BY:
WHAT IS CYBER
WHAT IS CYBER
CRIME?
CRIME?
Cyber crime
Cyber crime
refers to any crime
refers to any crime
that involves a
that involves a computer/mobil
computer/mobile
e
and a network. The computer may
and a network. The computer may
have been used in the
have been used in the
commission of a crime, or it may
commission of a crime, or it may
be the target.
WHAT IS CYBER
WHAT IS CYBER
CRIME?
CRIME?
Cyber crime
Cyber crime
refers to any crime
refers to any crime
that involves a
that involves a computer/mobil
computer/mobile
e
and a network. The computer may
and a network. The computer may
have been used in the
have been used in the
commission of a crime, or it may
commission of a crime, or it may
be the target.
INTRODUCTION
INTRODUCTION
The internet in India
The internet in India
is growing
is growing rapidly.
rapidly.
It has given rise to
It has given rise to new opportunities in
new opportunities in
every field we can think of – e
every field we can think of – e it
it
entertain!ent" usiness" sports or
entertain!ent" usiness" sports or
education.
education.
There are two sides to a coin. Internet
There are two sides to a coin. Internet
also has its own disadvantages. One of the
also has its own disadvantages. One of the
!a#or disadvantages is
!a#or disadvantages is Cyer cri!e
Cyer cri!e
–
–
illegal activity co!!itted on the
HISTORY OF CYBER CRIME
HISTORY OF CYBER CRIME
In 182, !oseph"#arie !ac$uard
In 182, !oseph"#arie !ac$uard, a te%tile, a te%tile manufacturer in
manufacturer in &rance&rance, produced the loom., produced the loom.
This device allowed the repetition of a series of This device allowed the repetition of a series of steps in the weaving of special fabrics.
steps in the weaving of special fabrics. This resulted in a fear
This resulted in a fear amongstamongst !ac$uard's!ac$uard's
employees
employees that their that their traditional employmenttraditional employment and livelihood were being threatened.
and livelihood were being threatened. They committed acts of sabotage to They committed acts of sabotage to
discourage !ac$uard from further use of t
discourage !ac$uard from further use of thehe
new technology. This is the first recorded cyber new technology. This is the first recorded cyber crime.
INDIA STANDS 11
INDIA STANDS 11THTH IN THE RANKIIN THE RANKING FOR CYBENG FOR CYBER CRIME R CRIME IN THE WORLIN THE WORLD,D,
CONSTITUTING 3% OF THE GLOBAL CYBER CRIME.
( rapidly growing online user base
121 #illion Internet )sers
*+ #illion (ctive Internet )sers, up by
28 from +1 million in 21
+ #illion users shop online on
-commerce and nline hopping ites
0* #illion ocial etwork )sers
30* million mobile users had
subscribed to 4ata 5ackages. 6ource7
I(#(I !u%t we are social 2119
Cost Of Cyber Crime In India (2010)
2:.: million people fell victim to
cybercrime,
;0 billion in direct financial losses,
;3.* billion in time spent resolving the
crime,
0 in + online adults 689 have been a
victim of <ybercrime,
1= of adults online have e%perienced
cybercrime on their mobile phone.
The police have recorded 3,38 cases but made only 2,= arrests in 3 years 6between 2= and 219
India registered only 1,3+ cases under the IT (ct and I5< in 21 + of cybercrimes are not even reported
( total number of :, 11:, 2+2 and 21: ?overnment websites tracked by the Indian <omputer -mergency >esponse Team 6<->T"In9 were hacked / defaced by various hacker groups in the year 28, 2:, 21 and !an@ct 211 respectively
-asy to learn how to commit
>e$uire few resources relative
to the potential damage caused
<an be committed in a
Aurisdiction without being
physically present in it
(re often not clearly illegal
H O W T D I FF E R S F R O M T E R R E S T R I A L C R I E ?
TYPES
Cyber Crime refers to all activities done
with criminal intent in cyberspace. These fall into three slots.
Cyberspace is the electronic medium of
computer networks in which online communication takes place.
1. Those against persons.
2. (gainst Business and on"business organiCations.
