CYBER CRIME
INTRODUCTION:
The first recorded cyber crime took place in the year 1820! That is not surprising considering the fact that the abacus, which is thought to be the earliest form of a computer, has been around since 3500 B.C. in India, Japan and China. The era of modern computers, however, began with the analytical engine of Charles Babbage.
In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber crime!
DEFINITION:
The Cambridge dictionary defines Cyber Crimes as Crimes committed with the use of computers or relating to computers, especially through the Internet. Universally, Cyber Crime is understood as "an unlawful act where in the computer is either a tool or a target or both".
Cyber Crimes are different from conventional crimes as in cyber crimes; the crime is committed in an electronic medium and here mens rea is not a requirement but is rather a general rule under the penal provisions of the Information Technology Act. The element of mens rea in Internet crimes is that the offender must have been aware at the time of causing the computer to perform the function that the access thus intended to be secured was unauthorized.
CLASSIFICATIONS:
The Information Technology Act deals with the following cyber crimes along with others:
Tampering with computer source documents:
A person who knowingly or intentionally, conceals (hides or keeps secret), destroys (demolishes or reduces), alters (change in characteristics) or causes another to conceal, destroy, and alter any computer source code used for a computer, computer program, computer system or computer network, when the computer source code is required to be kept or maintained by law is punishable.
For instance, hiding the C.D.ROM in which the source code files are stored, making a C File into a CPP File or removing the read only attributes of a file.
Hacking:
Hacking is usually understood to be the unauthorized access of a computer system and networks. Originally, the term "hacker" describes any amateur computer programmer who discovered ways to make software run more efficiently. Hackers usually "hack" on a problem until they find a solution, and keep trying to make their equipment work in new and more efficient ways. A hacker can be a Code Hacker, Cracker or a Cyber Punk.
Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by means is said to commit hacking.
Publishing of information, which is obscene in electronic form:
A person who publishes or transmits or causes to be published in the electronic form, any material which is lascivious, or if its effect is such as to tend to deprave and corrupt persons who are likely to read, see or hear the matter contained or embodied in it, is liable to punishment. The important ingredients of such an offence are publishing (make generally known or issue copies for sale to public), or transmitting (transfer or be a medium for), or causing to be published (to produced the effect of publishing), pornographic material in the electronic form.
Child Pornography:
Child Pornography is a part of cyber pornography but it is such a grave offence that it is individually also recognized as a cyber crime. The Internet is being highly used by its abusers to reach and abuse children sexually, worldwide. The Internet is very fast becoming a household commodity in India. Its explosion has made the children a viable victim to the cyber crime. As more homes have access to Internet, more children would be using the Internet and more are the chances of falling victim to the aggression of pedophiles. The pedophiles use their false identity to trap children and even contact them in various chat rooms where they befriend them and gain personal information from the innocent preys. They even start contacting children on their e-mail addresses. These pedophiles drag children to the net for the purpose of sexual assault or so as to use them as a sex object.
Accessing protected system:
Any unauthorized person who secures access or attempts to secure access to a protected system is liable to be punished with imprisonment and may also be liable to fine.
Breach of confidentiality and privacy :
Any person who, secures access to any electronic record, book, register, correspondence, information, document or other material without the consent of the person concerned or discloses such electronic record, book, register, correspondence, information, document or other material to any other person shall be liable to be punished under the Information Technology Act.
CYBER STALKING
Although there is no universally accepted definition of cyber Stalking, it is generally defined as the repeated acts of harassment or threatening behavior of the cyber criminal towards the victim by using Internet services. Stalking in General terms can be referred to as the repeated acts of harassment targeting the victim such as following the victim, making harassing phone calls, killing the victims pet, vandalizing victims property, leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harms to the victim. It all depends on the course of conduct of the stalker.
What does a cyber stalker look like?
Cyber stalkers can be categorized into 3 types. (Sometimes these categories may overlap).
1) The common obsession cyber stalker
The common obsess ional stalker refuses to believe that their relationship is over. Do not be misled by believing this stalker is harmlessly in love.
2) The delusional cyber stalker
The next type is the delusional stalker. They may be suffering from some mental illness like schizophrenia etc & have a false belief that keeps them tied to their victims. They assume that the victim loves them even though they have never met. A delusional stalker is usually a loner & most often chooses victims who are married woman, a celebrity or doctors, teachers, etc.. Those in the noble & helping professions like doctors, teachers etc are at often at risk for attracting a delusional stalker. Delusional stalkers are very difficult to shake off.
