Abstract image of a woman sitting on books and studying on a laptop

A report on cyber Crime

Download as DOCX, PDF
N
Nikhil Chaudhary

This document is a technical report submitted by Nikhil Kumar Chaudhary on the topic of cyber crime and security. It includes an abstract, introduction, sections on what cyber crime means and different types of cyber crimes. It also discusses the threats of cyber crimes in India, trends in India, and ways to tackle cyber crimes. Tables and figures are included to illustrate country distributions of cyber crimes and the rise of cyber crimes in India.

Internet
Related topics:
Cyber Crime
1 of 24
Downloaded 400 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Most read
19
Most read
20
21
22
23
Most read
24
NIKHIL KUMAR CHAUDHARY 14/CS/57 REPORT ON CYBER- CRIME & SECURITY
A Report on: Cyber Crime and Security Submitted by: Nikhil Kumar Chaudhary University roll number: 10300114057 Registration number: 141030110057 Class roll number: 14/CS/57 Department: Computer Science and Engineering Paper: Technical report writing & Language Paper Code: HU481 Submitted to: Ms ANKANA GHOSH DASTIDAR Assistant professor Department of Applied Sciences (English) HALDIA INSTITUTE OF TECHNOLOGY April 12, 2016 i
HALDIA INSTITUTE OF TECHNOLOGY CERTIFICATE This is to certify that NIKHIL KUMAR CHAUDHARY roll number 14/CS/57 of COMPUTER SCIENCE AND ENGINEERING department accomplished project wrote on the topic CYBER CRIME AND SECURITY in 4th semester under the supervision of Ms ANKANA GHOSH DASTIDAR. Signature: ii
ACKNOWLEDGEMENT I would first like to express to Ms ANKANA GHOSH DASTIDAR for her careful mentoring , she spent her precious time giving me professional advice and reading different draft versions of this dissertation. This dissertation would not have come to existence without her guidance and creative inspiration to take up the topic. I would also like to thank my parents, my family members, and my friends who were always there to support me. Above all I thank and devote myself to the almighty GOD. iii
CONTENTS TOPIC PAGE No. Abstract……………………………………………………………………………………….3 Introduction…………………………………………………………………………………..3 Cyber-crime: what does it mean ……………………………………………………………..4 The Differences between Cybercrime and Traditional Crime………………………………6 Reasons for Cyber-crime………………………………………………………………….…7 Mode and Manner of Committing Cyber-Crime…………………………………………….7 Classification…………………………………………………………………………………9 Threat perception of Cyber-Crime in India………………………………………………....14 Trends of Cyber-Crime in India…………………………………………………………....15 Impact of cybercrime in India ……………………………………………………………….16 How to tackle Cyber-Crime……………………………………………………………….....17 Conclusion…………………………………………………………………………………...19 Recommendation………………………………………………………………………….....19 References……………………………………………………………………………………20 1
LIST OF ILLUSTRATION SL.No. Title Page No. Fig. 1 Relation between Victims, Attacker & Defender 5 Fig. 2 Country distribution of Cyber-Crimes 15 Fig. 3 Rise in number of Cyber-Crimes in India 15 Fig. 4 Cybercrime cases filed in India 16 Fig. 5 Impact of Cybercrime in India 17 2
ABSTRACT The Computers have unleashed an era of enhanced productivity and creativity. Communication and connectedness has seen new heights in the last two decades. Internet has ushered a new revolution, The Online Revolution. In the current era of online processing, maximum of the information is online and prone to cyber threats. There are a huge number of cyber threats and their behaviour is difficult to early understanding hence difficult to restrict in the early phases of the cyber-attacks. Cyber-attacks may have some motivation behind it or may be processed unknowingly. The attacks those are processed knowingly can be considered as the cyber-crime and they have serious impacts over the society in the form of economical disrupt, psychological disorder, threat to National defence etc. Restriction of cyber-crimes is dependent on proper analysis of their behaviour and understanding of their impacts over various levels of society. Therefore, the current manuscript provides the understanding of cyber-crimes and their impacts over society with the future trends of cyber- crimes. INTRODUCTION The internet in world is growing rapidly. It has given rise to new opportunities in every field we can think of – be it entertainment, business, sports or education. There are two sides to a coin. Internet also has its own disadvantages. One of the major disadvantages is Cyber-crime – illegal activity committed on the internet. The term ‘cyber-crime’ is a misnomer. This term has nowhere been defined in any statute/Act passed or enacted by the Indian Parliament. The concept of cyber-crime is not radically different from the concept of conventional crime. Both include conduct whether act or omission, which cause breach of rules of law and counterbalanced by the sanction of the state. Before evaluating the concept of cyber-crime it is obvious that the concept of conventional crime be discussed and the points of similarity and deviance between both these forms may be discussed. The commonly accepted definition of cyber security is the protection of any computer system, software program, and data against unauthorized use, disclosure, transfer, modification, or destruction, whether accidental or intentional. Cyber- attacks can come from internal networks, the Internet, or other private or public systems. Businesses cannot afford to be dismissive of this problem because those who don’t respect address, and counter this threat will surely become victims. 3