<omputer as a tool
<omputer as a target
<omputer as an
instrumentality
<rime associated with
prevalence of
computers
COMPUTER AS A
TOOL
•
Dhen the individual is the main
target of the crime the computer
can be considered as a tool rather
than target.
•
These crimes are not done by
technical e%perts.
•
-g7 pam, cyber stalking , cyber
COMPUTER AS A
TARGET
•
These crimes are committed by
a selected group of people with
technical knowledge.
•
4estruction of information in
the computer by spreading
virus.
-g 7 4efacement, cyber terrorism
etc.
COMPUTER AS AN INSTRUMENTALITY
•
The crime is committed by
manipulating the contents of
computer systems.
•
Dith the advent of computer the
criminal have started using the
technology as an aid for its
perpetuation.
-g7 4rug trafficking, money
laundering etc
CRIME ASSOCIATED WITH
PREVALENCE OF COMPUTERS
•
<opyright violation
•
#aterial copied from sources
that are not public domain or
compatibly licensed without
the permission of copyright
holder.
•
<opyright violation causes
legal issues.
CYBER CRIME VARIANTS
Hacking
EFackingE is a crime, which entails
cracking systems and gaining unauthoriCed access to the data stored in them.
<yber $uatting
<yber $uatting is the act of registering a famous 4omain ame and then selling it for a fortune.
5hishing
(c$uiring information such as usernames, password and credit card details by
disguising as a trustworthy entity.
India is among the top 1+ countries hosting EphishingE sites which aims at stealing
confidential information such as passwords and credit card details.
ale of illegal articles includes selling of narcotic drugs, weapons, wildlife etc to terrorists.
-mail bombing refers to sending a large amount of e"mails to the victim resulting in crashing of victims e"mail account or mail servers.
4ata diddling is a kind of an attack which involves altering of raw data Aust before it is processed by a computer and then changing it back after the processing is completed.
Intellectual 5roperty <rimes includes
software piracy, copyright infringement, trademarks violations etc.
Theft of information contained in electronic form"This includes information stored in
computer hard disks, removable storage media etc.
Deb defacement is usually the substitution of the original home page of a website with another page 6usually pornographic or
<yber 4efamation occurs when
defamation takes place with the help
of computers and or the Internet e.g.
e"mail containing defamatory
information about that person.
Dhat is defamationG
4efamation is the act of
harming the reputation of person by
making a false statement to another.
<yber talking refers to the use of the Internet, e"mail, or other electronic
communications devices to stalk another person.
talking generally involves harassing or threatening behaviour that an individual engages in repeatedly, such as following a person, appearing at a person's home or
place of business, making harassing phone calls, leaving written messages or obAects, or vandaliCing a person's property.
TroAan Forse"( TroAan as this program is aptly called, is an unauthoriCed program which
functions from inside what seems to be an
authoriCed program, thereby concealing what it is actually doing.
Internet Time Theft "This connotes the usage by unauthoriCed persons of the Internet hours paid for by another person.
Deb Aacking "This occurs when someone
forcefully takes control of a website 6by cracking the password 9. The actual owner of the website does not have any more control over what
Hogic bombs are dependent programs.
This implies that these programs are
created to do something only when a
certain event occurs, e.g. some viruses
may be termed logic bombs because
they lie dormant all through the year and
become active only on a particular date.
-"#ail spoofing "( spoofed email is one
that appears to originate from one
source but actually has been sent from
another source. This can also be termed
as -"#ail forging
alami attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed e.g. ( bank employee inserts a program into banks
servers, that deducts a small amount from the account of every customer.
<lick Aacking is a form of cyber attack where the hacker uses an invisible layer over the embedded web content 6this could be an
image, video or button9 to intercept and JhiAack you to a mirror website and mine information from you.
<yber terrorism is the premeditated use of disruptive activities, or the threat thereof, in cyber space, with the intention to further
social, ideological, religious, political or similar obAectives, or to intimidate any person in
furtherance of such obAectives.
-g7 ( simple propaganda in the Internet/#, that there will be bomb attacks during the
holidays
#obile pickpocketing 6#/call fraud9, or the ability to charge a phone bill via # billing and phone calls. #alware uses these
mechanisms to steal directly from user accounts.
