cyber crime in india.docx
TRANSCRIPT
AInformation Technology Act Report OnCYBER CRIME IN INDIASubmitted in partial fulfillment for the award of the Degree ofBachelor of Technology(Rajasthan Technical University, Kota)InComputer Science Engineering
Session: 2012-2013
Submitted To: Submitted by:Mr. Tushar Upadhyay Anand Gupta (C.S. Department) Computer Science Engineering Roll no. 09EMUCS001
Department of Computer Science EngineeringMaharaja College of Engineering, UdaipurRajasthan Technical University
ACKNOWLEDGMENTThe world we are in today is all about Information Technology (IT) because we are in the age of Information Technology and the people with the right information, with proper way of disseminate this information and processing them is considered as the most successful. Information technology is the transfer of information using telecommunication and micro-based computer system. Nowadays, the computer has replaced manual records, and the fraudulent input document has been substituted by manipulating data held in a computer system. This manipulation does not need to be sophisticated. Computers have become the mainstay of business and government processes. Business has been using them for years and in most countries, there are drives towards electronic or joined up government. This is to allow the people to access government services from their desktop in their own home.Cyber crime is emerging as a serious threat. World wide governments, police departments and intelligence units have started to react. Initiatives to curb cross border cyber threats are taking shape. Indian police has initiated special cyber cells across the country and have started educating the personnel. This article is an attempt to provide a glimpse on cyber crime in India.
TABLE OF CONTENT
Sr. NoCONTENTPAGE NO.
1Introduction1
2Cyber space-cyber crime7
3Traditional crime-cyber crime8
4Cyber crime variants8
5Vulnerability11
6Indian cyber scene11
7Global antimalware market13
8Anti cyber crime variants14
9Cyber policy16
10Cyber laws of Indian19
11Conclusion25
12References26
1. INTRODUCTIONCrime committed using a computer and the internet to steal a person's identity or illegal imports or malicious programs Cybercrime is nothing but where the computer used as an object or subject of crime.The world of Internet today has become a parallel form of life and living. Public are now capable of doing things which were not imaginable few years ago. The Internet is fast becoming a way of life for millions of people and also a way of living because of growing dependence and reliance of the mankind on these machines. Internet has enabled the use of website communication, email and a lot of any time anywhere IT solutions for the betterment of human kind. Internet, though offers great benefit to society, also present opportunities for crime using new and highly sophisticated technology tools. Today e-mail and websites have become the preferred means of communication. Organizations provide Internet access to their staff.By their very nature, they facilitate almost instant exchange and dissemination of data, images and variety of material. This includes not only educational and informative material but also information that might be undesirable or anti-social.Regular stories featured in the media on computer crime include topics covering hacking to viruses, web-j ackers, to internet paedophiles, sometimes accurately portraying events, sometimes misconceiving the role of technology in such activities. Increase in cyber crime rate has been documented in the news media. Both the increase in the incidence of criminal activity and the possible emergence of new varieties of criminal activity pose challenges for legal systems, as well as for law enforcement.
CATEGOREIES OF CYBER CRIME
Classification of Cyber Crime:It can be classified in to 4 major categories as(A) Cyber crime against Individual(B) Cyber crime Against Property(C) Cyber crime Against Organization(D) Cyber crime Against Society
(A) Against Individuals(i) Email spoofing :A spoofed email is one in which e-mail header is forged so that mail appears to originate from one source but actually has been sent from another source(ii) Spamming:Spamming means sending multiple copies of unsolicited mails or mass e-mails such as chain letters.(iii) Cyber Defamation:This occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information.(iv) Harassment & Cyber stalking :Cyber Stalking Means following the moves of an individual's activity over internet. It can be done with the help of many protocols available such at e- mail, chat rooms, user net groups.
(B) Against Property:(i) Credit Card Fraud:(ii) Intellectual Property crimes: These includeSoftware piracy: illegal copying of programs, distribution of copies of software.
Copyright infringement:Trademarks violations:Theft of computer source code:(iii) Internet time theft:the usage of the Internet hours by an unauthorized person which is actually paid by another person.
