• No results found

Cyber Crime

N/A
N/A
Protected

Academic year: 2021

Share "Cyber Crime"

Copied!
31
0
0

Loading.... (view fulltext now)

Full text

(1)

J Comput Virol (2006) 2:13–20DOI 10.1007/s11416-006-0015-z O R I G I N A L P A P E R

On the definition and classification of cybercrime Sarah Gordon

·

Richard Ford

Received: 13 January 2006 / Revised: 11 February 2006 / Accepted: 29 March 2006 / Published online: 25 July 2006© Springer-Verlag France 2006

Abstract

The idea of Cybercrime is not new, yet thereis significant confusion amongst academics,

computers e c u r i t y e x p e r t s a n d u s e r s a s t o t h e e x t e n t o f r e a l Cy bercrime. In this paper, we explore the breadth of c o m p u t e r

-b a s e d c r i m e , p r o v i d i n g a d e fi n i t i o n o f t h e emerging terms “Cy-bercri me” and “crimeware”. WethendivideCybercrimeintotwodistinctcategories :TypeI Cybercrime, which is mostly technological in nature, and Type II Cybercrime, which has a more pronouncedhuman element. We then use two case studies to

illust r a illust e illust h e r o l e o f c r i m e w a r e i n d i f f e r e n illust illust yp e s o f C y b e r c r i

-m e , a n d o f f e r s o -m e o b s e r v a t i o n s o n t h e r o l e o f c o g n i t i o n in the process of Cybercrime. Finally we provide severalsuggestions for future work in the area of Cybercrime.

1 Introduction

Discussions of Cybercrime can be found in diverse sou-rces including academic journals, generalist computermagazines, newspaper articles and online; it has beenthe subject of movies, television programs and radiobroadcasts. However, despite an apparent acceptanceof and familiarity with the term, there exist dramaticallyvaried views of what Cybercrime

is

. This lack of defini-tional clarity is problematic as it impacts every facet of preventionandremediation.Inaddition,researchshows

S. Gordon ( B

)Symantec Security Response, 2500 Broadway,Santa Monica, CA 90494, USAe-mail: sarah.gordon@symantec.comR. FordDepartment of Computer Sciences, Florida Tech.,150 W. University Blvd, Melbourne, FL 32901, USAe-mail: richard.ford@fit.edu

that the number of people and businesses impacted byvarious types of perceived cybercrime is growing withno signs of declining [2,12,21].In

(2)

this paper we examine various dimensions of Cy-bercrime; after examining some of these definitions,

weo f f e r a m o r e i n c l u s i v e d e fi n i t i o n b e f o r e d e l i n e a t i n g t h e s e crimes into two subtypes. Further, we define the term“c ri me ware ”, now in

c o m m o n u s a g e b u t w i t h v a r i e d and often context-based definition, and illustrate thisdefinition‟s breadth of similarities and differences withexisting usages. Finally two case studies are provided, illustrating the varying effects of education and percep-tion with respect to Cybercrime on home users.

2 Definitions

Despite the fact that the word “Cybercri me ”has ente red into common usage, many people would find it hard

tod e fi n e t h e t e r m p r e c i s e l y . F u r t h e r m o r e , t h e r e i s n o c a t c h - all term for the tools and software which are used in

thec o m m i s s i o n o f c e r t a i n o n l i n e c r i m e s . I n t h e n e x t t w o s e c - tions, we will attempt to rigorously define Cybercrimeand formalize an emerging term, crimeware, which is aninclusive term for the many different Trojans,

Viruses,Bots, Spyware and Worms which are instrumental in facilitating certain Cybercrimes.2.1 CybercrimeLike traditional crime, Cybercrime has many differentf a c e t s a n d o c c u r s i n a w i d e v a r i e t y o f s c e n a r i o s a n d environments. Current definitions of Cybercrime haveevolved

experientially. They differ depending on the

Cyber Crime and Bangladesh PerspectivebyA.R.M. Borhanuddin (Raihan)Department of LawDhaka UniversityRamna, BangladeshCell: 01715112124INTRODUCTION

Advent of technology not only widens scientific horizon but also posesconstant challenges for the jurisprudence, legal system and legal world as a

whole.Computers, Internet and Cyberspace - together known as Information Technology –presents challenges for the law. Challenges, which are not confined, to any singletraditional legal category but in almost all established categories of law such asCriminal law, Contract, Tort, as well as legal concepts of property, expression,identity, movement etc. Existing legal system and framework has

shown inadequacy of law while dealing with Information Technology itself as well as while dealing withthe changes induced by the Information Technology in the way of our living. Thecourts throughout the world have been dealing with these problems. Presently, the law(Statutory or otherwise) providing answers to these problems or dealing with theInformation Technology is termed as „Computer Laws‟ or „Information TechnologyLaws‟ or „Cyberlaws‟.The term „cyber crime‟ is

(3)

a misnomer. The concept of cyber crime is notradically different from the concept of conventional crime. Both include conductwhether act or omission, which cause breach of rules of law and counterbalanced bythe sanction of the state. In general sense cyber crime can be defined as the use of computer technology to commit crime.

1

Before evaluating the concept of cyber crime it is obvious that the concept of conventional crime be discussed and the points of similarity and deviance betweenboth these forms may be discussed.

CONVENTIONAL CRIME

Crime is a social and economic phenomenon and is as old as the human society.Crime is a legal concept and has the sanction of the law. Crime or an offence is “alegal wrongthat can be followed by criminal proceedings which may result intopunishment.”