These are the Cyber Criminals, the ill-motivated hackers, crackers and spammers. In this report, an attempt has been made to see Cyber Crime in a broad Spectrum, starting from scratch. Reports & Investigations from World’s top Cyber Security firms has been incorporated. Without delving too much into the actual means of exploitation, an attempt to visualise the entire process as whole, has been made. The use of technology has become an integral part of our lives. Our increasing dependence on technology consolidates itself as a powerful platform that has revolutionised the way we do business and communicate with people, leaving us in the open to threats of cybercrime. We have become complacent to the existence of cybercrime, perhaps putting too much faith in technology. Organisations must recognise this environment and must identify methods to address these risks proactively. As businesses and individuals increase their reliance on technology, they tend to become exposed to the growing cybercrime threats and the fact remains that we cannot ignore technology. Many businesses may not have taken time to consider whether they have sound cyber-security mechanisms in place, but ignoring this risk could endanger their operations. Through this survey we have analysed the preparedness of an individual or organisation from potential cybercrimes threats, other than highlighting preventive mechanisms to deal with this rapidly growing issue. While large organisations are beginning to take preventive measures to protect themselves, small organisations normally pay insignificant attention to risk assessment or have no funding to put the risk in place. CYBERCRIME: WHAT DOES IT MEAN? Cyber Crime: Computer crime, or cybercrime, is crime that involves a computer and a network. “Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber-crime” A generalized definition of cyber-crime may be “ unlawful acts wherein the computer is either a tool or target or both” The computer may be used as a tool in the following kinds of activity- financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail spoofing, forgery, cyber defamation, cyber stalking. The computer may however be target for unlawful acts in the following cases- unauthorized access to computer/ computer system/ computer networks, theft of information contained in the electronic form, e-mail bombing, data diddling, salami attacks, logic bombs, Trojan attacks, internet time thefts, web jacking, theft of computer system, physically damaging the computer system. 4
Fig. 1: Relation between Victim, Attacker & Defender When was the first evercybercrime recorded? The first cybercrime was noted in 1820 by Joseph-Marie Jacquard, a textile manufacturer in France which produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber-crime! The first spam email took place in 1978 when it was sent out over the Arpanet (Advanced Research Projects Agency Network). The first virus was installed on an Apple computer in 1982 when a high school student, Rich Skrenta, developed the Elk cloner. Who is carrying it out? Cyber-attacks can be carried out by a host of people ranging between disgruntled employees, individual hacker, organised cybercrime syndicates to enemy government or an activist. These are the Cyber Criminals, the ill-motivated hackers, crackers and spammers What is the biggestmyth related to cybercrime? 100 per cent Security! 100 per cent security can be difficult to attain and should not ideally be the goal. Instead, one must establish a capability that deals with incidents to help minimise threat and loss. 5
Are you facing cyber threat and not even realising it? The information security landscape is constantly evolving. Private and public sector organisations find it difficult to believe they could be a target for cyber-attacks. As adversary sophistication increases, many organisations react only after the event or the attack is underway. The Differences between Cybercrime and Traditional Crime:  One of the differences between cybercrime and traditional crime is the evidence of the offenses. Traditional criminals usually leave traces of a crime, through either fingerprints or other physical evidences. On the other hand, cybercriminals rely on the Internet via which they commit their crimes, and it leaves very little evidence about the cybercrime. Forensic investigators usually experience great difficulty in gathering evidence that could lead to the conviction of cybercriminals since these criminals can freely change their identities. The Internet also allows the anonymity of its users, and this implies that cybercriminals can use any pseudonyms for their identification. On the other hand, it is difficult for traditional criminals to fake their gender, race, or age.  Consequently, this leads to the second difference between traditional and cybercrimes, length of investigations. Since cybercrime involves perpetrators using falsified names and working from remote locations, it usually takes longer to identify the real cybercriminals and apprehend them. In most cases, cybercriminals (such as hackers) escape from arrest because the investigators cannot locate them. Traditional crimes take shorter time period to investigate because the criminals usually leave evidence that can be used to spot them. For instance, traditional criminals can leave evidence such as DNA, fingerprints, photographs and videos captured on surveillance cameras, or personal belongings such as identity cards, and this makes it easy for investigators to identify and capture the culprits. In addition, such evidence makes it easy for the judiciary to convict the offenders.  Lastly, the difference between traditional crimes and cybercrimes is the force involved. Most of the traditional crimes (such as rape, murder, arson, and burglary among others) involve the use of excessive force that results in physical injury and trauma on the victims. On the other hand, cybercrimes do not require the use of any force since the criminals merely use the identities of their victims to steal from them. For example, cybercriminals use spoofing and phishing to obtain personal information such as credit card numbers from their victims, or use encrypted emails to coordinate violence remotely. 6