(C) Against Organisation(i) Unauthorized Accessing of Computer:Accessing the computer/network without permission from the owner.it can be of 2 forms:a) Changing/deleting data:Unauthorized changing of data.b) Computer voyeur:The criminal reads or copies confidential or proprietary information,but the data is neither deleted nor changed.(ii) Denial Of Service :When Internet server is flooded with continuous bogus requests so as to denying legitimate users to use the server or to crash the server.(iii) Virus attack :A computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of it.Viruses can be file infecting or affecting boot sector of the computer.Worms, unlike viruses do not need the host to attach themselves to.(iv) Email Bombing:Sending large numbers of mails to the individual or company or mail servers thereby ultimately resulting into crashing.(v) Salami Attack:When negligible amounts are removed & accumulated in to something larger. These attacks are used for the commission of financial crimes.(vi) Logic Bomb:Its an event dependent programme , as soon as the designated event occurs, it crashes the computer, release a virus or any other harmful possibilities.(vii) Trojan Horse :an unauthorized program which functions from inside what seems to be an authorized program, thereby concealing what it is actually doing.(viii) Data diddling :This kind of an attack involves altering raw data just before it is processed by a computer and then changing it back after the processing is completed.
(D) Against Society(i) Forgery :currency notes, revenue stamps, mark sheets etc can be forged using computers and high quality scanners and printers.(ii) Cyber Terrorism :Use of computer resources to intimidate or coerce others.(iii) Web Jacking :Hackers gain access and control over the website of another, even they change the content of website for fulfilling political objective or for money.
2. Cyber Space ~ cyber crimeCyber space is a collective noun for the diverse range of environments that have arisen using the Internet and the various services. The expression crime is defined as an act, which subjects the doer to legal punishment or any offence against morality, social order or any unjust or shameful act. The "offence" is defined in the Code of Criminal Procedure to mean as an act or omission made punishable by any law for the time being in force. Cyber crime is a term used to broadly describe criminal activity in which computers or computer networks are a tool, a target, or a place of criminal activity and include everything from electronic cracking to denial of service attacks. It is also used to include traditional crimes in which computers or networks are used to enable the illicit activity.
3. Traditional crime - Cyber CrimeComputer crime mainly consists of unauthorized access to computer systems data alteration, data destruction, theft of intellectual properly. Cyber crime in the context of national security may involve hacktivism, traditional espionage, or information warfare and related activities.Cyber crimes have been reported across the world. Cyber crime is now amongst the most important revenue sectors for global organized crime, says Frost & Sullivan Industry Analyst Katie Gotzen. Because of this, the potential risks associated with malware have risen dramatically. Unlike in traditional crimes, the Information Technology infrastructure is not only used to commit the crime but very often is i tsel f the target of the crime. Pornography, threatening email, assuming someone's identity, sexual harassment, defamation, SPAM andPhishing are some examples where computers are used to commit crime, whereas viruses, worms and industrial espionage, software piracy and hacking are examples where computers become target of crime.There are two sides to cyber crime. One is the generation side and the other is the victimization side. Ultimately they have to be reconciled in that, the number of cyber crimes committed should be related to the number of victimizations experienced. Of course there will not be a one-toone correspondence since one crime may, inflict multiple victimizations multiple crimes may be responsible for a single victimization. Some crimes may not result in any victimization, or at least in any measurable or identifiable victimization.The obvious effect of cyber crime on business is the evolving threat landscape. 'The motive of the attacks has changed over time.Earlier, the intent of the attacker was to gain fame although the motivation was criminal. Cyber crime economics are too compelling to subside.
4. Cyber Crime variantsThere are a good number of cyber crime variants. A few varieties are discussed for the purpose of completion. Thi s article is not intended to expose all the variants. The readers are directed to other resources.
4.1 Cyber stalkingCyber stalking is use of the Internet or other electronic means to stalk someone. This term is used interchangeably with online harassment and online abuse. Stalking generally involves harassing or threatening behavior that an individual engages in repeatedly, such as following a person, appearing at a person's home or place of business, making harassing phone calls, leaving written messages or objects, or vandalizing a person's property.
4.2 Hacking"Hacking" is a crime, which entails cracking systems and gaining unauthorized access to the data stored in them. Hacking had witnessed a 37 per cent increase this year
4.3 PhishingPhishing is just one of the many frauds on the Internet, trying to fool people into parting with their money. Phishing refers to the receipt of unsolicited emails by customers of financial institutions, requesting them to enter their username, password or other personal information to access their account for some reason.Customers are directed to a fraudulent replica of the original institution's website when they click on the links on the email to enter their information, and so they remain unaware that the fraud has occurred. The fraudster then has access to the customer's online bank account and to the funds contained in that account. F-Secure Corporation's summary of 'data security' threats during the first half of 2007 has revealed that the study found the banking industry as soft target for phishing scams in India .