2

The hallmark of criminality is that, it is breach of the criminal law. Per Lord Atkin

“the criminal quality of an act cannot be discovered by reference to anystandard but one: is the act prohibited with penal consequences”.

3 1

Bohan and Haley (2002), page-209 2

Granville Williams 3

Proprietary Articles Trade Association v. A.G.for Canada (1932) - 1 -

A crime may be said to be any conduct accompanied by act or omission prohibited bylaw and consequential breach of which is visited by penal consequences.

CYBER CRIME

Cyber crime is the latest and perhaps the most complicated problem in the cyberworld. “Cyber crime may be said to be those species, of which, genus is theconventional crime, and where either the computer is an object or subject of theconduct constituting crime”. “Any criminal activity that uses a computer either as aninstrumentality, targetor a means for perpetuating further crimes comes within theambit of cyber crime”

(4)

A generalized definition of cyber crime may be “ unlawful acts wherein the computeris either a tool or target or both”

2

. The computer may be used as a tool in thefollowing kinds of activity- financial crimes, sale of illegal articles, pornography,online gambling, intellectual property crime, e-mail spoofing, forgery, cyberdefamation, cyber stalking. The computer may however be target for unlawful acts inthe following cases- unauthorized access to computer/ computer system/ computernetworks, theft of information contained in the electronic form, e-mail bombing, datadidling, salami attacks, logic bombs, Trojan attacks, internet time thefts, web jacking,theft of computer system, physically damaging the computer system.

DISTINCTION BETWEEN CONVENTIONAL AND CYBER CRIME

There is apparently no distinction between cyber and conventional crime. However ona deep introspection we may say that there exists a fine line of demarcation betweenthe conventional and cyber crime, which is appreciable. The demarcation lies in theinvolvement of the medium in cases of cyber crime. The sine qua non for cyber crimeis that there should be an involvement, at any stage, of the virtual cyber medium.

REASONS FOR CYBER CRIME Hart

in his work

“The Concept of Law” has said

„human beings are vulnerable sorule of law is required to protect them‟

. Applying this to the cyberspace we may saythat computers are vulnerable so rule of law is required to protect and safeguard themagainst cyber crime. The reasons for the vulnerability of computers may be said to be:

1. Capacity to store data in comparatively small space-

The computer has unique characteristic of storing data in a very small space. Thisaffords to remove or derive information either through physical or virtual mediummakes it much more easier.

2. Easy to access-

The problem encountered in guarding a computer system from unauthorised access isthat there is every possibility of breach not due to human error but due to the complex

1

Duggal Pawan 2

(5)

technology. By secretly implanted logic bomb, key loggers that can steal

accesscodes, advanced voice recorders; retina imagers etc. that can fool biometric systemsand bypass firewalls can be utilized to get past many a security system. 3. Complex-

The computers work on operating systems and these operating systems in turn arecomposed of millions of codes. Human mind is fallible and it is not possible that theremight not be a lapse at any stage. The cyber criminals take advantage of these lacunasand penetrate into the computer system.

4. Negligence-

Negligence is very closely connected with human conduct. It is therefore veryprobable that while protecting the computer system there might be any

negligence,which in turn provides a cyber criminal to gain access and control over the computersystem.

5. Loss of evidence-

Loss of evidence is a very common & obvious problem as all the data are routinelydestroyed. Further collection of data outside the territorial extent also paralyses thissystem of crime investigation.

CYBER CRIMINALS

The cyber criminals constitute of various groups/ category. This division may be justified on the basis of the object that they have in their mind. The following are thecategory of cyber criminals-

1. Children and adolescents between the age group of 6 – 18 years –

The simple reason for this type of delinquent behaviour pattern in children is seenmostly due to the inquisitiveness to know and explore the things. Other cognatereason may be to prove themselves to be outstanding amongst other

children in theirgroup. Further the reasons may be psychological even. E.g. the Bal Bharati (Delhi)case was the outcome of harassment of the delinquent by his

friends.

2. Organised hackers-

These kinds of hackers are mostly organised together to fulfill certain objective. Thereason may be to fulfill their political bias, fundamentalism, etc. The Pakistanis aresaid to be one of the best quality hackers in the world. They mainly target the Indiangovernment sites with the purpose to fulfill their political objectives. Further theNASA as well as the Microsoft sites is always under attack by the hackers. 3. Professional hackers / crackers –

(6)

Their work is motivated by the colour of money. These kinds of hackers are mostlyemployed to hack the site of the rivals and get credible, reliable and valuableinformation. Further they are ven employed to crack the system of the employerbasically as a measure to make it safer by detecting the loopholes. 4. Discontented employees-

This group include those people who have been either sacked by their employer or aredissatisfied with their employer. To avenge they normally hack the system of theiremployee.

MODE AND MANNER OF COMMITING CYBER CRIME:

1. Unauthorized access to computer systems or networks / Hacking-

This kind of offence is normally referred as hacking in the generic sense. However theframers of the

Information and Communication Technology Act, 2006

have no whereused this term so to avoid any confusion we would not

interchangeably use the wordhacking for „unauthorized access‟ as the latter has wide connotation.

2. Theft of information contained in electronic form-

This includes information stored in computer hard disks, removable storage

mediaetc. Theft may be either by appropriating the data physically or by tampering themthrough the virtual medium.

