Slide 1

Cyber Crime & Security

Presenter : Vineet Kumar,CEH, ECSA, LPT, CHFI, MCSE, MCSA, MCDBAChief Technology Officer(CTO) & HeadCyber Defence Research Centre (CDRC)Jharkhand Police

About CDRCCyber Defense Research Centre (CDRC) is a Jharkhand Government & Jharkhand Police initiative to create awareness in Cyber Crimes & Cyber Security. CDRC got operational in January, 2012

Approved by Chief Minister Arjun Munda and cabinet in September, 2011

1st in the country, Probably 9th in the whole worldCyber Security Initiatives (Jharkhand Police)Public Outreach, Cyber security Awareness in schools and Colleges through E-Raksha Mission

Public and Industry awareness

Critical Infrastructure Protection (Road/Rail/Water/Power etc), Cyber Warfare ready

Cyber Security Research (Honeynet, Hardware Security, Malware analysis)

Cyber Intelligence, Cyber Crime Investigation

Cyber Security Services (Vulnerability Assessment, Penetration Testing, Web Application Security etc.) on request

Cyber Security Initiatives (Jharkhand Police)Cyber Crime Review meetings (Every district of Jharkhand)

Cyber Cafe Controls, ATM Security, Wifi Wardriving exercise, Cyber Patrol Operations

Trainings/Bootcamps/Seminars/Awareness (Police, Judiciary, Government Employees)

Cybercrime Helpline, Web Helpline (eSamadhan), Toll free (in process)

Panel of Experts

National/International tie-up to further our capabilities in these domains

About MeJoined Jharkhand Police in January 2012 as a Chief Technology Officer (CTO).

Member, Crime and Criminal Tracking Network System (CCTNS), Jharkhand

Advised Ministry of Home Affairs (MHA), Indian Army Western Command prior to joining JH Police

Guest Lecturer at College of Millitary Engineering(CME),Jharkhand Judicial Academy, IIM Ranchi, IIT Kharagpur, Vellore Institute of Technology, BIT Sindri, NIT Jamshedpur, BIT Mesra, Mecon, Indian Army (Core of Signals), CISF, CRPF, MKCL, DPS, Loyolla School, Army School etc

Speaker at International Security Conferences like Marcus Evans, Hacktrix, cOcOn etc

Had been awarded 5 International , 10 National Awards, 12 State awards

Prominent ones being United Nations Youth Achievement Award 2008, Worlds Top 5 student Entrepreneur (GSEA 2010, Kansas City), National IT Excellence Award 2007-2008, Young Achiever Award, Karmaveer Chakra 2008 etcAgendaTrends in Cyber Crime & Cyber SecurityCase StudiesPractical Demonstrations

To stop a hacker is to think alike!Cyber Crime Chart Going UpWebsites Hosting Crimeware in May Shot Up 7.4% Higher Than Previous Record Month Source : Anti Phishing Working Group (APWG)

Everything will be in Cyberspace covered by a hierarchy of computers!RegionCampus BuildingBodyWorldContinentCar HomeCellOriginal by Gordon Bell

TimeRate of changeTodayTechnologySocietyPeopleCompaniesBusinessLegal SystemsGovernmentsIt is the Era of Technology10

Each day, there is an increase in the number of threats against our nation's critical infrastructures. These threats come in the form of computer intrusion (hacking), denial of service attacks, and virus deployment. Cyberspace as a Battleground?

Recent Trends in Cyber CrimeCyber crime occurs when information technology is used to commit or conceal an offence.

Nigerian Scam / Fake Job offers / Call SpoofingChild Porn / Social Network FraudsOnline Auction/RetailNon-delivery of Goods/ServicesIdentity TheftCredit/Debit Card FraudBusiness/Employment SchemesSpoofing / Phishing / ATM fraudsHacker VS CrackerA Hacker :Lots of Knowledge & Experience.Good Guy.Strong Ethics.Never Indulges in Crime.Catches Computer Criminals.

A Cracker :Lots of Knowledge & Experience.Bad Guy.Low Ethics.Mostly Indulges in Crime.Is a Computer Criminal himself.