3) The vengeful cyber stalker.
These cyber stalkers are angry at their victim due to some minor reason- either real or imagined. Typical examples are disgruntled employees. These stalkers may be stalking to get even & take revenge and believe that "they" have been victimized. Ex-spouses can turn into this type of stalker.
CYBER SQUATTING
Cyber squatting is the obtaining of a domain name in order to seek payment from the owner of the trademark, (including business name, trade name, or brand name), and may include typo squatting (where one letter is different).
A trademark owner can prevail in a cyber squatting action by showing that the defendant, in bad faith and with intent to profit, registered a domain name consisting of the plaintiff's distinctive trademark. Factors to determine whether bad faith exists are the extent to which the domain name contains the registrant's legal name, prior use of the domain name in connection with the sale of goods and services, intent to divert customers from one site to another and use of false registration information and the registrant's offer to sell the domain name back to the trademark owner for more than out-of -pocket expenses.
DATA DIDDLING
This kind of an attack involves altering the raw data just before a computer processes it and then changing it back after the processing is completed.
The NDMC Electricity Billing Fraud Case that took place in 1996 is a typical example. The computer network was used for receipt and accounting of electricity bills by the NDMC, Delhi. Collection of money, computerized accounting, record maintenance and remittance in the bank was exclusively left to a private contractor who was a computer professional. He misappropriated huge amount of funds by manipulating data files to show less receipts and bank remittances.
CYBER DEFAMATION
Any derogatory statement, which is designed to injure a person's business or reputation, constitutes cyber defamation. Defamation can be accomplished as libel or slander. Cyber defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person’s friends.
TROJAN ATTACK
A Trojan, the program is aptly called an unauthorized program which functions from inside what seems to be an authorized program, thereby concealing what it is actually doing.
FORGERY
Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using sophisticated computers, printers and scanners. It is very difficult to control such attacks. For e.g. across the country students buy forged mark sheets for heavy sums to deposit in college.
FINANCIAL CRIMES
This would include cheating, credit card frauds, money laundering etc. such crimes are punishable under both IPC and IT Act. A leading Bank in India was cheated by misappropriation of funds by manipulation of computer records regarding debit and credit accounts.
INTERNET TIME THEFT
This can notes the usage by an unauthorized person of the Internet hours paid for by another person. This kind of cyber crime was unheard until the victim reported it. This offence is usually covered under IPC and the Indian Telegraph Act.
VIRUS/WORM ATTACK
Virus is a program that attaches itselves to a computer or a file and then circulates to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory.
E-MAIL SPOOFING
It is a kind of e-mail that appears to originate from one source although it has actually been sent from another source. Such kind of crime can be done for reasons like defaming a person or for monetary gain etc. E.g. if A sends email to B’s friend containing ill about him by spoofing B’s email address, this could result in ending of relations between B and his friends.
EMAIL-BOMBING
Email bombing means sending large amount of mails to the victims as a result of which their account or mail server crashes. The victims of email bombing can vary from individuals to companies and even the email service provider.
SALAMI ATTACK
This is basically related to finance and therefore the main victims of this crime are the financial institutions. This attack has a unique quality that the alteration is so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a programme whereby a meager sum of Rs 3 is deducted from customers account. Such a small amount will not be noticeable at all.
WEB JACKING
This term has been taken from the word hijacking. Once a website is web jacked the owner of the site looses all control over it. The person gaining such kind of an access is called a hacker who may even alter or destroy any information on the site.
CYBER CRIME VS CYBER TERRORISM
Cyber crime and cyber terrorism are both crimes of the cyber world. The difference between the two however is with regard to the motive and the intention of the perpetrator.
While a cyber crime can be described simply as an unlawful act wherein the computer is either a tool or a target or both, cyber terrorism deserves a more detailed definition. One can define cyber terrorism as a premeditated use of disruptive activities or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives.