Keyloggers are regularly used in
computers to log all the strokes a
victim makes on the keyboard.
-g7 If a key logger is installed on a
computer which is regularly used
for online banking and other
financial transactions then their
passwords can be taken without the
knowledge of the user
CYBER LAW
<yber law is a generic term which refers to all the legal and regulatory aspects of
Internet and the Dorld Dide Deb. (nything concerned with or related to or emanating from any legal aspects or issues
concerning any activity of citiCens in and concerning <yberspace comes within the ambit of <yber law.
Stored Communications Act which is passed in
1:8* is focused on protecting the confidentiality, integrity and availability of electronic
communications that are currently in some form of electronic storage
Digital Millennium Copyright Act which is passed in
1::8 is a )nited tates copyright law that
criminaliCes the production and dissemination of technology, devices
Electronic Communications Privacy Act of 1:8*
e%tends the government restrictions on wiretaps from telephones.
Internet Spyware Prevention Act
6I"5L9
prohibits the implementation and use of
spyware.
Gramm-each-!liley Act
6?HB(9 re$uires
financial institutions and credit
agencies increase the security of
systems that contain their customers
personal information.
Identity "he#t and Aggravated Identity
"he#t
defines the conditions under
which an individual has violated
identity theft laws.
)nder The Information Technology (ct, 2
<F(5T-> MI @ &&-<- @ **. Facking with computer system.
Dhoever with the Intent to cause or knowing that he is likely to cause Drongful Hoss or
4amage to the public or any person 4estroys or 4eletes or (lters any Information >esiding in a <omputer >esource or diminishes its value or utility or affects it inAuriously by any means, commits hack.
629 Dhoever commits hacking shall be punished with imprisonment up to three years, or with fine which may e%tend up to two lakh rupees, or with both.
Information Technology (mendment (ct, 28
ection @ 03,
4estroys, 4eletes or (lters any Information residing in a computer resource or diminishes its value or utility or affects it inAuriously by any means
teals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any
computer source code used for a computer resource with an intention to cause damage
NIf any person, dishonestly, or fraudulently, does any act referred to in section 03, he shall be
punishable with imprisonment for a term which may e%tend to two three years or with fine which may
.**( " 5unishment for sending offensive messages through communication service, etc
(ny person who sends, by means of a computer resource or a communication device
(ny information that is grossly offensive or has menacing character or
(ny information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, inAury, criminal intimidation, enmity, hatred, or ill will, persistently makes by making use of such computer resource or a
communication device
(ny electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages hall be punishable with imprisonment for a term which may e%tend to three years and with fine.
. **< " 5unishment for identity theft
NDhoever, fraudulently or dishonestly make use of the electronic signature, password or any other uni$ue
identification feature of any other person, shall be
punished with imprisonment of either description for a term which may e%tend to three years and shall also be liable to fine which may e%tend to rupees one lakhO . **4 " 5unishment for cheating by personation by using computer resource
NDhoever, by means of any communication device or computer resource cheats by personation, shall be
punished with imprisonment of either description for a term which may e%tend to three years and shall also be liable to fine which may e%tend to one lakh rupees. N
. **- " 5unishment for violation of privacy.
NDhoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person
without his or her consent, under circumstances violating the privacy of that person, shall be punished with
imprisonment which may e%tend to three years or with fine not e%ceeding two lakh rupees, or with bothO
. *= ( " 5unishment for publishing or transmitting of
material containing se%ually e%plicit act, etc. in electronic form
NDhoever publishes or transmits or causes to be published or transmitted in the electronic form any
material which contains se%ually e%plicit act or conduct shall be punished on first conviction with imprisonment of either description for a term which may e%tend to five years and with fine which may e%tend to ten lakh rupeesO
. *= < " 5reservation and >etention of information by intermediaries.
N619 Intermediary shall preserve and retain such information as may be specified for such
duration and in such manner and format as the <entral ?overnment may prescribe.