4.4 cross site scripting Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users.Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls.
4.5 VishingVishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private .personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing. Vishing exploits the public's trust in landline telephone services, which have traditionally terminated in physical locations which are known to the telephone company, and associated with a bill-payer. The victim is often unaware that VoIP allows for caller ID spoofing, inexpensive, complex automated systems and anonymity for the billpayer.Vishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals.
4.6 Cyber SquattingCyber squatting is the act of registering a famous domain name and then selling it for a fortune. This is an issue that has not been tackled in IT act 2000.
4.7 Bot NetworksA cyber crime called 'Bot Networks', wherein spamsters and other perpetrators of cyber crimes remotely take control of computers without the users realizing it, is increasing at an alarming rate.Computers get linked to Bot Networks when users unknowingly download malicious codes such as Trojan horse sent as e-mai l attachments. Such affected computers, known as zombies, can work together whenever the malicious code within them get activated, and those who are behind the Bot Neworks attacks get the computing powers of thousands of systems at their disposal. Attackers often coordinate large groups of Bot-controlled systems, or Bot networks, to scan for vulnerable systems and use them to increase the speed and breadth of their attacks.Trojan horse provides a backdoor to the computers acquired. A 'backdoor" is a method of bypassing normal authentication, or of securing remote access to a computer, while attempting to remain hidden from casual inspection. The backdoor may take the form of an installed program, or could be a modification to a legitimate program. Bot networks create unique problems for organisations because they can be remotely upgraded with new exploits very quickly," and this could help attackers pre-empt security efforts.
5. VulnerabilityThe Open-Source Vulnerability Database (OSVDB) project maintains a master list of computer - security vulnerabilities, freely available for use by security professionals and projects around the world. Vulnerability information is critical for the protection of information systems everywhere: in enterprises and other organizations, on private networks and intranets, and on the public Internet.
6. Indian Crime SceneThe major cyber crimes reported, in India, are denial of services, defacement of websites, SPAM, computer virus and worms, pornography, cyber squatting, cyber stalking and phishing.Given the fact that nearly $ 120 million worth of mobiles are being lost or stolen in the country every year, the users have to protect information, contact details and telephone numbers as these could be misused. Nearly 69 per cent of information theft is carried out by current and exemployees and 31 per cent by hackers. India has to go a long way in protecting the vital information. Symantec shares the numbers from its first systematic survey carried out on the Indian Net Security scene:
The country has the highest ratio in the world (76 per cent) of outgoing spam or junk mail, to legitimate e-mail traffic. India's home PC owners are the most targeted sector of its 37.7 million Internet users: Over 86 per cent of all attacks, mostly via 'bots' were aimed at lay surfers with Mumbai and Delhi emerging as the top two cities for such vulnerability.
6.1 PhishingPhishing attacks were more popular among Indian users due to rising Internet penetration and growing online transactions. India has now joined the dubious list of the world's top 15 countries hosting "phishing" sites which aims at stealing confidential information such as passwords and credit card details.A non-resident Malayali, had an account in a nationalized bank in Adoor, lost $ 10,000 when the bank authorities heeded a fake e-mail request to transfer the amount to an account in Ghana. In Mangalapuram, a person transferred a large sum of money as "processing charge" to a foreign bank account after he received an e-mail, which said he had won a lottery LKerala: The Hindu Monday Oct 30 2006] Reports of phishing targeted at customers of banks appear to be on the rise. Websense Security Labs, in a statement released recently, said it had received reports of such attacks from customers of AXIS Bank. The Economic Offences Wing (EOW), Crime Branch, Delhi Police, unearthed a major phishing scam involving fake emails and websites of UT1 Bank, An analysis of the accounts of the four arrested Nigerian nationals c indicated financial transactions of over Rs 1 crore in an eight-month period t i l l December 2006. Investigations revealed that the scam is multi-layered with pan-India and international characteristics The Lab went on to say that it found a mal ware in the Web site of Syndicate Bank. The users through a spoofed email were asked to renew certain services and claiming that failure to do so would result in suspension or deletion of the account. The e-mail provided a l ink to a malicious site that attempted to capture the personal and account information.Phishing emails have increased by approximately twenty five percent over the last year but are harder to detect as they increasingly trick unsuspecting people with ordinary scenarios instead of improbable ones such as sudden cash windfalls. It has been six months since the phishing attack on ICICI bank customers became public, and during that period, two more such attacks were reported on customers of financial institutions in India, one of UTI Bank and the other. State Bank of lndia. [5-Jan 17-theHindu] RSA's 24/7 Anti-Fraud Command Centre f AFCC) has just uncovered a 'Universal man-in-themiddle Phishing Kit' in online forums which helps phishers quickly create the fraudulent websites, often borrowing code from the original site.