Motives behind any Attacks are:
1. Putting the public or any section of the public in fear; or
2. Affecting adversely the harmony between different religious, racial, language or regional groups or castes or communities; or
3. Coercing or overawing the government established by law; or
4. Endangering the sovereignty and integrity of the nation.
CYBER CRIMINALS
Any person who commits an illegal act with a guilty intention or commits a crime is called an offender or a criminal. In this context, any person who commits a Cyber Crime is known as a Cyber Criminal. The Cyber Criminals may be children and adolescents aged b/w 6-18 years, they may be organized hackers, may be professional hackers or crackers, discontented employees, cheaters or even psychic persons.
ADJUDICATING AUTHORITIES:
The Information Technology Act provides for appointment of a Controller of Certifying Authorities as also the Deputy and Assistant Controllers. The main functions of the Controller are to license, certify, monitor and oversee the activities of the certifying authorities. Also, failure to comply with the direction of the Controller would lead to serious consequences.
An Act to provide legal recognition for transactions carried out by means of electronic data interchange and other means of electronic communication, commonly referred to as "Electronic Commerce", which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies and further to amend the Indian Penal Code, the Indian Evidence Act, 1872, the Bankers' Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 and for matters connected therewith or incidental thereto.
The Information Technology Act also provides for the establishment of appellate tribunals known as Cyber Regulations Appellate Tribunal (CRAT). It provides that any person who is aggrieved by an order made by the Controller or Adjudicating officer may file an appeal with the CRAT. The CRAT is required to follow the principles of natural justice in deciding matters and has the same powers as are vested in the civil court under the Code of Civil Procedure, 1908. Any person who is aggrieved by the decision or the order of the CRAT may file an appeal to the High Court on any question of fact or law. The CRAT and the Adjudicating officer have the exclusive jurisdiction to entertain any suit and no injunction can be granted by any court or other authority against the action taken by them under the Act.
JURISDICTIONAL PROCEDURE
Jurisdiction is the power of the court to hear and determine a case, in the absence of which the judgment is impotent and ineffective. The basic problem with the Internet Jurisdiction is the presence of multiple parties in different parts of the world. Therefore in Internet it is difficult to establish with certainty as to the place where the defendant resides or where the cause of action took place. The popular contention is for the establishment of the ‘Law of Cyber Space’ thereby making Earth as the Jurisdictional venue for all Internet Crimes and related matters.
The Information Technology Act, 2000 extends to whole of India and also envisages any offence or contravention there under committed outside India by any person. Thus it confers extra-territorial jurisdiction on Indian courts and empowers them to take cognizance of offences committed outside India even by foreign nationals provided that such offence involves a computer, computer system on computer network located in India.
Further, any person irrespective of his territorial location and nationality using a computer located in India to commit an offence or contravention outside India is also liable under the Information Technology Act.
Cyber Crime Investigation Cell:
The Central Bureau of Investigation (C.B.I) in India set up a ‘Cyber Crime Investigation Cell’ and "Cyber Crime Research &Development Unit" (CCRDU) to collect and collate information on cyber crimes reported from different parts of the country.
The function of this is to liaise with State Police and other enforcement agencies and to collect information on cases of Cyber Crime reported to them for investigation and also find out about the follow-up action taken in each case. The Unit liaises with software experts to identify areas that require attention of State Police for prevention &detection of such crimes with a view to train them for the task. It collects information on the latest cases reported in other countries and the innovations employed by Police Forces in those countries to handle such cases.
MEASURES TO PREVENT CYBER CRIME:
The Information Technology Act 2000 was passed when the country was facing the problem of growing cyber crimes. Since the Internet is the medium for huge information and a large base of communications around the world, it is necessary to take certain precautions while operating it.
Any person who operates the net should always abide by and following principles:
* He should not disclose any personal information to any one and especially to strangers.
* Updated and latest anti-virus software should be used to protect the computer system against virus attacks.
* While chatting on the net one should avoid sending photographs to strangers along with personal data as it can be misused.
* Backup volumes of the data should always be kept to prevent loss from virus contamination.
* Children should be prevented from accessing obscene sites by the parents to protect them from spoiling their mind and career.
* A credit card number shall never be sent to an unsecured site to prevent fraud or cheating.
* Effort shall be made to make a security code and program to guard the computer system from misuse.
* Routers and firewalls can be used to protect the computer network.
* A check should be kept on the functioning of cyber cafes and any mishappening shall be reported to the concerned authorities.
* Efforts should be made to discourage misuse of computers and access to unauthorized data.