Categories of Hackers:Blackhat Hackers / Crackers :Work for Illegal/Offensive purposes

Whitehat Hackers:Work as Penetration Testers protecting Blackhats from Penetrating into the networks

Greyhat Hackers:Combination of whitehat and Blackhat i.e they work for Both Offensive as well as defensive purpose when needed

All Rights Reserved, Copyrighted to NAG & Security BrigadeWhy Security ?Based on CDRCs research: Over 80% of corporate, government and financial sector websites are open to serious attacks in India.

Most frequent problemsWeb Application Vulnerability (Sql Injection, XSS, CSRF, Upload injection)DOS, DDOSBotnets, Trojans, Viruses Web Page defacements

Source: 2002 CSI/FBI Computer Crime and Security SurveyDefinition -- It also known as penetration testing or white-hat hacking involves the same tools, tricks, and techniques that hackers use, but with some major differences:

Ethical hacking is legal.

Ethical hacking is performed with the targets permission.

The intent of ethical hacking is to discover vulnerabilities from a hackers viewpoint so systems can be better secured.

Ethical Hacking / Penetration testingCDRC provides Penetration Testing, Vulnerability Assessments and a wide range of services.TermsVulnerability Weakness Exploit Honeypot Trap Honeynet Two or more Honeypot0 days (Zero Days) Unknown VulnerabilitiesVulnerability AssessmentPenetration testingPenetration testing ProcessStep 1 : Scope of the TargetStep 2 : Information GatheringStep 3 : Target DiscoveryStep 4 : Enumerating the targetStep 5 : Vulnerability AssessmentStep 6 : Social Engineering (Optional Step)Step 7 : Target ExploitationStep 8 : Privilege EscalationStep 9 : Maintaining AcccessStep 10: Documentation and ReportingPenetration testing ProcessStep 1 : Scope of the TargetSingle Entities or set of entities

Step 2 : Information GatheringA tester uses a number of publically available resources to know more about his target (forums, bulletin boards, blogs, social networks, Google , Yahoo, MSN Bing)DNS Servers, traceroutes, whois databases, email address, phone numbers, personal informations and user accounts. The more information is gathered it will increase the chances of a successful penetration testingPenetration testing ProcessStep 3 : Target DiscoveryThis phase deals with identifying the target network status,operating system and its relative network architecture. Live network hosts, OS running on these host machines, OS fingerprinting etc

Step 4 : Enumerating the targetFinds open ports on the target system by using various scanning techniquesPenetration testing ProcessStep 5 : Vulnerability AssessmentAnalyze the vulnerabities based on disclosed ports and services

Step 6 : Social Engineering (Optional Step)

Step 7 : Target ExploitationExploitation of found vulnerabilities

Penetration testing ProcessStep 8 : Privilege EscalationOnce the target is acquired then Privilege escalation to obtain higher privileged accounts by making use of local exploits

Step 9 : Maintaining Acccess

Step 10: Documentation and ReportingVulnerabilites found, verified and exploited will conclude our PT processSo How Does a Defacement Occur? Same Penetration testing methodology used for Web Defacement. How to Prevent DefacementConstant Vulnerability Assessment and Penetration testing requiredIntrusion Detection System (IDS) / Intrusion Prevention System (IPS)Web App Firewall (WAFs), WIDS, WIPSSource code audting requiredFollow good security practices on your network n Application Keep your system up-to-patch Keep in touch with diverse security newsgroups, newsletters and other information so you know what vulnerabilities exist Example of Website Defacement

CBI HACKED

PMS WEBSITE HACKED

Case StudiesCase StudiesFinancial Frauds (ATM hacking)

Aashka Garodia case

Fake Facebook profile / page

Facebook threat

Facebook suicide

Facebook location mapping case

Email hacking

Phishing lottery case

ATM FraudsCard Skimming A special device put in front of the ATM card reader in such a way that it seems like a part of the ATM and records all info of the card.

Shoulder Surfing A technique of viewing the pin number by peeping over the victims shoulder.

Fake ATMs A fake ATM designed to swallow cards temporarily located at busy locations such as fair grounds etc.