REASONS FOR CYBER CRIME Herbert Lionel Adolphus Hart (18 July 1907 – 19 December 1992), in his work “The Concept of Law” has said ‘human beings are vulnerable so rule of law is required to protect them’. Applying this to the cyberspace we may say that computers are vulnerable so rule of law is required to protect and safeguard them against cyber- crime. The reasons for the vulnerability of computers may be said to be: 1. Capacity to store data in comparatively small space: The computer has unique characteristic of storing data in a very small space. This affords to remove or derive information either through physical or virtual medium makes it much easier. 2. Easy to access: The problem encountered in guarding a computer system from unauthorised access is that there is every possibility of breach not due to human error but due to the complex technology. By secretly implanted logic bomb, key loggers that can steal access codes, advanced voice recorders; retina imagers etc. that can fool biometric systems and bypass firewalls can be utilized to get past many a security system. 3. Complex: The computers work on operating systems and these operating systems in turn are composed of millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer system. 4. Negligence: Negligence is very closely connected with human conduct. It is therefore very probable that while protecting the computer system there might be any negligence, which in turn provides a cyber-criminal to gain access and control over the computer system. 5. Loss of evidence: Loss of evidence is a very common & obvious problem as all the data are routinely destroyed. Further collection of data outside the territorial extent also paralyses this system of crime investigation. MODE AND MANNER OF COMMITING CYBER CRIME 1. Unauthorized access to computer systems or networks / Hacking- This kind of offence is normally referred as hacking in the generic sense. However the framers of the information technology act 2000 have nowhere used this term so to avoid any confusion we would not interchangeably use the word hacking for ‘unauthorized access’ as the latter has wide connotation. 7
2. Theft of information contained in electronic form- This includes information stored in computer hard disks, removable storage media etc. Theft may be either by appropriating the data physically or by tampering them through the virtual medium. 3. Email bombing- This kind of activity refers to sending large numbers of mail to the victim, which may be an individual or a company or even mail servers there by ultimately resulting into crashing. 4. Data diddling- This kind of an attack involves altering raw data just before a computer processes it and then changing it back after the processing is completed. The electricity board faced similar problem of data diddling while the department was being computerised. 5. Salami attacks- This kind of crime is normally prevalent in the financial institutions or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. E.g. the Ziegler case wherein a logic bomb was introduced in the bank’s system, which deducted 10 cents from every account and deposited it in a particular account. 6. Denial of Service attack- The computer of the victim is flooded with more requests than it can handle which cause it to crash. Distributed Denial of Service (DDoS) attack is also a type of denial of service attack, in which the offenders are wide in number and widespread. E.g. Amazon, Yahoo. 7. Virus / worm attacks- Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory. E.g. love bug virus, which affected at least 5 % of the computers of the globe. The losses were accounted to be $ 10 million. The world's most famous worm was the Internet worm let loose on the Internet by Robert Morris sometime in 1988. Almost brought development of Internet to a complete halt. 8. Logic bombs- These are event dependent programs. This implies that these programs are created to do something only when a certain event (known as a trigger event) occurs. 8
E.g. even some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date (like the Chernobyl virus). 9. Trojan attacks- This term has its origin in the word ‘Trojan horse’. In software field this means an unauthorized programme, which passively gains control over another’s system by representing itself as an authorised programme. The most common form of installing a Trojan is through e-mail. E.g. a Trojan was installed in the computer of a lady film director in the U.S. while chatting. The cyber criminal through the web cam installed in the computer obtained her nude photographs. He further harassed this lady. 10. Internet time thefts- Normally in these kinds of thefts the Internet surfing hours of the victim are used up by another person. This is done by gaining access to the login ID and the password. E.g. Colonel Bajwa’s case- the Internet hours were used up by any other person. This was perhaps one of the first reported cases related to cyber-crime in India. However this case made the police infamous as to their lack of understanding of the nature of cyber-crime. 11. Web jacking- This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the web site of another. He may even mutilate or change the information on the site. This may be done for fulfilling political objectives or for money. E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the Pakistani hackers and some obscene matter was placed therein. Further the site of Bombay crime branch was also web jacked. Another case of web jacking is that of the ‘gold fish’ case. In this case the site was hacked and the information pertaining to gold fish was changed. Further a ransom of US $ 1 million was demanded as ransom. Thus web jacking is a process whereby control over the site of another is made backed by some consideration for it CLASSIFICATION: The subject of cyber-crime may be broadly classified under the following three groups. They are- 1. Against Individuals (a). Their person & (b). Their property of an individual 9
