LOGY

& effectively utilize theresources to produce maxi-mized results.

If we get back to the histo-ry it reveals a similar shifthappened, in how businessesutilized Power (electricity)? Inlate 1890's every factory had abig smoke generating fuel con-suming power generators,which were then stroked &serviced by suited boiler men'sto produce required amount ofelectricity. Everything wentwell till the time generatorsproduced Electricity, on thecontrary most of the time itfailed; this resulted in poweroutages which stopped all thework!

Therefore around 1990's inChicago, Edison PowerCompany put their first tur-bine station which generatedand distributed large scalepower (electricity) toBusinesses. Consequently, thisprovided cheaper, more reli-able and cleaner power tobusinesses than any smokebased generator. This shift

was adopted by many organi-zation and they utilizedrequired amount of power(Electricity) by simply plug-ging into the wall. Now canwe imagine taking electricityany other way?

A similar shift is happeningin IT industry , where organi-zations no longer need to buy,built or maintain expensivesoftware's, hardware's or plat-form's, rather they can take theservices of a specializedCloud Service Provider (CSP)to have affordable, more reli-able and secured IT basedfacilities. That's why these daysall the online application andweb based programs aredeployed through Cloud, tomake it more accessible wher-ever and on which ever devicea client uses. In reference toIT these services could be cat-egorized primarily into threeparts IAAS, PAAS and SAASIAAS (Infrastructure as aService) provides hardware,storage, servers and data centerspace or network components

through Virtualization.PAAS (Platform as a Service)provide the development envi-ronment on which cloud basedapplications could be devel-oped.SAAS (Software as a Service)provides methodology throughwhich Software's orApplications with its function-ality could be delivered toclients through Internet.

To recapitulate, there is aparadigm shift from tradition-al to more optimized cloudenvironment and the industri-al giants have predicted thatthere would be a requirementof more than 3 million cloudexperts by 2015. Thereforethink Ahead & Learn Cloud!!

Limitless FlexibilityWith access to millions of differ-ent databases, and the ability tocombine them into customized

services.

Better Reliability and Securityusers no longer need to worryabout their hardware failure, or

hardware being stolen.

Enhanced CollaborationBy enabling online sharing of

information and applications, thecloud offers users new ways of

working together.

PortabilityUsers can access their data from

anywhere.

Simpler devices

With data stored and processed inthe cloud, users simply need aninterface to access and use this

data, play games, etc.

Unlimited Storage

Access to lightning quick process-ing power.

FACILITY


CYBER-SECURITY

GLOBAL shifts towards increased deploy-ment of IT by governments emerged inthe nineties, with the advent of the

World Wide Web. The technology as well as e-governance initiatives have come a long waysince then. With theincrease in Internet andmobile connections, thecitizens are learning toexploit their new mode ofaccess in wide rangingways. They have startedexpecting more and more information and ser-vices online from governments and corporateorganizations to further their civic, professionaland personal lives, thus creating abundant evi-dence that the new “e-citizenship” is takinghold. While the emphasis has been primarily onautomation and computerization, state govern-

ments have also endeavored to use ICT tools intoconnectivity, networking, setting up systems forprocessing information and delivering services.At a micro level, this has ranged from ITautomation in individual departments, electronic

file handling and workflowsystems, access to entitle-ments, public grievance sys-tems, service delivery forhigh volume routine trans-actions such as payment ofbills, tax dues to meeting

poverty alleviation goals through the promotionof entrepreneurial models and provision of mar-ket information. The thrust has varied across ini-tiatives, with some focusing on enabling the cit-izen-state interface for various government ser-vices, and others focusing on bettering liveli-hoods. Every state government has taken the ini-

CYBER SECURITY IN E-GOVERNANCE

Dr. Shailendra Singh Member, IEEE USA, Professor & Head,

Department of Computer Engineering &Applications, National Institute of Technical

Teachers Training and Research, Bhopal

A variety of technologies have been developed to help organizations secure theirsystems and information against intruders. These technologies help protect sys-tems and information against attacks, detect unusual or suspicious activities, and

respond to events that affect Security.