3. Email bombing-

This kind of activity refers to sending large numbers of mail to the victim, which maybe an individual or a company or even mail servers there by ultimately resulting intocrashing.

4. Data diddling-

This kind of an attack involves altering raw data just before a computer processes itand then changing it back after the processing is completed. The electricity boardfaced similar problem of data diddling while the department was being computerised.

5. Salami attacks-

This kind of crime is normally prevalent in the financial institutions or for the purposeof committing financial crimes. An important feature of this type of offence is that thealteration is so small that it would normally go unnoticed. E.g. the Ziegler casewherein a logic bomb was introduced in the bank‟s system, which deducted 10 centsfrom every account and deposited it in a particular account. 6. Denial of Service attack-

The computer of the victim is flooded with more requests than it can handle whichcause it to crash. Distributed Denial of Service (DDoS) attack is also a type of denial

(7)

of service attack, in which the offenders are wide in number and widespread. E.g.Amazon, Yahoo.

7. Virus / worm attacks-

Viruses are programs that attach themselves to a computer or a file and then circulatethemselves to other files and to other computers on a network. They usually affect thedata on a computer, either by altering or deleting it. Worms, unlike viruses do notneed the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on acomputer's memory. E.g. love bug virus, which affected at least 5 % of the computersof the globe. The losses were accounted to be $ 10 million. The world's most famousworm was the Internet worm let loose on the Internet by Robert Morris sometime in1988. Almost brought development of Internet to a complete halt.

8. Logic bombs-

These are event dependent programs. This implies that these programs are created todo something only when a certain event (known as a trigger event) occurs. E.g. evensome viruses may be termed logic bombs because they lie dormant all through theyear and become active only on a particular date (like the Chernobyl virus). 9. Trojan attacks-

This term has its origin in the word „Trojan horse‟. In software field this means anunauthorized programme, which passively gains control over another‟s system byrepresenting itself as an authorized programme. The most common form of installinga Trojan is through e-mail. E.g. a Trojan was installed in the computer of a lady filmdirector in the U.S. while chatting. The cyber criminal through the web cam installedin the computer obtained her nude photographs. He further harassed this lady.

10. Internet time thefts-

Normally in these kinds of thefts the Internet surfing hours of the victim are used upby another person. This is done by gaining access to the login ID and the

password.E.g. Colonel Bajwa‟s case- the Internet hours were used up by any other person. Thiswas perhaps one of the first reported cases related to cyber crime in India. Howeverthis case made the police infamous as to their lack of understanding of the nature of cyber crime.

11. Web jacking-

This term is derived from the term hi jacking. In these kinds of offences the

hackergains access and control over the web site of another. He may even mutilate or changethe information on the site. This may be done for fulfilling political objectives or formoney. E.g. recently the site of MIT (Ministry of Information Technology) washacked by the Pakistani hackers and some obscene matter was

(8)

placed therein. Furtherthe site of Bombay crime branch was also web jacked. Another case of web jacking is that of the „gold fish‟ case. In this case the site was hacked and the information pertaining to gold fish was changed. Further a ransom of US $ 1 million was

demanded as ransom. Thus web jacking is a process where by control over the site of another is made backed by some consideration for it.

CLASSIFICATION

The subject of cyber crime may be broadly classified under the following threegroups. They are-

1. Against Individualsa. their person &b. their property of an individual2. Against Organizationa. Governmentc. Firm, Company, Group of

Individuals.3. Against Society at large

The following are the crimes, which can be committed against the followingsgroup:

Against Individuals: –

i. Harassment via e-mails.ii. Cyber-stalking.iii. Dissemination of obscene

material.iv. Defamation.v. Unauthorized control/access over computer system.vi. Indecent exposurevii. Email spoofingviii. Cheating & Fraud

Against Individual Property: -

i. Computer vandalism.ii. Transmitting virus.iii. Netrespassiv. Unauthorized control/access over computer system.v. Intellectual Property crimesvi. Internet time thefts

Against Organization: -

i. Unauthorized control/access over computer systemii. Possession of unauthorized information.iii. Cyber terrorism against the government organization.iv.

Distribution of pirated software etc. Against Society at large: -

(9)

i. Pornography (basically child pornography).ii. Polluting the youth through indec ent exposure.iii. Traffickingiv. Financial crimesv. Sale of illegal articlesvi.Online gamblingvii. Forgery

The above mentioned offences may be discussed in brief as follows: 1. Harassment via e-mails-

Harassment through e-mails is not a new concept. It is very similar to

harassingthrough letters. Recently I had received a mail from a lady wherein she complainedabout the same. Her former boy friend was sending her mails

constantly sometimesemotionally blackmailing her and also threatening her. This is a very common type of harassment via e-mails.

2. Cyber-stalking-

The Oxford dictionary defines stalking as "pursuing stealthily". Cyber

stalkinginvolves following a person's movements across the Internet by posting messages(sometimes threatening) on the bulletin boards frequented by the victim, entering thechat-rooms frequented by the victim, constantly bombarding the victim with emailsetc.