2. Against Organization (a). Government (c). Firm, Company, Group of Individuals. 3. Against Societyat large The following are the crimes, which can be committed against the followings group 1. Against Individuals: – i. Harassment via e-mails. ii. Cyber-stalking. iii. Dissemination of obscene material. iv. Defamation. v. Unauthorized control/access over computer system. vi. Indecent exposure vii. Email spoofing viii. Cheating & Fraud 2. Against Individual Property: - i. Computer vandalism. ii. Transmitting virus. iii. Netrespass iv. Unauthorized control/access over computer system. v. Intellectual Property crimes vi. Internet time thefts 3. Against Organization: - i. Unauthorized control/access over computer system ii. Possession of unauthorized information. iii. Cyber terrorism against the government organization. iv. Distribution of pirated software etc. 10
4. Against Society at large: - i. Pornography (basically child pornography). ii. Polluting the youth through indecent exposure. iii. Trafficking iv. Financial crimes v. Sale of illegal articles vi. Online gambling vii. Forgery The above mentioned offences may discuss in brief as follows: 1. Harassment via e-mails- Harassment through e-mails is not a new concept. It is very similar to harassing through letters. Recently one of my friends had received a mail from a lady wherein she complained about the same. Her former boyfriend was sending her mails constantly sometimes emotionally blackmailing her and also threatening her. This is a very common type of harassment via e-mails. 2. Cyber-stalking- The Oxford dictionary defines stalking as "pursuing stealthily". Cyber stalking involves following a person's movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc. 3. Dissemination of obscene material/ Indecent exposure/ Pornography (basically child pornography) / Polluting through indecent exposure- Pornography on the net may take various forms. It may include the hosting of web site containing these prohibited materials. Use of computers for producing these obscene materials. Downloading through the Internet, obscene materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind. Two known cases of pornography are the Delhi Bal Bharati case and the Bombay case wherein two Swiss couple used to force the slum children for obscene photographs. The Mumbai police later arrested them. 11
4. Defamation- It is an act of imputing any person with intent to lower the person in the estimation of the right-thinking members of society generally or to cause him to be shunned or avoided or to expose him to hatred, contempt or ridicule. Cyber defamation is not different from conventional defamation except the involvement of a virtual medium. 5. Unauthorized control/access over computer system- This activity is commonly referred to as hacking. The Indian law has however given a different connotation to the term hacking, so we will not use the term "unauthorized access" interchangeably with the term "hacking" to prevent confusion as the term used in the Act of 2000 is much wider than hacking. 6. E mail spoofing- A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it's origin to be different from which actually it originates. Eg. Rajesh Manyar, a graduate student at Purdue University in Indiana, was arrested for threatening to detonate a nuclear device in the college campus. The alleged e- mail was sent from the account of another student to the vice president for student services. However the mail was traced to be sent from the account of Rajesh Manyar. 7. Computer vandalism- Vandalism means deliberately destroying or damaging property of another. Thus computer vandalism may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral attached to the computer or by physically damaging a computer or its peripherals. 8. Transmitting virus/worms- This topic has been adequately dealt herein above. 9. Intellectual Property crimes / Distribution of pirated software- Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, copyright infringement, trademark and service mark violation, theft of computer source code, etc. 12
The Hyderabad Court has in a land mark judgement has convicted three people and sentenced them to six months imprisonment and fine of 50,000 each for unauthorized copying and sell of pirated software. 10. Cyber terrorism against the government organization- At this juncture a necessity may be felt that what is the need to distinguish between cyber terrorism and cyber-crime. Both are criminal acts. However there is a compelling need to distinguish between both these crimes. A cyber-crime is generally a domestic issue, which may have international consequences; however cyber terrorism is a global concern, which has domestic as well as international consequences. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate emails, attacks on sensitive computer networks, etc. Technology savvy terrorists are using 512-bit encryption, which is next to impossible to decrypt. The recent example may be cited of – Osama Bin Laden, the LTTE, and attack on America’s army deployment system during Iraq war. Cyber terrorism may be defined to be “ the premeditated use of disruptive activities, or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives” Another definition may be attempted to cover within its ambit every act of cyber terrorism. A terrorist means a person who indulges in wanton killing of persons or in violence or in disruption of services or means of communications essential to the community or in damaging property with the view to – (1) Putting the public or any section of the public in fear; or (2) Affecting adversely the harmony between different religious, racial, language or regional groups or castes or communities; or (3) Coercing or overawing the government established by law; or (4) Endangering the sovereignty and integrity of the nation and a cyber-terrorist is the person who uses the computer system as a means or ends to achieve the above objectives. Every act done in pursuance thereof is an act of cyber terrorism. 13