629 (ny intermediary who intentionally or
knowingly contravenes the provisions of sub section 619 shall be punished with an
imprisonment for a term which may e%tend to three years and shall also be liable to fine.O
ARRESTS & REPORTS
UNDER IT ACT
)nder the IT (ct, :** cybercrime cases were filed in 21
02 in 2:9
?eographic breakdown of cases reported7 1+3 from Karnataka, 108 from Kerala 102 from #aharashtra 1+ (ndhra 5radesh +2 >aAasthan +2 5unAab
233 persons were arrested in 21
33 of the cases registered were related to hacking
ARRESTS & REPORTS
UNDER IPC
)nder the I5<,
3+* cybercrime cases were registered in 21 62=* cases in 2:9
?eographic breakdown of cases reported "" 10 from #aharashtra
** (ndhra 5radesh 0* <hhattisgarh
The maAority of these crimes were either forgery or fraud cases.
SAFETY TIPS TO AVOID
CYBERCRIME
• )se anti"virus software and firewalls " keep
them up to date
• Keep your operating system up to date with critical security updates and patches
• 4on't open emails or attachments from
unknown sources
• )se hard"to"guess passwords. 4ont use
words found in a dictionary. >emember that password cracking tools e%ist
• Back"up your computer data on disks or
•
4on't share access to your computers
with strangers
•
If you have a Di"&i network, password
protect it
•
4isconnect from the Internet when not
in use
•
>e evaluate your security on a regular
basis
•
#ake sure your employees and family
FORENSICS
The use of science and technology to
investigate and establish facts in
criminal or civil courts of law.
?oal of computer forensics is to
e%amine digital media in a forensically
sound manner with the aim of
identifying, preserving, recovering,
analyCing and presenting facts and
opinions about the information.
HISTORY
#ichael (nderson
N&ather of computer forensicsO
special agent with I>
#eeting in 1:88 65ortland, regon9
creation of I(<I, the International
(ssociation of <omputer Investigative
pecialists
the first eiCed <omputer -vidence
>ecovery pecialists 6<->9 classes
held
WHY?
The main task or the advantage from the computer forensic is to catch the culprit or the criminal who is involved in the crime related to the computers.
<omputer forensics has emerged as important part in the disaster recovery management
(bility to search through a massive amount of data" Suickly, Thoroughly and In any language
The importance lies mainly in handling criminal actions such as fraud, phishing, identity theft or many other criminal activities
WHAT CYBER FORENSICS AIMS AT?
Identify root cause of an event to ensure it wont happen again
@ #ust understand the problem before you can be sure it wont be e%ploited again.
Dho was responsible for the eventG
#ost computer crime cases are not prosecuted @ <onsider acceptability in court of law as our standard for investigative practice.
@ )ltimate goal is to conduct
investigation in a manner that will stand up to legal scrutiny.
STEPS FOR COMPUTER FORENSICS
•
(c$uisition
•
Identification
•
-valuation
DISADVANTAGES
It may happen in some cases that the privacy of the client is compromised.
There are also the chances of introduction of some malicious programs in the computer system that may corrupt the data at a later stage of time.
It is also possible that the data is in dispute and neither of the disputing parties can use the data. 4ue to this
reason the business operations may also be affected. 5roducing electronic records U preserving them is
e%tremely costly
Hegal practitioners must have e%tensive computer knowledge and vice versa
EDWARD JOSEPH SNOWDEN (BORN JUNE 21, 1!"# IS AN AMERICAN COMPUTER
SPECIALIST AND FORMER CIA EMPLOYEE AND NSA
CONTRACTOR WHO
DISCLOSED CLASSIFIED DETAILS OF SEVERAL TOP SECRET UNITED STATES, ISRAELI, AND BRITISH GOVERNMENT MASS
SURVEILLANCE PROGRAMS TO THE PRESS. HE IS LIVING IN RUSSIA UNDER
TEMPORARY POLITICAL
ASYLUM AND IS CONSIDERED A FUGITIVE FROM JUSTICE BY AMERICAN AUTHORITIES, WHO HAVE CHARGED HIM
WITH ESPIONAGE AND THEFT OF GOVERNMENT PROPERTY.