Special Promotions at ATM sites A sweet young lady stands next to ATM offering an entry into a lottery for all ATM users who put in a copy of their signed ATM slips.ATM FraudsCard jamming / Lebanese Loop where an ATM machine card reader is deliberately tampered with so that a customers card will be held in the card reader and cannot be removed from the machine by the customer. The criminal removes the card once the customer has departed.

Vandalism where an ATM machine is deliberately damaged and/or the card reader is jammed preventing the customers card from being inserted.

Physical attacks where an ATM machine is physically attacked with the intention of removing the cash content.

Mugging where a client is physically attacked whilst in the process of conducting a transaction at an ATM machine.

Cash Diversion where a fake plate is made to cover the cash slot and the plate collects all the cash and it seems as if no cash has come out of the machine.ATM machine as usual ?

Is there an additional slot?

A monitor and pamphlet holder at the side...nothing wrong

wait ..... Is it really a pamphlet holder ....

False pamphlet box affixed to the ATM cubicle side

The micro camera at the side can view the KEYPAD and also the monitor to send wireless picture up to 200metres.Inside the pamphlet box

Practical DemonstrationPractical DemonstrationsEmail Spoof

IP Spoofing

Password cracking

Vulnerability Assessment

Email Hacking

Facebook hacking

Securing Email Accounts (2 step verification)

Security TipsGeneral SecurityInstall the latest Antivirus Software on all your computers and never disable them. Popular antivirus softwares includeKaspersky, Bit Defender, Nod32, Avira, AVGandQuickheal.

Install a personal firewall and an anti-spyware solution. Popular firewalls includeComodo Firewall, IP Copand Sonicwall.

Update antivirus/ anti-spyware/ firewall at least everyday. Carry out a complete system scan with your anti-virus at least once a week, or better, auto-schedule it to run every Friday.

Don't download or open attachments from unknown senders. Even if the sender is trusted, ensure that the content is relevant. Even non-executable files like *.doc files can contain macro viruses andTrojans. There are some dangerous programmes called worms, which don't need human interaction. You can be infected by simply opening an e-mail or by visiting a Web site and that's it. So always stay alert. Avoid opening e-mail attachments that contain .vbs, .scr, .exe, or .pif file extensions. Files that end in these extensions are most likely to contain some sort of viruses.General SecurityUse secure Web browsers such asGoogle Chrome or Firefox. It is also necessary to update old browsers to their latest versions so that the vulnerability gets

Never download any files especially executable files overP2P sharing networks(peer-to-peer), as you can never be absolutely certain as to what they really are. P2P file sharing programmes can lead to the installation of a lot ofadwareandspyware. Try downloading executables from authentic and well-known Web sites; don't download files from any random Web site.

Try not to visit warez, porn sites or Web sites that provide cracks and serials because most of them have a lot of spyware, trojans and viruses. A single visit and you are most likely infected with hundreds of malicious programmes.

Be familiar with the programmes installed on your computer. If you notice that a new programme is installed without your permission, possibilities are that it might be something malicious.

General SecurityBack-up your computer on a regular basis, at least weekly. Copy your important documents and files onto a USB drive, CD or a DVD for safekeeping. Don't wait for the disaster to happen, take the precautions beforehand. Create system restore points periodically.

Never respond to unsolicited e-mail. To those who send spam, one response or 'hit' from thousands of e-mails is enough to justify the practice. Additionally, it validates your email address as active, which makes it more valuable, and therefore opens the door to more spam.

General SecurityBeware ofphishingattacks. Sites like AntiPhishing offer latest updates on phishing along with some good security tips.

Don't chat with strangers or accept any file, especially executables from an unknown person on chat. Don't click on any links given by someone you don't know.

Do not accept links or downloads from strangers even if it is tempting. There have been cases where spyware like trojans andkey-loggershave been hidden in simple picture files with .jpg extensions. You never really know what is contained inside a file which looks attractive.

Be cautious while displaying your profile, especially your personal details, photographs, videos and contacts on social networking sites. Your profiles and contacts may be misused by other people.

Install parental-control or filtering softwares like those fromWebsense(LINK) that helps you choose what can be seen on the Internet and monitor the activities of any users.Password SecurityUse different passwords for different Web sites. Maintain separate passwords for e-mail, work and other important Web sites and routine web-surfing.