3. Dissemination of obscene material/ Indecent exposure/ Pornography (basically child pornography) / Polluting through indecent exposure-

Pornography on the net may take various forms. It may include the hosting of web sitecontaining these prohibited materials. Use of computers for producing these obscenematerials. Downloading through the Internet, obscene materials. These obscenematters may cause harm to the mind of the adolescent and tend to deprave or corrupttheir mind. Two known cases of pornography are the Delhi Bal Bharati case and theBombay case wherein two Swiss couple used to force the slum

children for obscenephotographs. The Mumbai police later arrested them. 4. Defamation-

It is an act of imputing any person with intent to lower the person in the estimation of the right-thinking members of society generally or to cause him to be shunned oravoided or to expose him to hatred, contempt or ridicule. Cyber defamation is notdifferent from conventional defamation except the involvement of a virtual medium.E.g. the mail account of Rohit was hacked and some mails were sent from his accountto some of his batch mates regarding his affair with a girl with intent to defame him.

(10)

This activity is commonly referred to as hacking. The Indian law has however given adifferent connotation to the term hacking, so we will not use the term "unauthorizedaccess" interchangeably with the term "hacking" to prevent confusion as the term usedin the Act of 2000 is much wider than hacking. 5. E- mail spoofing-

A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it'sorigin to be different from which actually it originates. Recently spoofed mails weresent on the name of Mr. Na.Vijayashankar (naavi.org), which contained virus.Rajesh Manyar, a graduate student at Purdue University in Indiana, was arrested forthreatening to detonate a nuclear device in the college campus. The alleged e- mailwas sent from the account of another student to the vice president for student services.However the mail was traced to be sent from the account of Rajesh Manyar.(15)

6. Computer vandalism-

Vandalism means deliberately destroying or damaging property of another. Thuscomputer vandalism may include within its purview any kind of physical harm doneto the computer of any person. These acts may take the form of the theft of acomputer, some part of a computer or a peripheral attached to the computer or byphysically damaging a computer or its peripherals.

7. Transmitting virus/worms-

This topic has been adequately dealt herein above.

8. Intellectual Property crimes / Distribution of pirated software-

Intellectual property consists of a bundle of rights. Any unlawful act by which theowner is deprived completely or partially of his rights is an offence. The commonform of IPR violation may be said to be software piracy, copyright

infringement,trademark and service mark violation, theft of computer source code, etc.The Hyderabad Court has in a land mark judgement has convicted three people andsentenced them to six months imprisonment and fine of 50,000 each for

unauthorizedcopying and sell of pirated software. 1

9. Cyber terrorism against the government organization-

At this juncture a necessity may be felt that what is the need to distinguish

betweencyber terrorism and cyber crime. Both are criminal acts. However there is acompelling need to distinguish between both these crimes. A cyber crime is generallya domestic issue, which may have international consequences, however cyberterrorism is a global concern, which has domestic as well as

internationalconsequences. The common form of these terrorist attacks on the Internet is bydistributed denial of service attacks, hate websites and hate emails, attacks onsensitive computer networks, etc. Technology savvy terrorists are using

(11)

512-bitencryption, which is next to impossible to decrypt. The recent example may be cited

1

Deccan Herald 16.03.03

of – Osama Bin Laden, the LTTE, attack on America‟s army deployment

systemduring Iraq war.Cyber terrorism may be defined to be “ the premeditated use of disruptive activities,or the threat thereof, in cyber space, with the intention to further social, ideological,religious, politicalor similar objectives, or to

intimidate any person in furtherance of such objectives”. 1

Another definition may be attempted to cover within its ambit every act of cyberterrorism. A terrorist means a person who indulges in wanton killing of persons or inviolence or in disruption of services or means of communications essential to thecommunity or in damaging property with the view to –

(1) putting the public or any section of the public in fear; or (2) affecting adversely the harmony between different religious, racial, language or regional groups or castes or communities; or (3) coercing or overawing the government established by law; or (4) endangering the sovereignty and integrity of the nationand a cyber terrorist is the person who uses the computer system as a means or endsto achieve the above objectives. Every act done in pursuance thereof is an act

of cyber terrorism.

10. Trafficking-

Trafficking may assume different forms. It may be trafficking in drugs, human beings,arms weapons etc. These forms of trafficking are going unchecked because they arecarried on under pseudonyms. A racket was busted in Chennai where drugs werebeing sold under the pseudonym of honey.

11. Fraud & Cheating

Online fraud and cheating is one of the most lucrative businesses that are

growingtoday in the cyber space. It may assume different forms. Some of the cases of onlinefraud and cheating that have come to light are those pertaining to credit card crimes,contractual crimes, offering jobs, etc.Recently the Court of

Metropolitan Magistrate Delhi 2

found guilty a 24-year-old engineer working in a call centre, of fraudulently gaining the details of Campa'scredit card and bought a television and a cordless phone from Sony website.Metropolitan magistrate Gulshan Kumar convicted Azim

(12)

for cheating under IPC, butdid not send him to jail. Instead, Azim was asked to furnish a personal bond of Rs20,000, and was released on a year's probation. PROVISONS RELATING TO CYBER LAWS IN DIFFERENT COUNTRIES

The Indian parliament considered it necessary to give effect to the resolutionby which the General Assembly adopted Model Law on Electronic Commerce 1

Nagpal R- Defining Cyber Terrorism 2

Hindustan Times 03.03.03

dopted by the United Nations Commission on Trade Law. As a consequence of which the Information Technology Act 2000 was passed and enforced on 17th May2000.the preamble of this Act states its objective to legalise e-commerce and furtheramend the Indian Penal Code 1860, the Indian Evidence Act 1872, the Banker‟s Book Evidence Act1891 and the Reserve Bank of India

Act 1934. The basic purpose toincorporate the changes in these Acts is to make them compatible with the Act of 2000. So that they may regulate and control the affairs of the cyber world in aneffective manner.The Information Technology Act deals with the various cyber crimes in chapters IX& XI. The important sections are Ss. 43,65,66,67. Section 43 in particular deals withthe unauthorised access,

unauthorised downloading, virus attacks or any contaminant,causes damage, disruption, denial of access, interference with the service availed by aperson. This section provide for a fine up to Rs. 1 Crore by way of remedy. Section 65deals with „tampering with computer source documents‟ and provides forimprisonment up to 3 years or fine, which may extend up to 2 years or both. Section66 deals with „hacking with computer system‟ and provides for imprisonment up to 3years or fine, which may extend up to 2 years or both. Further section 67 deals

withpublication of obscene material and provides for imprisonment up to a term of 10years and also with fine up to Rs. 2 lakhs.