6.2 Cyber Cafes ~ EmailsCyber cafes have emerged as hot spots for cyber crimes. Even terrorists prefer the anonymity of a cyber cafe to communicate with each other. The mushrooming of cyber cafes in the city, which provide the secrecy through cabins constructed for users, has also made the porn literature easily accessible to the people visiting them. (Chandigarh Tribune Monday May 28 2001 ] A 23- year-old person from Tiruchi wasarrested by the City Cyber Crime police on Thursday on charges of sendi ng an e-mail threat to the Chief Minister and his family. [The Hindu Friday Aug 10 2007] In another case, the police team investigating the e-mail threat on the lives of the President and the Prime Minister has prepared a sketch of the suspect, who had sent the email from a cyber cafe in the city. The Case of The State of Tamil Nadu Vs Suhas Katti is notable for the fact that the conviction was achieved successfully. The case related to posting of obscene, defamatory and annoying message about a divorcee woman in the yahoo message group. E-Mails were also forwarded to the victim for information by the accused through a false e-mail account opened by him in the name of the victim. The posting of the message resulted in annoying phone calls to the lady.A travel agent was arrested for allegedly sending a threatening mail to blow up the National and Bombay stock exchanges in Kolkata.
6.3 StalkingA tenth standard boy from Bangalore got into trouble when a girl much older than him started stalking him. She pasted T Love You' slips on his gate and called his "On reviewing his Orkut profile, it was realized that he had accepted chat invites from more than 20 people; only two of who were his real-life friends.
6.4 HackingA case of suspected hacking of certain web portals and obtaining the residential addresses from the e-mail accounts of city residents had recently come to light. After getting the addresses, letters were sent through post mail and the recipients were lured into participating in an international lottery that had Australian $ 23 lakhs at stake.Computer hackers have also got into the Bhaba Atomic Research Centre (BARC) computer and pulled out important data. Some computer professionals who prepared the software for MBBS examination altered the data and gave an upward. revision to some students in return for a hefty payment.A key finding of the Economict Crime Survey 2006 of Price waterhouseCoopers (PwC) was that a typical perpetrator of economic crime in India was male (almost 100 per cent), a graduate or undergraduate and 31-50 years of age. Further, over one-third of the frauds in the country were perpetrated by insiders and over 37 per cent of them were in senior managerial positions. father to express her love for the son.
7. Global AntiMalware Market
Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. The expression is ageneral term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.The global anti-malware market is driven by cyber criminal threats. The commercialisation of cyber crime is spurring malware-writing activity and leading to more threats of this nature. In the consumer space, this translates into identity theft and stolen passwords Growth opportunities have led to intensified competition in both consumer and enterprise segments. On the other hand, loss of intellectual property and customer data coupled with extortion with the threat of taking down Web sites or revealing sensitive information are on the rise in the enterprise space.Organised crime is now employing KGB-style tactics to ensnare the next generation of hackers and malware authors. Cyber-criminals are actively approaching students and graduates of IT technology courses to recruit a fresh wealth of cyber skill to their ranks.Today's worms are the handiwork of malcontents for whom cyber crime affords lucrative returns.A flourishing market exists where large blocks of infected machines that can be controlled remotely are for sale. Sobig demonstrated the close nexus between malware writers and spammers, machines infected by the Sobig mass mailing worm were offered to spammers for price.The thr iving market for subverted PCs has swung the underworld into hyperactivity. The past ten months have seen several hacker groups and cyber crime syndicates setting up attack networks (botnets) and releasing remote attack tools through increasingly crafty malware such as Blaster, Sinit, MyDoom, Phatbot, Bagle and Netsky. New analysis from Frost & Sullivan, World Anti-Malware Products Markets, finds that the world market for antivirus solutions reached $4,685 million in 2006, up 17.1 per cent from $4,000.7 million in the previous year and expects this market to grow at a 10.9 per cent compound annual growth rate (CAGR) from 2006 to 2013, reaching $9,689.7 million by 2013.