CYBER-SECURITY

tiative to form an IT task force to outline IT pol-icy document for the state and the citizen char-ters have started appearing on government web-sites.

The term e-government is of recent origin andthere exists no standard definition since the con-ceptual understanding is still evolving. The gen-erally accepted definition is: E-governance is theapplication of information & communicationtechnologies to transform the efficiency, effec-tiveness, transparency and accountability ofinformational and transactional exchanges within government, between government and gov-ernment agencies of National, State, Municipaland Local levels, citizen & businesses and toempower citizens through access and use ofinformation. "e-government" or electronic gov-ernment refers to the use of Information andCommunication Technologies (ICTs) by govern-ment agencies for any or all of the following rea-sons:n Speedier and more efficient delivery of public

servicesn Improving internal efficiencyn Exchange of information with citizens, busi-

nesses or other government departmentsn Reducing costs or increasing revenuen Re-structuring of administrative processes

SECURITY TECHNOLOGYA variety of technologies have been devel-

oped to help organizations secure their systemsand information against intruders. These tech-nologies help protect systems and informationagainst attacks, detect unusual or suspiciousactivities, and respond to events that affectSecurity.

A. Operational TechnologyIntruders actively seek ways to access net-

works and hosts. Armed with knowledge aboutspecific vulnerabilities, social engineering tech-niques, and tools to automate information gath-ering and systems infiltration, intruders can oftengain entry into systems with disconcerting ease.System administrators face the dilemma of max-imizing the availability of system services to validusers while minimizing the susceptibility of com-plex network infrastructures to attack.Unfortunately, services often depend on thesame characteristics of systems and network pro-tocols that make them susceptible to compromiseby intruders. In response, technologies haveevolved to reduce the impact of such threats. No

single technology addresses all the problems.Nevertheless, organizations can significantlyimprove their resistance to attack by carefullypreparing and strategically deploying personneland operational technologies. Data resources andassets can be protected, suspicious activity can bedetected and assessed, and appropriate responsescan be made to security events as they occur.

B. One-Time PasswordsIntruders often install packet sniffers to cap-

ture passwords as they traverse networks duringremote log in processes. Therefore, all passwordsshould at least be encrypted as they traverse net-works. A better solution is to use one-time pass-words because there are times when a passwordis required to initiate a connection before confi-dentiality can be protected. One common exam-ple occurs in remote dial-up connections.Remote users, such as those traveling on busi-ness, dial in to their organization's modem poolto access network and data resources. To identi-fy and authenticate themselves to the dial-upserver, they must enter a user ID and password.Because this initial exchange between the userand server may be monitored by intruders, it isessential that the passwords arc not reusable. Inother words, intruders should not be able to gainaccess by masquerading as a legitimate user usinga password they have captured.

C. CryptographySometimes it becomes necessary to encrypt

the message sent, with the goal of preventing anyone who is eavesdropping on the channel frombeing able to read the contents of the messages.One of the primary reasons that intruders can besuccessful is that most of the information theyacquire from a system is in a form that they canread and comprehend. As millions of electronicmessages that traverse the Internet each day, it iseasy to see how a well-placed network sniffermight capture a wealth of information that userswould not like to have disclosed to unintendedreaders. Intruders may reveal the information toothers, modify it to misrepresent an individual ororganization, or use it to launch an attack. Onesolution to this problem is, through the use ofcryptography, to prevent intruders from beingable to use the information that they capture.