1

Here I like to present a list of cyber laws existing in different parts of the world:India

Information Technology Act, 2000Karnataka Cyber Cafe RegulationsGujarat Information technology Rules, 2004.IN Domain Name Dispute Resolution Policy (INDRP)Rules for Information Technology Act 2000Semiconductor Intergrated

(13)

Circuits Layout Design Act 2000Semiconductor Integrated Circuits Layout-Design

Rules, 2001.IN Domain Name Registration PolicyThe Information Technology

(Amendment) Bill, 2006MOVED: Req: Indian Telegraph Rules, 1951

USA

THE DIGITAL MILLENNIUM COPYRIGHT ACT OF 1998Deleting Online Predators Act of 2006Adam Walsh Child Protection and Safety Act, 2006CAN-SPAM Act 2003FTC's Guidelines for Internet AdvertisingUniform Domain Name Dispute Resolution PolicyComputer Fraud and Abuse ActFederal Trademark Act 1946 (The Lanham Act)

1

For the sake of convenience the readers are requested to read sections 43, 65, 66,67 of the InformationTechnology Act.

Children's Online Privacy Protection Act of 1998Wire Fraud (18 USC §1343)

Europe

Data Protection Act, 1998The Electronic Commerce (EC Directive) Regulations 2002Regulation of Investigatory Powers Act 2000European Model EDI

Agreement Legal ProvisionsUK Electronic Communications Act 2000UK:

Copyright and Rights in Databases RegulationsCouncil of Europe's Convention on Cybercrime 2001The British Code of Advertising, Sales Promotion ...UK: The Consumer Protection Regulations 2000UK: NOMINET Dispute Resolution Service Policy (Ver. 2)

Malaysia

Digital Signature Act, 1997

Singapore

Electronic Transaction Act, 1998

Pakistan

Electronic Crimes Act 2004 (Sec 1 to 18)Electronic Crimes Act 2004 (Sec 19 to 36)

Cyber Crime in Bangladesh Perspective: Its Efficacy in the Penal

Code, 1860 and Relevant Laws and Issues

Cyber crime can involve criminal activities that are traditional in nature, suchas theft, fraud, forgery, defamation and mischief, all of which are subject to penallaws of a country. The abuse of computers has also given birth to a gamut of new

(14)

agecrimes that are addressed by the special laws enacted to penalize these crimes. Forexample, in

Banlgadesh Tatha O Jogajog Projukty Ain 2006

(Information andCommunication Technology Act, 2006)

defines certain offences which does notcover by the Penal Code. In this regard, I like to say that the Penal Code, 1860 is noteffective enough in dealing with cyber crimes.The parliament of Bangladesh has enacted Information and

CommunicationTechnology Act, 2006 which defines certain activities as crime. So we can say that,the activities which made punishable under the

Information and Technology Act of 2006

shall be the cyber crimes for the territory of Bangladesh. The activities are-

1.

Mischief of computer and computer system 1

2.

Alteration of source code of commuter 2

3.

Hacking in computer system 3

4.

Publication of f alse, indecent and defamatory statement or information inelectronic form

4 5.

Access in reserve system 5

6.

(15)

False representation and concealment of information 6

7.

False electronic signaturecertificate 7 8. Transmission of secrecy 8 9.

Disclosing electronic signature for cheating 9

10.

Committing crime through computer. 10

Cyber Tribunal:

According to section 68 of the Information and Communication TechnologyAct, 2006 for the speedy and effective disposal of cases under this Act,

Governmentshall establish one or more cyber tribunal. The tribunal shall try only the offencesunder this Act and the Government shall determine the local

jurisdiction of thetribunal. In consultation with the Supreme Court, Government shallappoint onSessions Judge or Additional Sessions Judge as a judge of Cyber Tribunal.

11

Cyber tribunal shall take a case for trial –a)

upon the report of a police officer not below the rank of sub-inspector orb)

upon a complaint made by a controllerappointed under this Act or by anyother person authorized by the controller.

12

The trial procedure of cyber tribunal shall follow

chapter 23 of CriminalProcedure Code, 1893 (trial procedure by the Court of Sessions)

so far it isconsistent. If the accused is absconded, tribunal can try the case in absentia. In thiscase tribunal has to circular an order in two

(16)

bangla

newspaper to appear the accusedon a specified date. 13

Cyber tribunal shall apply the provisions of Criminal ProcedureCode and it shall have the same power, a Sessions Court empowered to apply in itsoriginal

jurisdiction. Public prosecutor shall conduct the case on behalf of theGovernment. 14

1

Section 54 of Information and Communication Technology Act, 2006 2 Ibid, S.55 3 Ibid, S.56 4 Ibid, S.57 5 Ibid, S.61 6 Ibid, S.62 7 Ibid, S.63 8 Ibid, S.64 9 Ibid, S.65 10 Ibid, S.66 11 Ibid, S. 68 (2) 12 Ibid, S. 69(1) 13 Ibid, S. 69 (4) 14 Ibid, S. 70 (2)

(17)

Tribunal shall conclude the trial within six months from the date of framingcharge. This period may be extended for three months. Tribunal shall pronounce

its judgment within ten days after the conclusion of trial which may be deferred for tendays.