8. Anti Cyber crime InitiativesIn a first of its kind initiative in India to tackle cyber crime, police have taken the initiative to keep an electronic eye on the users of the various cyber cafes spread over the city. The Kerala State IT Mission has launched a Web portal and a call centre to tackle cyber crime.The Central Bureau of Investigation (CBI) and the Mumbai police have recommended issuance of licenses to cyber caf owners. Many countries, including India, have established Computer Emergency Response Teams (CERTs) with an objective to coordinate and respond during major security incidents/events. These organisations identify and address existing and potential threats and vulnerabilities in the system and coordinate with stakeholders to address these threats. Policy initiatives on cyber crime are as yet lethargic because of a general sense that it is nothing more than juvenile hackers out to have fun or impress someone. . PrateekBhargava, cyber law expert says, "There is huge potential for damage to national security through cyber attacks. The internet is a means for money laundering and funding terrorist attacks in an organized manner. In the words of Pavan Duggal, Supreme Court Lawyer, "Cyber crime is omnipresent and although cyber crime cells have been set up in major cities, most cases remain unreported due to lack of awareness."CYBERCRIMES THREATENS NATIONAL SECURITY IN INDIA Ex. Union Home Minister Shivraj Patil said that the rising level of cyber crime is an indication of an enormous threat to national security. In todays age when everything from, small gadgets to nuclear plants is being operated through computers, cyber crime has assumed threatening ramifications. cyber crimes are capable of breaching the security in the information systems of vital installations. On Googles social networking site, Orkut, have been perplexing authorities. Fan clubs of underworld dons like Dawood Ibrahim and Chota Shakeel and other wanted underworld dons are also doing the rounds on Orkut. There is huge potential for damage to national security through cyber attacks. The internet is a means for money laundering and funding terrorist attacks in an organized manner. Indias Internet users have shot up to 100 million and so has the risk of getting attacked by Cyber crime. The world of Cyber crime is diverse and ranges from illegally accessing computers to phishing attacks with a lot of e-mail scams thrown in. Our burgeoning Internet population might be a good thing towards Indias growth towards becoming an Internet economy but this user-base is also a huge juicy target for online scammers, illegal hackers and hustlers. Cyber laws are lacking when it comes to online malpractices. Instead of focusing on immediate problems like Cyber Crime, our Government is fixated on trivialities like removing objectionable content.This is a big cause of concern to many here in the country and is counter-productive to the way the Internet works in India. For many years, Indians were not comfortable carrying out online transaction due to various fears. Now that they have warmed up to it, these malpractices may make them want to re-consider. These are still small issues compared to how cyber crime is maturing into a solid ecosystem. Cyber crime is no longer limited to stealing data and money from individual users but is now all about hacking to enterprise data. According to a report titled Global Risks for 2012, attacks on Governments and businesses are the top five risks in the world.Thus we can say that the Cyber Crime ecosystem is being organized pretty much like an organized crime racket. Syndicates are being formed which pride themselves on selling confidential data that they manage to get their hands on. This is true even for Cyber Crime in the country. There are two different approaches which cyber criminals use. One is a mass targeting approach which looks at duping people on the basis of chance, something like a Nigerian e-mail scam. The other approach is a strategic and targeted hacking of corporate, Government and celebrity websites and servers. Most of our knowledge about these attacks comes from ethical hackers who help corporations and Government organization on safe-guarding their online properties from rogue hackers and rival company spies.There could be cases of intellectual property theft, too. For example, the vice-president of an e- learning firm sacked from the company later was accused of stealing the source code of the companys future product. He subsequently used the product for his new venture, and the e-learning firm had to book nearly Rs 47 crore in losses due to the theft. says Atul Khatavkar, VP (IT Governance Risk Compliance), AGC Networks.This is a big problem and one that needs a fast and complete solution. Social Media is a risk factor for enterprises who are working on top secret data and a Social Media policy is a necessity so that secrets are not spilled by mistake. Firstly, I think that corporates and Govt. organizations should raise awareness about what Social Media really is and how it works so that Employees know what they are doing. Secondly, awareness should raised about what these scams are how they work so that employees of an organizations dont get fooled by Cyber Crime tactics.Some of us who are tech-savvy can easily distinguish between spam and fake mails but not the general populace so education about working of the web is something we could focus on and improve so the threats could be marginalize.