Use difficult-to-guess password by taking the first alphabet from each word of a phrase. What is a good password? It is a password which is at least 8 characters long, not easily guessable, contains mixture of uppercase and lowercase letters as well as numbers, and preferably contains special characters like $, *, %, !, * etc. Some examples of a good password are: &(^.3235*cRack&.^).

Always use alphanumeric passwords with special characters and try to adopt phrasing technique to construct passwords which are easy to remember, hard to guess and impossible to crack. Create a unique acronym. Never use a dictionary based password like guest, home etc. It takes little time for a good cracker to crack the password.

Internet Safety E-mail TipsGet two email accounts, one for business and one for personal use. Only give out your personal address to family and friends to help reduce unwanted emails (otherwise known as "spam"). A more comprehensive approach would be to use a service which checks for spams , service like spamex is available to manage the same.Try to memorize your password rather than writing it down. Use an acronym of a favourite saying or something that as true about you such as I Don't Like Driving In The Snow password = idldits. You can then take that password and substitute some numbers for letters such as: id1dit5. Now that's a good a password!Don't give the password to your e-mail service or to anyonethat you don't know or trust. Try to avoid using services that do not allow you to change your password, but rather set it for you.Don't download any attachments from people you don't know, or from people you don't trust.Scan attachments with a virus program before downloading them, even if they come from a friend.

Section 72 in The Information Technology Act, 200072. Penalty for breach of confidentiality and privacy.- Save as otherwise provided in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such electronic record, book, register, correspondence, information, document or ot er material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.

52Internet Safety E-mail Tips

Try to avoid sending private or secret information through e-mail.If you absolutely have to send private or secret information through e-mail, make sure you encrypt it first.Don't spam people, you could get into trouble with your ISP and have your account terminated. In fact, this is becoming common practice as more services implement no-spam policies.If you don't like getting ads in your e-mail, choose to opt out of all unnecessary mailing lists. You should know however that Opt-Out still keeps a cookie on your machine.Try to determine whether or not an e-mail is a hoax or a scam.

Section 72 in The Information Technology Act, 200072. Penalty for breach of confidentiality and privacy.- Save as otherwise provided in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such electronic record, book, register, correspondence, information, document or ot er material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.

53You probably store a lot of personal and financial information on yoursmartphonethat you would not want revealed if it is lost or stolen. Follow these guidelines which will help you to increase mobile phone safety and secure your smartphone.

Using Smartphone safelyDo'sDon'tsEnsure that you dont leave your Smartphone unattendedin public spaces.Do not save passwords, PINs or other account informationas Contacts or in Notes.Enable the smartphone's password/passcode protectionsetting;Avoid using open Wi-Fis, especially for shopping andbanking activities; Wi-Fi sniffing is a common occurrencethat can have significant consequences like lost credit cardnumbers.Install operating system updates whenever they becomeavailable to reduce the number of system vulnerabilities;Avoid opening suspicious e-mail or SMS text messages,especially from unknown sources. Incautious readers maybe unwillingly tricked into phishing by entering sensitiveInformation from online prompts.Install an anti-malware protection app (if available for the device) to prevent infection from malicious apps and websites;When using the smartphone's web browser, avoid suspicious/questionable websites that can be the source of malicious code.Be selective when buying or installing apps; wait for app reviews, download only from trusted sources and be cautious/suspicious of free appsUnderstand and control each downloaded apps "access to smartphone data and personal information;Turn the Bluetooth access feature off when not needed and avoid Bluetooth use in busy public areas.

Utilize a PIN to access voice-mail and avoid using the carrier's default PIN setting.Insure that smartphone e-mail account access is through either a SSL or HTTPS connection so that transmitted data is encrypted.