CONCLUSIONS:
Change is the essence of life. What seems impeccable and indestructible today might not remain the same tomorrow. Internet, being a global phenomenon is bound to attract many crimes. India has taken a key step in curbing Cyber Crimes by the enactment of the Information Technology Act and by giving exclusive powers to the police and other authorities to tackle such crimes.
Similar efforts have been made by various countries to fight this menace by enacting national legislations but in the long run, they may not prove to be as beneficial as desired. An effort is still wanted to formulate an international law on the use of Internet to curb this imminent danger of Cyber Crimes and to achieve a crime free Cyber Space. Prevention they say is the best cure. Cyber laws aim to prevent cyber crimes through the use of penal provisions. A great deal however needs to be done before Cyber laws can stand a fair chance to influence the modern laws can stand a fair chance to influence the modern world in the much anticipated manner.
DISCLAIMER
Actual resolution of legal issues depends upon many factors, including variations of fact and laws of the land. Though the firm has taken utmost care in the preparation of this article, the information contained herein is not intended to constitute any legal advice and the firm cannot accept any responsibility towards those who rely solely on the contents of this article without taking further specialist advice. The reader should always consult with legal counsel before taking action on matters covered by this article.
DO’S & DON’T
Do’s
# Install and use a firewall, pop-up blocker and spy ware detector.
# Ensure that your virus definitions are up to date and run anti-virus and spy ware detectors/cleaners regularly.
# Make Backups of Important Files and Folders to protect important files and records on your computer if your computer malfunctions or is destroyed by a Successful attacker?
# Use strong password - Easy to remember and difficult to guess password. Use alphanumeric and special characters in your password. The length of password should be as long as possible (More than 8 characters).
# Assignment of computer to a particular person with password protection in
offices.
# Install the firewall and maintain the logs of firewall.
# Preservation of evidence (logs/received emails in question etc).
# Disconnect from internet when not in use.
# Habitually download security protection update patches & Keep your browser and operating system up to date.
# Never share photographs in compromise positions.
# Make the wireless network invisible by disabling identifier broadcasting .
# Encrypt the network traffic.
# Change administrator’s password from the default password. If the wireless network does not have a default password, create one and use it to protect the network.
# disable file sharing on computers .
# Turn off the network during extended periods of non-use, etc.
# Avoid online banking, shopping, entering credit card details, etc if the network is not properly secured.
# Check your online account frequently and make sure all listed transactions are valid.
# Always delete spam emails immediately and empty the trash box to prevent accidental clicking on the same link.
# Be wary of websites that require your card details up front before you actually
place an order .
# Avoid posting your cell phone number online.
# Never respond to text messages from someone you don't know.
# Be careful while downloading any free software or screensaver etc.
# Not delete email in question, save the email and take out the full header of the such email and report the crime.
# Be cautious when dealing with individuals outside of your own country.
# Be cautious of unsolicited offers. Never purchase anything advertised through an unsolicited email.
# Beware of promises to make fast profits.
Be cautious of exaggerated claims of possible earnings or profits.
# Beware of lotteries that charge a fee prior to delivery of your prize .
# Contact the actual business that supposedly sent the email to verify if the
email is genuine
# Beware of references given by the promoter.
# Ensure you understand all terms and conditions of any agreement.
# Always type in the website address yourself rather than clicking on a link
provided.
Don’t tell any anonymous chat
# Your real name, home address
# your phone number
# your friends' or family members' private information .
# your passwords
Don’ts
# Expose yourself that you are not available in town or give your details
about location and itinerary when email auto responder enabled.
# Hand over your credit card to any person.
# Auto-connect to open Wi-Fi (wireless fidelity) networks .
# Get confused, frightened or pressured into divulging information if you receive an e-mail purporting to be from your bank or credit card provider as criminal use scare tactics.
# keeps passwords stored on your computer.
# To go online without virus protection and a firewall in place.
# Open email attachment if you are not sure about it.
# Assume a company is legitimate based on "appearance" of the website.
# Be wary of investments that offer high returns at little or no risk.
# Accept packages that you didn't order.
Subscribe to:
Post Comments (Atom)
1 comment:
I enjoyed over read your blog post. Your blog have nice information,I got good ideas from this amazing blog.i'll check these promo codes for Kidsroom.de GmbH &Co.KG.
Post a Comment