1

Cyber Appellate Tribunal:

The Government shall establish one or more cyber appellate tribunal. Theappellate tribunal shall be constituted by one chairman and two members appointedby the Government. To be appointed as a chairman of Cyber Appellate Tribunal, hemust be either a former judge of the Supreme Court or existing judgeof the

SupremeCourt or is eligible to be appointed as a judge of the Supreme Court. 2

One of the twomembers of the tribunal shall be a retired District Judge or

employed in the judicialservice and the other member must be an experienced and skilled person ininformation and communication technology. They shall be

appointed for 3-5 years. 3

Cyber Appellate Tribunal shall have no original jurisdiction. It shall only hearand dispose of appeals from the order and judgment of the Cyber Tribunal andSessions Court in appropriate cases.

4

The decision of the appellate tribunal shall befinal and it shall have the power to alter, amend, and annul the order and judgment of the cyber tribunal. The appellate tribunal shall follow the appellate procedure of HighCourt Davison of the Supreme Court. Until cyber appellate tribunal is established,appeal may be heard by the High Court Division.

5

Real Scenario of Cyber Crime in Bangladesh

Bangladesh has been carrying out anti- cyber crime activities from last yearproviding training for a group of professionals and developing software. 29

Accordingto Deputy Inspector General (DIG) of the CID of the Police,

“as part of the strategy,the Crime Investigation Department (CID) o f t he Police would run a cyber crimelaboratory later if its plan went accordingly.

(18)

30

The DIG said by initiating the anti-cyber crime activities, Bangladesh had come to the age of combating high-techcrimes though no single cyber crime was recorded in the country. Earlier, AdditionalInspector General of Police (IGP) NBK Tripura said Bangladesh's steps to combat thecyber crimes had been praised at home and abroad.

"Many of our friends fromother countries have viewed that the steps are appropriate precautionary efforts,"

31

Tripurasaid adding that recently held three-day regional cyber crime seminar for the firsttime in November in Dhaka was a total success.Bangladesh had only 0.45 million Internet users in 2006 and the number of Internet hosts was 376 in 2007, according to available statistics. But the ratio of commercial users of Internet was significantly higher than household users. So, thelaw-enforcers should be prepared for resisting such high-tech crimes, which wereusually taking place in the

commercial sector, said another senior official. At present,the cyber crimes, including sending of porno pictures and cooked porno activities to

1 Ibid, S.73 2 Ibid, S. 82 (3) 3 Ibid 4 Ibid, S.83 5 Ibid, S.84

achieve particular targets, may take place, but those were isolated events, and thenumber were very few, he said referring his crime intelligence report.Basically, no notable cyber crime has yet been committed in Bangladesh. Thegradual

dependence and extensive use of computer and information technology by thefinancial institutions like bank, insurance company, and other

non-governmentorganizations increase the fear of commission of cyber crime here. Computer hasbeen used as a tool of crime like making forged certificates and documents for anumber of years in Bangladesh though the incident of targeting computer or computersystem is very unusual. Some of the incidents that bring the notice of the public are:E-mail threatening to the former Prime Minister

(19)

from a cybercafé.Hacking the mail of BRAC

Bangladesh.Stealing the transaction report of Dhaka Stock Exchange

through hacking .Inserting porno movies to the web site of Bangladesh National Parliament.Inserting the porno movies to the website of

Jamate Islami

Bangladesh.Inserting the porno movies to the website of the Daily Jugantor

newspaper.E-mail threatening to World Bank Dhaka Office

and the President of theUnited States George Bush.

PREVENTION OF CYBER CRIME

Prevention is always better than cure. It is always better to take certain

precautionwhile operating the net. A should make them his part of cyber life. Saileshkumar Zarkar

, technical advisor and network security consultant to the Mumbai PoliceCyber crime Cell, advocates the 5P mantra for online security: Precaution,

Prevention,Protection, Preservation and Perseverance. A netizen should keep in mind thefollowing things-1. To prevent cyber stalking avoid disclosing any information pertaining to oneself.This is as good as disclosing your identity to strangers in public place.2. Always avoid sending any photograph online

particularly to strangers and chatfriends as there have been incidents of misuse of the photographs.3. Always use latest and up date anti virus software to guard against virus attacks.4. Always keep back up volumes so that one may not suffer data loss in case of viruscontamination5. Never send your credit card number to any site that is not secured, to guard againstfrauds.6. Always keep a watch on the sites that your children are accessing to prevent anykind of harassment or

depravation in children.7. It is better to use a security programme that gives control over the cookies and sendinformation back to the site as leaving the cookies

unguarded might prove fatal. 1

Reported by BSS 2

The Financial Express, Dhaka, January 10, 2008. 3

(20)

8. Web site owners should watch traffic and check any irregularity on the site. Puttinghost-based intrusion detection devices on servers may do this.9. Use of firewalls may be beneficial.10. Web servers running public sites must be physically separate protected frominternal corporate network.