Do's

Credit card /Debit card / ATM guidelines

Credit card /Debit card / ATM guidelines

Do'sDon'tsOnly Friend people you know.Dont share your password.Create a good password and use it only for Facebook.Dont paste script (code) in your browser address bar.Change your password on a regular basis.Beware of goofy posts from anyoneeven Friends. If it looks like something your Friend wouldnt post, dont click on it.Share your personal information only with people and companies that need it.Scammers might hack your Friends accounts and send links from their accounts. Beware of enticing links coming from your Friends.Log into Facebook only ONCE each session. If it looks like Facebook is asking you to log in a second time, skip the links and directly type www.facebook.com into your browser address bar.Use a one-time password when using someone elses computer.Log out of Facebook after using someone elses computer.Use secure browsing whenever possible.Only download Apps from sites you trust.Keep your anti-virus software updated.Keep your browser and other applications up to date.Use browser add-ons like Web of Trust and Firefoxs No Script to keep your account from being hijacked.

Latest news and information are one of the common methods used by hackers !False Death news of celebrities.Anniversaries of Famous people and celebrities.Big News and informationPreventionDon`t click suspicious linksReport anything that seems too good to be trueNever share your passwordDon`t indulge in freebies(attractive online offers)Keep your Anti-Virus/Spyware program up-to-date(inspite it`s been bypassed)Get two email accounts, one for business and one for personal use. Only give out your personal address to family and friends to help reduce unwanted emails (otherwise known as "spam"). A more comprehensive approach would be to use a service which checks for spams , service like spamex is available to manage the same.

Try to memorize your password rather than writing it down. Use an acronym of a favourite saying or something that as true about you such as I Don't Like Driving In The Snow password = idldits. You can then take that password and substitute some numbers for letters such as: id1dit5. Now that's a good a password!

Don't give the password to your e-mail service or to anyonethat you don't know or trust. Try to avoid using services that do not allow you to change your password, but rather set it for you.Don't download any attachments from people you don't know, or from people you don't trust.

E-mail SecuritySection 72 in The Information Technology Act, 200072. Penalty for breach of confidentiality and privacy.- Save as otherwise provided in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such electronic record, book, register, correspondence, information, document or ot er material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.

62Scan attachments with a virus program before downloading them, even if they come from a friend.

Try to avoid sending private or secret information through e-mail.

When sending private or secret information through e-mail, make sure you encrypt it first.Don't spam people, you could get into trouble with your ISP and have your account terminated. In fact, this is becoming common practice as more services implement no-spam policies.If you don't like getting ads in your e-mail, choose to opt out of all unnecessary mailing lists. You should know however that Opt-Out still keeps a cookie on your machine.Try to determine whether or not an e-mail is a hoax or a scam.E-mail SecuritySection 72 in The Information Technology Act, 200072. Penalty for breach of confidentiality and privacy.- Save as otherwise provided in this Act or any other law for the time being in force, any person who, in pursuance of any of the powers conferred under this Act, rules or regulations made thereunder, has secured access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned discloses such electronic record, book, register, correspondence, information, document or ot er material to any other person shall be punished with imprisonment for a term which may extend to two years, or with fine which may extend to one lakh rupees, or with both.

63Online shopping securityOnline Shopping SecurityWhile purchasing online, look for signs that these are secure (SSL secured sites or 128 bit encryption) like shopping.rediff.com. At the point when you are providing your payment information, a golden-coloured lock appears (for SSL secured sites) on the right hand side corner of the browser or the beginning of the Web site address should change from http to https, indicating that the information is being encrypted ie turned into code that can only be read by the seller.

Your browser may also signal that the information is secure with a symbol, such as a broken key that becomes whole or a padlock that closes.

Carefully use credit-cards and online banking for online shopping. Check your credit card and bank statements at regular intervals. Notify the bank immediately if there are unauthorised charges or debits. Avoid using credit card details and online banking on public computers and in cyber cafes. It is very unsafe because most of them are infected with viruses, trojans and key loggers.

Some banks have launched their services like Net Safe to create temporary credit cards with a limited value to transact online. Paypal is also a secure way to do the transactions .This way, in the worst case scenario you can minimise the impact.

Wireless SecurityIf you have a wireless network, turn on the security features: UseMAC filtering, turn offSSID broadcast, and even use WPA2with the biggest key you can get.