Encryption is the process of translating infor-mation from its original form (called plain text)into an encoded, incomprehensible form (calledcipher text). Decryption refers to the process of


CYBER-SECURITY

taking cipher text and translating it back intoplaintext. Any type of data may be encrypted,including digitized images and sounds. Theauthenticity of data can be protected in a similarway. digital signatures are formed by encryptinga combination of a checksum of the informationand the author’s unique private key. A side effectof such authentication is the concept of non-repudiation. A person who places their crypto-graphic digital signature on an electronic docu-ment cannot later claim that they did not sign it,since in theory they are the only one who couldhave created the correct signature.D. Firewalls

A firewall is a set of related programs, locatedat a network gateway server that protects theresources of a private network from users fromother networks. (The term also implies the secu-rity policy that is used with the programs.) Anenterprise with an intranet that allows its work-ers access to the wider Internet installs a firewall

to prevent outsiders from accessing its own pri-vate data resources and for controlling what out-side resources its own users have access to. Itspurpose is to eliminate from the stream thosepackets or requests that fail to meet the securitycriteria established by the organization. A simplefirewall may consist of a filtering router, config-ured to discard packets that arrive from unau-thorized addresses or that represent attempts toconnect to unauthorized service ports. Moresophisticated implementations may include bas-tion hosts, on which proxy mechanisms operate

on behalf of services. These mechanisms authen-ticate requests, verify their form and content,and relay approved service requests to the appro-priate service hosts. Because firewalls are typical-ly the first line of defense against intruders, theirconfiguration must be carefully implemented andtested before connections are established betweeninternal networks and the Internet.

E. Analysis toolsThere is strong need for analysis tool because

of the increasing sophistication of intruder meth-ods and the vulnerabilities present in commonlyused applications, it is essential to assess period-ically network susceptibility to compromise. Avariety of vulnerability identification tools areavailable, which have garnered both praise andcriticism. System administrators find these toolsuseful in identifying weaknesses in their systems.Critics argue that such tools, especially thosefreely available to the Internet community, posea threat if acquired and misused by intruders.

F. Monitoring toolsContinuous monitoring of network activity is

required if a site is to maintain confidence in thesecurity of its network and data resources.Network monitors may be installed at strategiclocations to collect and examine informationcontinuously that may indicate suspicious activi-ty. It is possible to have automatic notificationsalert system administrators when the monitordetects anomalous readings, such as a burst ofactivity that may indicate a denial-of-serviceattempt.

Such notifications may use a variety of chan-nels, including electronic mail and mobile pag-ing. Sophisticated systems capable of reacting toquestionable network activity may be implement-ed to disconnect and block suspect connections,limit or disable affected services, isolate affectedsystems, and collect evidence for subsequentanalysis.

Understanding of security issues and develop-ing a security perception based on perceivedthreat profile is important to articulation of asecurity policy. To translate policy in to a pro-gram of action and development of securityinfrastructure in line with the development ofoverall IT infrastructure has to be an integral partof e-governance enterprise architecture. Theissues underlined and cost benefit tradeoffs haveto be analyzed while proposing and implement-ing a solution.


CYBER - THREATS

With the increasing trend of suchcrimes, telecom operators all over theworld, government, regulators have

put their attention to curb these menaces. But onthe other hand, it is true that such governmentsas well as private organizations who are engagedin economic warfare have started the practice ofespionage and warfare using internet termed asCyber Warfare.

Recently, one company Huawai was foundengaged in hiking or disturbing mobile exchangeof Bharat Sanchar Nigam Limited (BSNL) atBangalore. This is very serious. This isonly a trailer and puts question mark onthe ability and practices of security agen-cies in Indian context. We may askwhether "Are the Indian security agen-cies watching?"

Legal agencies of the countries as wellas international are attempting to bookculprits for their actions wheninternational with internationalcriminal court also among thefew which are addressing thethreat

The cyber counter measure, thus, thereforebecomes necessary. Many such cyber counter-measures are available which can be used to pro-tect organizations against such cyber crimes.

TYPES OF THREATS.

MALICIOUS CODEThis is a category which engulfs many such

treats to cyber world, it can be software, hard-ware or firmware which is intentionally insertedinto the system for disturbing the functioning.We may call it "Malware" which includes com-puter viruses, worms, Trojan Horses, key loggers,root kits, BOTs, etc. It also includes spywarewhich are installed without any authority. These

are able to track activities withoutowner's consent. They sent pop-upswhich are naturally unwanted. They cantake control of internet.