CONCLUSION

Capacity of human mind is unfathomable. It is not possible to eliminate cyber crimefrom the cyber space. It is quite possible to check them. History is the witness that nolegislation has succeeded in totally eliminating crime from the globe. The onlypossible step is to make people aware of their rights and duties (to report crime as acollective duty towards the society) and further making the

application of the lawsmore stringent to check crime. Undoubtedly the Act is a historical step in the cyberworld. Further I all together do not deny that there is a need to bring changes in the Information Technology Act to make it more effective to combat cyber crime. I would conclude with a word of caution for the

pro-legislation school that it should be kept in mind that the provisions of the cyber law are not made so stringent that it may retard he growth of the industry and prove to be counter-productive.

BIBLIOGRAPHY

1. The Penal Code, 1860 (Act No. XLV of 1860)

2. The Information and Communication Technology Act, 2006

3. Boham and Haley (2002)4.

4. Kumar Vinod – Winning the Battle against Cyber Crime

5. Kapoor G.V. - Byte by Byte6.

6. Mehta Dewang- Role of Police In Tackling Internet Crimes

7.Duggal Pawan – The Internet: Legal Dimensions

8. Hindustan Times 9. Sify News

(21)

10.Monjur Kader: Criminology (Cyber Crime) 11.Internet

http://www.scribd.com/doc/3399476/Cyber-Crime

National Check Fraud Center

Types and Schemes

of

White Collar Crime

TYPES OF WHITE COLLAR CRIME

1. Bank Fraud:

To engage in an act or pattern of activity where the purpose is to defraud a bank of funds.

(22)

A demand for money or other consideration under threat to do bodily harm, to injure property, to accuse of a crime, or to expose secrets.

3. Bribery:

When money, goods, services, information or anything else of value is offered with intent to influence the actions, opinions, or decisions of the taker. You may be charged with bribery whether you offer the bribe or accept it.

4. Cellular Phone Fraud:

The unauthorized use, tampering, or manipulation of a cellular phone or service. This can be accomplished by either use of a stolen phone,or where an actor signs up for service under false identification or where the actor clones a valid

electronic serial number (ESN) by using an ESN reader and reprograms another cellular phone with a valid ESN number.

5. Computer fraud:

Where computer hackers steal information sources contained on computers such as: bank information, credit cards, and proprietary information.

6. Counterfeiting:

Occurs when someone copies or imitates an item without having been authorized to do so and passes the copy off for the genuine or original item. Counterfeiting is most often associated with money however can also be associated with designer clothing, handbags and watches.

(23)

The unauthorized use of a credit card to obtain goods of value. 8. Currency Schemes:

The practice of speculating on the future value of currencies. 9. Embezz1ement:

When a person who has been entrusted with money or property appropriates it for his or her own use and benefit.

10. Environmental Schemes:

The overbilling and fraudulent practices exercised by corporations which purport to clean up the environment.

11. Extortion:

Occurs when one person illegally obtains property from another by actual or threatened force, fear, or violence, or under cover of official right.

12. Forgery:

When a person passes a false or worthless instrument such as a check or counterfeit security with the intent to defraud or injure the recipient. 13. Health Care Fraud:

(24)

being licensed and obtains monetary benefit for the service. 14. Insider Trading:

When a person uses inside, confidential, or advance information to trade in shares of publicly held corporations.

15. Insurance Fraud:

To engage in an act or pattern of activity wherein one obtains proceeds from an insurance company through deception.

16. Investment Schemes:

Where an unsuspecting victim is contacted by the actor who promises to provide a large return on a small investment.

17. Kickback:

Occurs when a person who sells an item pays back a portion of the purchase price to the buyer.

18. Larceny/Theft:

When a person wrongfully takes another person's money or property with the intent to appropriate, convert or steal it.

19. Money Laundering:

(25)

other embezzlement schemes so that it appears that its original source either cannot be traced or is legitimate.

20. Racketeering:

The operation of an illegal business for personal profit. 21. Securities Fraud:

The act of artificially inflating the price of stocks by brokers so that buyers can purchase a stock on the rise.

22. Tax Evasion:

When a person commits fraud in filing or paying taxes. 23. Telemarketing Fraud:

Actors operate out of boiler rooms and place telephone calls to residences and corporations where the actor requests a donation to an alleged charitable

organization or where the actor requests money up front or a credit card number up front, and does not use the donation for the stated purpose.

24. Welfare Fraud:

To engage in an act or acts where the purpose is to obtain benefits (i.e. Public Assistance, Food Stamps, or Medicaid) from the State or Federal Government. 25. Weights and Measures:

(26)

The act of placing an item for sale at one price yet charging a higher price at the time of sale or short weighing an item when the label reflects a higher weight.

TYPES OF WHITE COLLAR SCHEMES

1. Advanced Fee Schemes:

Actor induces victim to give him some type of advanced fee in return for a future benefit. The future benefit never occurs and victim never receives the advanced fee back.

2. Airport Scam:

Actor approaches victim in an airport stating that the newspaper stand cannot change his one hundred dollar bill and asks the victim for change. Victim provides actor with the change, actor returns to the store to get the one hundred dollar bill back, however, never returns to victim.

3. Auto Repair:

Actor hangs out around an auto repair shop and approaches victims who leave after getting estimates. Actor claims to do work off duty at a very low cost. Once actor has the car, inferior work is completed and victim cannot get the return of the car until the very high bill is paid.