Detailed Guidelineshttp://cdrc.jhpolice.gov.in/guidelines/

Cyber Security Initiatives (Jharkhand Police)Public Outreach, Cyber security Awareness in schools and Colleges through E-Raksha Mission

Public and Industry awareness

Critical Infrastructure Protection (Road/Rail/Water/Power etc), Cyber Warfare ready

Cyber Security Research (Honeynet, Hardware Security, Malware analysis)

Cyber Intelligence, Cyber Crime Investigation

Cyber Security Services (Vulnerability Assessment, Penetration Testing, Web Application Security etc.) on request

Cyber Security Initiatives (Jharkhand Police)Cyber Crime Review meetings (Every district of Jharkhand)

Cyber Cafe Controls, ATM Security, Wifi Wardriving exercise, Cyber Patrol Operations

Trainings/Bootcamps/Seminars/Awareness (Police, Judiciary, Government Employees)

Cybercrime Helpline, Web Helpline (eSamadhan), Toll free (in process)

Panel of Experts

National/International tie-up to further our capabilities in these domains

Initiatives and ProjectsCyber Caf Controls Guidelines and License policy after conducting state-wide audit ATM Security and guidelines for banks, cash vans, ATM security guards and local police personnelCritical Infrastructure Protection in the state of Jharkhand presently in identification phase of Power, Water, Road, Dams etcResponsible DisclosureWifi SecurityeRaksha public awareness program for schools, colleges, PTA, publicTraining Judiciary, LEA, State Government officersProposed - State CERTCapacity building for Forensics (state CID and FSL)

Jharkhand State Cyber Security- Web Application Security testing- Vulnerability Assessment / Penetration Testing (VA/PT) - Source Code Audit- BCP/DR - IT Security Management- IT Security Training and Awareness- PHQ Data Centre ISO 27001 assessment-

Cyber Caf and ATM Security- Conducted survey across the state - Assess current operational practices and security posture- Created State Cyber Caf Guidelines with licensing system aligned to IT Act and Cyber Caf Guidelines from MIT- Created ATM Security guidelines addressing banks, guard companies, local police - Presently communicating / educating Cyber Caf owners to implement guidelines

MissonE-Raksha Mission to fosterawareness about various types of cybercrimes, internet threats and risks and methods to be secureCyber Security awareness and training is provided for school children, parents , teachers and citizens of JharkhandTrain the teacher program will carry eRaksha message to schools across the state as a regular planned activityAdvise on various types of cyber crimes, impact in the society and educate them in prevention of cyber crimes

Example program held at DPS, Ranchi provided training on Password Security ,Social Networking, E-Mail, Stalking etc.

Mission

Cyber Security TrainingContinuous Training Program in Cyber Crime, Security, Law (ITA) for - Police Department state wide- Judicial officers, Judges across the state- State Government Officers

\

Workshop for Police OfficersInitiativesCyber SurveillanceInternet Monitoring, Inputs from cyber patrol and threat intelligenceCritical Infrastructure ProtectionInventory, response procedures and proactive security training Responsible Disclosure and Threat IntelligenceVulnerability disclosure and intelligence information to affected partiesPublic HelplineWeb based and toll free helplineResearchIndian Honeynet collection and malware analysisCyber PatrolUnderground intelligence gathering activitiesPanel of ExpertsInviting professionals to volunteer their time to help guide our initiatives

We will welcome experts ina) Cyber Securityb) Cyber Crimec) Cyber Law d) Vulnerability Assessment and Penetration Testinge) Cyber Forensicsf) Criminology, Psychology, Sociologyg) IT and Business Managementh) Industry / Verticals specialists (finance, insurance, mfg, trdg etc)

CDRC will be pleased to assist other States in their Cyber securityinitiativesE-Samadhan Web helplineA dedicated web link of CDRC is there to register complaints related to cybercrimes.

http://esamadhan.jhpolice.gov.in/open.phpThanks!I can be reached at :

Vineet KumarChief Technology Officer, Special BranchCDRC Building, Jharkhand Police HQDhurwaRanchiPin 834004

M : 97714-00453 Web : cdrc.jhpolice.gov.inO : 0651-2400496 / 95 /94F : 0651-2400494E : cto@jhpolice.gov.in e-raksha@jhpolice.gov.in

For any Queries Please ContactMail us at :cdrc@jhpolice.gov.inOther229421.92Track 1Track 10Blues18808.125