11. Trafficking- Trafficking may assume different forms. It may be trafficking in drugs, human beings, arms weapons etc. These forms of trafficking are going unchecked because they are carried on under pseudonyms. A racket was busted in Chennai where drugs were being sold under the pseudonym of honey. 12. Fraud & Cheating Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. It may assume different forms. Some of the cases of online fraud and cheating that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc. Recently the Court of Metropolitan Magistrate Delhi found guilty a 24-year-old engineer working in a call centre, of fraudulently gaining the details of Campa's credit card and bought a television and a cordless phone from Sony website. Metropolitan magistrate Gulshan Kumar convicted Azim for cheating under IPC, but did not send him to jail. Instead, Azim was asked to furnish a personal bond of Rs 20,000, and was released on a year's probation.. THREAT PERCEPTION OF CYBERCRIME IN INDIA Cybercrime can affect any organisation, large or small. Many of the incidents are not publicly known and have not been reported by the media. However, companies in U.S., are legally granted the responsibility to report incidents to the authorities. Distinctly, about 51 per cent perceive themselves to be an easy target for cyber attacks due to the nature of their business. Out of these 51%, about 68% respondents claim that they monitor their cybercrime threats on a daily basis. Inadequate detection processes may conceal the real number of cybercrime attacks. Although many organisations today are equipped with state of the art security systems, they may still be unable to manage or handle cybercrime incidents. Perception of cybercrime in India: Cybercrime is a major threat. Easy target for cyber-attacks. In this increasingly hyper-connected world, cybercrime has emerged as a major threat as acknowledged by an overwhelming 89% of survey respondents. 14
TRENDS OF CYBERCRIME IN INDIA In the past, India used to be a target of cyber-attacks for political motivation only. Over the past few years, the global cybercrime landscape has changed dramatically, with criminals employing more sophisticated technology and greater knowledge of cyber security. Until recently, malware, spam emails, hacking into corporate sites and other attacks of this nature were mostly the work of computer ‘geniuses’ showcasing their talent. These attacks, which were rarely malicious, have gradually evolved into cybercrime syndicates siphoning off money through illegal cyber channels. Country Distribution: Survey done by Cyber Attack Timeline Fig. 2: Country distribution of Cyber-Crimes Rise inNumber of Cyber Crime in INDIA: Fig. 3: Rise in number of Cyber-Crimes in India 15
Survey result analysis done by KPMG in India: of the respondents have experienced cybercrime in the last. It is evident that only half of the respondents have been a victim of cyber-attacks in the last year which indicated that the number of cybercrime incidents in India has been on rise. Cybercrime Cases Filed in India: Survey done by National Crime Records Bureau Fig. 4: Cybercrime cases filed in India IMPACT OF CYBERCRIME IN INDIA The effects of a single, successful cyber-attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust. The overall monetary impact of cyber-crime on society and government is estimated to be billions of dollars a year. The overall monetary impact of cyber-crime on society and government are unknown. Some estimates are that viruses and worms cause damages into the billions of dollars a year. It is estimated that only 5 - 10% of cyber-crime is reported to law enforcement authorities. Reasons why cyber-crime is not reported varies from not knowing that a cyber incident has occurred to not wanting the public to know that a company’s security data may have been exposed. 16
Survey result analysis done by KPMG in India: Fig. 5: Impact of Cybercrime in India HOW TO TACKLE CYBER-CRIME Prevention is always better than cure. It is always better to take certain precaution while operating the internet. Cybercrime prevention can be straight-forward - when armed with a little technical advice and common sense, many attacks can be avoided. In general, online criminals are trying to make their money as quickly and easily as possible. The more difficult you make their job, the more likely they are to leave you alone and move on to an easier target. The tips below provide basic information on how you can prevent online fraud.  Keep your computer current with the latest patches and updates: One of the best ways to keep attackers away from your computer is to apply patches and other software fixes when they become available. By regularly updating your computer, you block attackers from being able to take advantage of software flaws (vulnerabilities) that they could otherwise use to break into your system.  Make sure your computer is configured securely: Configuring popular Internet applications such as your Web browser and email software is one of the most important areas to focus on. Keep in mind that a newly purchased computer may not have the right level of security for you. When you are installing your computer at home, pay attention not just to making your new system function, but also focus on making it work securely. 17