4. Check Kiting:

A bank account is opened with good funds and a rapport is developed with the bank. Actor then deposits a series of bad checks but prior to their discovery, withdraws funds from the bank.

(27)

5. Coupon Redemption:

Grocery stores amass large amounts of coupons and redeem them to manufacturers when in fact merchandise was never sold.

6. Directory Advertising:

Actor either impersonates sales person from a directory company like the yellow pages or fraudulently sells advertising which the victim never receives.

7. Fortune Telling:

Actor advises victim that victim is cursed. Actor advises victim that the curse must be removed. Actor advises that she must meditate to the spirits and will require payment. Over a period of time, victim pays fortune teller thousands of dollars to remove curse.

8. Gypsies:

Actor states that victims money is cursed. In order to remove the curse, the money must be placed into a bag or box that the actor provides. The bag or box is

switched. Actor advises victim to perform certain rituals over the money and the curse will be removed. The bag or box cannot be opened for a period of time when it is opened, the money is gone.

9. Home Improvement:

Actor approaches a home owner with a very low estimate for a repair or improvement. Inferior or incomplete work is performed. Once the repairs are completed, actor intimidates the victim to pay a price much greater than the original estimate.

(28)

10. Inferior Equipment:

Actors travel around selling inferior equipment such as tools at high prices. 11. Jamaican Switch:

Actor #1 approaches a victim looking for the address of a prostitute. Actor #1 shows a large sum of money to the victim. Actor #2 arrives and tells Actor #1 where he can find the prostitute but cautions on taking all the money as the prostitute might rob him. Actor #1 asks the victim to hold the money for him. Actor #1 puts his money into a handkerchief with the victims money. Actor #1 shows the victim how to hide the money under his arm, inside his shirt while switching handkerchiefs. Victim takes the handkerchief and the parties split up, however, Actor #1 leaves with victims money.

12. Land Fraud:

Actor induces victim to purchase tracks of land in some type of retirement development which does not exist.

13. Odometer Fraud:

Unscrupulous used car salesman purchased used cars and turn back the odometers. The used car is sold at a higher price due to its low mileage. 14. Pigeon Drop:

Actor #1 befriends the victim. Actor #2 shows both Actor #1 and victim a "found" package containing a large amount of cash. Actor #1 insists that the found money be divided equally but only after each person puts up his own money to

(29)

later switched.

15. Police Impersonation:

Actor tells victim that his bank is being operated by fraudulent bank officers. Actor instructs victim to take money out of bank and place it into a good bank. After the money is withdrawn, the actor allegedly takes the money to the police station for safe keeping. The victim never sees the money again.

16. Ponzi:

An investment scheme where the actor solicits investors in a business venture, promising extremely high financial returns or dividends in a very short period of time. The actor never invests the money, however, does pay dividends. The

dividends consist of the newest investors funds. The first investors, pleased to receive dividends, encourage new investors to invest. This scheme falls apart when the actor no longer has sufficient new investors to distribute dividends to the old investors or the actor simply takes all the funds and leaves the area.

17. Pyramid:

An investment fraud in which an individual is offered a distributorship or

franchise to market a particular product. The promoter of the pyramid represents that although marketing of the product will result in profits, larger profits will be earned by the sale of franchises. For example, if a franchise price is $10,000.00, the seller receives $3,500.00 for every franchise sold. Each new franchise purchaser is presented with the same proposal so that each franchise owner is attempting to sell franchises. Once the supply of potential investors is exhausted, the pyramid collapses. Many times, there are no products involved in the franchise, simply just the exchange of money.

(30)

Victim is confused by actors speedy series of money exchanges and in the end, is short changed.

19. Shell Game:

Actor #1 manipulates a pea beneath three walnut shells or bottle caps. Actor #1 moves the caps around and shows victim the cap with the pea under it. With the encouragement of another player, also Actor #2, victim places larger and larger bets as to which cap contains the pea. The game is ended by Actor #1 when the take is large enough.

20. Utilities Impersonators:

Actor impersonates utilities employees by wearing jumpsuits with name tags. Actor approaches victim with story about a gas leak or electrical surge to gain entry to the home. Valuables are taken by actor.

21. VCR Scam:

Actor purports to sell new VCR's or televisions at an extremely low cost due to his connections. Victim pays for the VCR or television only to discover that the box has been filled with rocks.

22. West African Investment Scams:

Actors target businesses and obtain business' bank account information from which all funds are later withdrawn.

(31)

Copyright © 1995-2011, National Check Fraud Center All Rights Reserved

References

Related documents

For the second course the students can choose from either Introduction to Programming (ITEC 2120) or Digital Media (ITEC 2110). Our enrollment indicates that most non-major

The UK's major supermarket chains dominate the private label market and on average 47 percent of products in their stores are private label.. Originally, private label goods were

Besides signal analysis, complex-smoothed transfer functions have been successfully applied for loudspeaker- room response equalization, where the complex-smoothed impulse response

• Make it easier to navigate through and understand content of lar Make it easier to navigate through and understand content of lar ge ge amounts of free text: individual

Asset utilisation Shareholder Value Shareholder Value Profit Profit Invested Capital Invested Capital Sales Sales Costs Costs Fixed Capital Fixed Capital Working Capital Working

The combination of large volume cryogenic headspace injection with two-dimensional chromatography allowed resolution and detection of low amounts of trace volatile

characteristics in separate models, I found that older adults who reside in communities where a greater percentage of the population is rural were less likely to coreside with