9. Cyber security Cyber security involves protection of sensitive personal and business information through prevention, detection, and response to different online attacks. Cyber security actually protects your personal information by responding, detecting and preventing the attacks. Cyber security Privacy policy: Before submitting your name, email address, or other personal information on a web site, look for the site's privacy policy. Evidence that your information is being encrypted: To protect attackers from hijacking your information, any personal information submitted online should be encrypted. Many sites use SSL or secure sockets layer, to encrypt information. Protecting your privacy.Keep software up to date: If the seller releases patches for the software operating your device, install them as soon as possible. Installing them will prevent attackers from being able to take advantage. Use good passwords: Select passwords that will be difficult for thieves to guess. Do not choose options that allow your computer to remember your passwords. How can we protect? Disable remote connectivity: Some PDAs and phones are equipped with wireless technologies, such as Bluetooth, that can be used to connect to other devices or computers. You should disable these features when they are not in use.
Challenges of cyber security1. Challenges of cyber security Explosion of computer and broadband internet availability.2. Low priority of security for software developers. 3. Challenge of timely patching vulnerabilities on all systems.
Advantages of cyber security1. The cyber security will defend us from critical attacks. 2. It helps us to browse the safe website. 3. Internet security process all the incoming and outgoing data on our computer. 4. The IT Act 2000 attempts to change outdated laws and provides ways to deal with cyber crimes. We need such laws so that people can perform purchase transactions over the Net through credit cards without fear of misuse. The Act offers the much-needed legal framework so that information is not denied legal effect, validity or enforceability, solely on the ground that it is in the form of electronic records.5. In view of the growth in transactions and communications carried out through electronic records, the Act seeks to empower government departments to accept filing, creating and retention of official documents in the digital format. The Act has also proposed a legal framework for the authentication and origin of electronic records / communications through digital signature.6. From the perspective of e-commerce in India, the IT Act 2000 and its provisions contain many positive aspects. Firstly, the implications of these provisions for the e-businesses would be that email would now be a valid and legal form of communication in our country that can be duly produced and approved in a court of law.7. Companies shall now be able to carry out electronic commerce using the legal infrastructure provided by the Act.8. Digital signatures have been given legal validity and sanction in the Act.9. The Act throws open the doors for the entry of corporate companies in the business of being Certifying Authorities for issuing Digital Signatures Certificates.10. The Act now allows Government to issue notification on the web thus heralding e-governance.11. The Act enables the companies to file any form, application or any other document with any office, authority, body or agency owned or controlled by the appropriate Government in electronic form by means of such electronic form as may be prescribed by the appropriate Government.12. The IT Act also addresses the important issues of security, which are so critical to the success of electronic transactions. The Act has given a legal definition to the concept of secure digital signatures that would be required to have been passed through a system of a security procedure, as stipulated by the Government at a later date.13. Under the IT Act, 2000, it shall now be possible for corporates to have a statutory remedy in case if anyone breaks into their computer systems or network and causes damages or copies data. The remedy provided by the Act is in the form of monetary damages, not exceeding Rs. 1 crore.
Safety tips to cyber Crime1. Use antivirus softwares 2. Insert firewalls3. Uninstall unnecessary software4. Maintain backup 5. Check security settings 6. Identity Theft7. Many consider identity theft to be the fastest growing crime in America, affecting almost half a million people each year. Having your wallet stolen is the easiest way to steal your identity, but so is discarding financial information in your mail, and giving out your PIN to ATM and phone cards.8. Protecting Your Privacy: Keeping an Eye On Your Private Information9. E-mail, the Internet, automated tellers, computer banking, long distance carriers, and credit cards make our lives more efficient. However, electronic transactions can leave you vulnerable to fraud and other crimes.10. Safe and Secure in an Electronic World11. Consumers can help protect themselves from online fraud by using secure Internet connections, keeping records of their online transactions, regularly reviewing credit card and bank statements, reviewing Web site privacy policies, and patronizing reputable online businesses.12. Safe Surfing13. It is just as dangerous to leave children unsupervised and unrestricted on the internet as it is to leave them unsupervised on the streets. Establish guidelines children can follow for appropriate Internet usage.14. Shopping Safely Online15. Convenience, good deals, and choices are all good things that the Internet offers. But before you use it, be cyber smart and make your online experience a safe one.