 Choose strong passwords and keepthem safe: Selecting a password that cannot be easily guessed is the first step toward keeping passwords secure and away from the wrong hands. Strong passwords have eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?). Avoid using any of the following as your password: your login name, anything based on your personal information such as your last name, and words that can be found in the dictionary. Try to select especially strong, unique passwords for protecting activities like online banking.  Protect your computer with security software: Several types of security software are necessary for basic online security. Security software essentials include firewall and antivirus programs. A firewall is usually your computer's first line of defence it controls who and what can communicate with your computer online. You could think of a firewall as a sort of "policeman" that watches all the data attempting to flow in and out of your computer on the Internet, allowing communications that it knows are safe and blocking "bad" traffic such as attacks from ever reaching your computer.  Protect your personal information: Exercise caution when sharing personal information such as your name, home address, phone number, and email address online  Don't respond to email messages that ask for personal information.  Steer clear of fraudulent Web sites used to steal personal information.  Pay attention to privacy policies on Web sites and in software.  Online offers that look too good to be true usually are: While you may not directly pay for the software or service with money, the free software or service you asked for may have been bundled with advertising software ("adware") that tracks your behaviour and displays unwanted advertisements. You may have to divulge personal information or purchase something else in order to claim your supposed content winnings. If an offer looks so good it's hard to believe, ask for someone else's opinion, read the fine print, or even better, simply ignore it.  Review bank and credit card statements regularly: The impact of identity theft and online crimes can be greatly reduced if you can catch it shortly after your data is stolen or when the first use of your information is attempted. One of the easiest ways to get the tip-off that something has gone wrong is by reviewing the monthly statements provided by your bank and credit card companies for anything out of the ordinary. 18
CONCLUSION Capacity of human mind is unfathomable. It is not possible to eliminate cyber-crime from the cyber space. It is quite possible to check them. History is the witness that no legislation has succeeded in totally eliminating crime from the globe. The only possible step is to make people aware of their rights and duties (to report crime as a collective duty towards the society) and further making the application of the laws more stringent to check crime. Undoubtedly the Act is a historical step in the cyber world. Further I all together do not deny that there is a need to bring changes in the Information Technology Act to make it more effective to combat cyber-crime. I would conclude with a word of caution for the pro-legislation school that it should be kept in mind that the provisions of the cyber law are not made so stringent that it may retard the growth of the industry and prove to be counter-productive. RECOMMENDATION Cybercrime is broadly defined by tech company, Symantec, as any offence that is committed using a computer, network or hardware device. It is not a new occurrence, but its scope is constantly evolving. Once cyber criminals have your personal details, they gain access to an abundance of information that will allow them to clone just about any account that is tied to you. This includes: credit cards, investment bonds, personal savings accounts, as well as cheque accounts. The list does not stop there as your entire identity can be stolen within seconds. To tackle cybercrime efficiently, it is essential to establish active partnerships and cooperation between the private sector, information security organizations, financial institutions and public institutions to investigate cybercrime, to supervise financial market transactions and to enforce laws. Without efficient private-public cooperation, cybercrime will never be tackled effectively. The private sector needs to be assured of a confidential relationship in which information can be exchanged for investigative and intelligence purposes.  Be aware of what you do while using public Wi-Fi Hotspots While these access points are convenient, they are far from secure. Avoid conducting financial or corporate transactions on these networks. 19
 Be social media savvy Make sure your social networking profiles (e.g. Facebook, Twitter, YouTube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online. Once it is on the Internet, it is extremely difficult to remove.  Secure mobile devices More often than not, we leave our mobile devices unattended. By activating the built- in security features you can avoid any access to personal details. Never store passwords, pin numbers and even your own address on any mobile device.  Protect your Data Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups of all your important data, and store it in a different location. REFERENCES 1. Cyber-Crime Report 2015 given by KMPG- India. 2. National Crime Records Bureau India 3. https://en.wikipedia.org/wiki/Cybercrime 4. http://www.spiceworks.com/marketing/top-8-tips-prevent-cybercrime/ 5. http://in.norton.com/cybercrime-prevention 20