NETWORKS ATTACKS:As described earlier on 12th July

2013, Huawai, a Chinese Telecom.company supplier attacks BSNL'sMobile exchange called BSC locat-ed at Andhra Pradesh from aremote location in Chennai

through internet. It crashed BSC's software. Oninvestigation it was found that internet ProtocolAddress (IP Address) which was used tolaunched the attack was originated fromHuawai's office in Chennai. Therefore,Cybercrime takes very remote locations as a real-ity. Such network attacks are to disrupt, deny,degrade, disturbed, stopped the computer activi-ties and networks. The network attacks and takein form like fabrication interception, interrup-tion, modification, holding activity, such inter-ruption are / result in breaking of communica-tion channels and stop transmission of data.

NETWORK ABUSENetwork abuse are normally fraudulent activ-

ities which are done with the help of computer

CYBER CRIME &COUNTERMEASURES

Cyber crime is a crime that involves use of Computer and the Internet network. Cybercrimes are increasing day by day and now a new term "NETCRIME' has come into pic-

ture, which refers to criminal use of Internet.

Mr. Mahesh Shukla I.T.S. Sr.GMTD BSNL, Bhopal


CYBER - THREATS

and SPAM is one of the most common form, inwhich unsolicited advertisement, emails are sentwhich are really unwanted to users of internet.Many times, phishing attacks are carried out toget sensitive information like identification pass-word, user name, etc. by possession as trust wor-thy person. Many times we have received anemail which is a phishing email in which we areinformed that we have won a lottery. Many timeswe are informed by phishing email that in orderto claim lottery amount, we have to deposit somuch amount in particular account. Email are sonicely worded as if they are coming from somegovernment officials or bank, possessing as gen-uine customer.

CYBER CRIMS COUNTER-MEASURES.

TECHNICALFirewalls and access control lists are often

used to check the services and internet trafficbefore a long access into our computer network.Similarly, internet viruses/hot fixes andHeuristics are used for file analysis and file emu-lation to remove malwares. The definition ofviruses should be regularly upgraded and patches/ service bags should be installed regularly to getnetwork secure. Many times cryptography is usedto crypt the information using programmes /algorithms to mask the information. Tunneling isone such method. In internet there are manyprotocols like internet protocols (IP), SecureSocket Layer (SSL), Transport Layer Security(TLS), Layer to Tunneling Protocol (L2TP),Point to Point Tunneling Protocol (PPTP),Internet Protocol Security (IPSEC) which areused to ensure data security. These are all tech-

nical methods. For Encryption, often used pro-tocols are data encryption standard. Networksare tested for vulnerability to such attacks.

ECONOMIC COUNTER MEASURE :The economic balance between crime perpe-

trators and counter measure providers is vitalbecause the economic incentive to each of themwill determine the degree to which each of themcan woo. The decision of the providers is basedon the economic pay off and the cost of suchsecurity whereas the perpetrators "S" decision isbased on the economic gain from such crime andthe cost of doing such crime.

Therefore, higher the ratio of Public to providebenefit, stronger is the case for enactment of newpublic policies and to realign economic incentivefor all participants to fight Cyber crimes.

BEHAVIORAL COUNTER MEASURES They are also effective tools for fighting Cyber

crimes. Public awareness companies to educatethe public have served vital purpose. The businesshouses are also using IT tools & are contactingtheir employees on the important use of electron-ic security measures, such as strong passwords,loading patches, identifying phishing attacks andmalicious codes etc. The banks and financialhouses have started asking the verification ofdata, so that cyber crimes perpetrators may noteasily commit the crime, based information isbeing re-checked. As they have informed exposedto such knowledge while using internet. Infect,such engines like Google & Yahoo are beingaccessed by millions of users at any given point oftime and therefore malwares / measure gates canbe easily slipped into such highly used servers.


CYBER-ROJGAR

Shyam Singh ThakurInternational IPRs

cyber affairs

Documents