10. Cyber Law of India
1. Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code. 2. In Simple way we can say that cyber crime is unlawful acts wherein the computer is either a tool or a target or both. 3. The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000.Cyber Law of India: IntroductionIn Simple way we can say that cyber crime is unlawful acts wherein the computer is either a tool or a target or bothCyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code. The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000.We can categorize Cyber crimes in two waysThe Computer as a Target :-using a computer to attack other computers.e.g. Hacking, Virus/Worm attacks, DOS attack etc.The computer as a weapon :-using a computer to commit real world crimes.e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc.Cyber Crime regulated by Cyber Laws or Internet Laws.Technical AspectsTechnological advancements have created new possibilities for criminal activity, in particular the criminal misuse of information technologies such asa. Unauthorized access & Hacking:-Access means gaining entry into, instructing or communicating with the logical, arithmetical, or memory function resources of a computer, computer system or computer network.Unauthorized access would therefore mean any kind of access without the permission of either the rightful owner or the person in charge of a computer, computer system or computer network.Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money.By hacking web server taking control on another persons website called as web hijackingb. Trojan Attack:-The program that act like something useful but do the things that are quiet damping. The programs of this kind are called as Trojans.The name Trojan Horse is popular.Trojans come in two parts, a Client part and a Server part. When the victim (unknowingly) runs the server on its machine, the attacker will then use the Client to connect to the Server and start using the trojan.TCP/IP protocol is the usual protocol type used for communications, but some functions of the trojans use the UDP protocol as well.c. Virus and Worm attack:-A program that has capability to infect other programs and make copies of itself and spread into other programs is called virus.Programs that multiply like viruses but spread from computer to computer are called as worms.d. E-mail & IRC related crimes:-1. Email spoofingEmail spoofing refers to email that appears to have been originated from one source when it was actually sent from another source. Please Read 2. Email SpammingEmail "spamming" refers to sending email to thousands and thousands of users - similar to a chain letter.3 Sending malicious codes through emailE-mails are used to send viruses, Trojans etc through emails as an attachment or by sending a link of website which on visiting downloads malicious code.4. Email bombingE-mail "bombing" is characterized by abusers repeatedly sending an identical email message to a particular address.5. Sending threatening emails6. Defamatory emails7. Email frauds8. IRC relatedThree main ways to attack IRC are: "verbal?8218;?T#8220; attacks, clone attacks, and flood attacks.e. Denial of Service attacks:-Flooding a computer resource with more requests than it can handle. This causes the resource to crash thereby denying access of service to authorized users.Our support will keep you aware of types of Cyber crimes while companies such as www.Lifelock.com can give you the right protection against them.Examples includeattempts to "flood" a network, thereby preventing legitimate network trafficattempts to disrupt connections between two machines, thereby preventing access to a serviceattempts to prevent a particular individual from accessing a serviceattempts to disrupt service to a specific system or person.Distributed DOSA distributed denial of service (DoS) attack is accomplished by using the Internet to break into computers and using them to attack a network.Hundreds or thousands of computer systems across the Internet can be turned into zombies and used to attack another system or website.Types of DOSThere are three basic types of attack:a. Consumption of scarce, limited, or non-renewable resources like NW bandwith, RAM, CPU time. Even power, cool air, or water can affect.b. Destruction or Alteration of Configuration Informationc. Physical Destruction or Alteration of Network Componentse. Pornography:-The literal mining of the term 'Pornography' is describing or showing sexual acts in order to cause sexual excitement through books, films, etc.h. IPR Violations:-These include software piracy, copyright infringement, trademarks violations, theft of computer source code, patent violations. etc.Cyber Squatting- Domain names are also trademarks and protected by ICANNs domain dispute resolution policy and also under trademark laws.Cyber Squatters registers domain name identical to popular service providers domain so as to attract their users and get benefit from it.i. Cyber Terrorism:-Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic control, telecommunication networks are the most likely targets. Others like police, medical, fire and rescue systems etc.Cyber terrorism is an attractive option for modern terrorists for several reasons.1. It is cheaper than traditional terrorist methods.2. Cyber terrorism is more anonymous than traditional terrorist methods.3. The variety and number of targets are enormous.4. Cyber terrorism can be conducted remotely, a feature that isespecially appealing to terrorists.5. Cyber terrorism has the potential to affect directly a larger number of people.j. Banking/Credit card Related crimes:-In the corporate world, Internet hackers are continually looking for opportunities to compromise a companys security in order to gain access to confidential banking and financial information.Use of stolen card information or fake credit/debit cards are common.Bank employee can grab money using programs to deduce small amount of money from all customer accounts and adding it to own account also called as salami.k. E-commerce/ Investment Frauds:-Sales and Investment frauds. An offering that uses false or fraudulent claims to solicit investments or loans, or that provides for the purchase, use, or trade of forged or counterfeit securities.Merchandise or services that were purchased or contracted by individuals online are never delivered.The fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site.Investors are enticed to invest in this fraudulent scheme by the promises of abnormally high profits.l. Sale of illegal articles:-This would include trade of narcotics, weapons and wildlife etc., by posting information on websites, auction websites, and bulletin boards or simply by using email communication.Research shows that number of people employed in this criminal area. Daily peoples receiving so many emails with offer of banned or illegal products for sale.m. Online gambling:-There are millions of websites hosted on servers abroad, that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering.n. Defamation: -Defamation can be understood as the intentional infringement of another person's right to his good name.Cyber Defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person's friends. Information posted to a bulletin board can be accessed by anyone. This means that anyone can placeCyber defamation is also called as Cyber smearing.Cyber Stacking:-Cyber stalking involves following a persons movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc.In general, the harasser intends to cause emotional distress and has no legitimate purpose to his communications.q. Identity Theft :-Identity theft is the fastest growing crime in countries like America.Identity theft occurs when someone appropriates another's personal information without their knowledge to commit theft or fraud.Identity theft is a vehicle for perpetrating other types of fraud schemes.r. Data diddling:-Data diddling involves changing data prior or during input into a computer.In other words, information is changed from the way it should be entered by a person typing in the data, a virus that changes data, the programmer of the database or application, or anyone else involved in the process of having information stored in a computer file.It also include automatic changing the financial information for some time before processing and then restoring original information.s. Theft of Internet Hours:-Unauthorized use of Internet hours paid for by another person.By gaining access to an organisation's telephone switchboard (PBX) individuals or criminal organizations can obtain access to dial-in/dial-out circuits and then make their own calls or sell call time to third parties.Additional forms of service theft include capturing 'calling card' details and on-selling calls charged to the calling card account, and counterfeiting or illicit reprogramming of stored value telephone cards.t. Theft of computer system (Hardware):-This type of offence involves the theft of a computer, some part(s) of a computer or a peripheral attached to the computer.u. Physically damaging a computer system:-Physically damaging a computer or its peripheralseither by shock, fire or excess electric supply etc.v. Breach of Privacy and Confidentiality PrivacyPrivacy refers to the right of an individual/s to determine when, how and to what extent his or her personal data will be shared with others.Breach of privacy means unauthorized use or distribution or disclosure of personal information like medical records, sexual preferences, financial status etc.ConfidentialityIt means non disclosure of information to unauthorized or unwanted persons.In addition to Personal information some other type of information which useful for business and leakage of such information to other persons may cause damage to business or person, such information should be protected.Generally for protecting secrecy of such information, parties while sharing information forms an agreement about he procedure of handling of information and to not to disclose such information to third parties or use it in such a way that it will be disclosed to third parties.Many times party or their employees leak such valuable information for monitory gains and causes breach of contract of confidentiality.Special techniques such as Social Engineering are commonly used to obtain confidential information.
11. Conclusion'Net surfing1 by youngsters lures them into dangerous domain. The need for a conscious effort to checkmate the undesirable fallout of youngsters accessing and using the Internet is of concern. The print media has a duty to educate unwary parents and youngsters about the dangers inherent in treading dangerous areas in the cyber-world.Cybercrime is indeed getting the recognition it deserves. However, it is not going to restricted that easily. In fact, it is highly likely that cybercrime and its hackers will continue developing and upgrading to stay ahead of the law. So, to make us a safer we must need cyber security.
12. REFERENCES
1. Times of india news paper2. Google3. Articals of the act against Indian IT crimes4. Raj patra of Indian crime and laws 3