More Related Content

DOC
Online Shopping System Test case Writing
chiragmakdiya
 
PPTX
Plastic Pollution.pptx
AnkushSolanki6
 
PPTX
Cyber Crime And Security
ritik shukla
 
PPTX
Child labour presentation
Srinivas Viswanathan
 
PPTX
TECHNICAL REPORT
swarna2912
 
PPTX
Cyber security ppt
DebrajKarmakar
 
PPTX
Ftp
Amandeep Kaur
 
PDF
Keeping quiet
PreetiShaw1
 
Online Shopping System Test case Writing
chiragmakdiya
 
Plastic Pollution.pptx
AnkushSolanki6
 
Cyber Crime And Security
ritik shukla
 
Child labour presentation
Srinivas Viswanathan
 
TECHNICAL REPORT
swarna2912
 
Cyber security ppt
DebrajKarmakar
 
Ftp
Amandeep Kaur
 
Keeping quiet
PreetiShaw1
 

What's hot (20)

DOC
Cyber crime final report
Shishupal Nagar
 
PPTX
Man in The Middle Attack
Deepak Upadhyay
 
PPTX
Phishing ppt
shindept123
 
DOC
Report of cyber crime
Alisha Korpal
 
PDF
Cyber Security Awareness
Ramiro Cid
 
PPT
Cyber security & Importance of Cyber Security
Mohammed Adam
 
PDF
Cyber security awareness for students
Kandarp Shah
 
PPTX
Cybercrime: A Seminar Report
Arindam Sarkar
 
PPTX
Digital signature
Praseela R
 
PPTX
Cyber Terrorism
Shivam Lohiya
 
PPT
Information Security
Dhilsath Fathima
 
PPTX
Network attacks
Manjushree Mashal
 
PPTX
Cyber crime ppt
MOE515253
 
PPTX
National Cyber Security Policy-2013
Vidushi Singh
 
PPTX
Cyber crime and security
Akash Dhiman
 
PPTX
Phishing ppt
Sanjay Kumar
 
PPTX
cryptography ppt free download
Twinkal Harsora
 
DOC
Cyber crime
Rajat Jain
 
PPTX
Cyber crime and security ppt
Lipsita Behera
 
PPTX
Cyber crime ppt new
Onkar1431
 
Cyber crime final report
Shishupal Nagar
 
Man in The Middle Attack
Deepak Upadhyay
 
Phishing ppt
shindept123
 
Report of cyber crime
Alisha Korpal
 
Cyber Security Awareness
Ramiro Cid
 
Cyber security & Importance of Cyber Security
Mohammed Adam
 
Cyber security awareness for students
Kandarp Shah
 
Cybercrime: A Seminar Report
Arindam Sarkar
 
Digital signature
Praseela R
 
Cyber Terrorism
Shivam Lohiya
 
Information Security
Dhilsath Fathima
 
Network attacks
Manjushree Mashal
 
Cyber crime ppt
MOE515253
 
National Cyber Security Policy-2013
Vidushi Singh
 
Cyber crime and security
Akash Dhiman
 
Phishing ppt
Sanjay Kumar
 
cryptography ppt free download
Twinkal Harsora
 
Cyber crime
Rajat Jain
 
Cyber crime and security ppt
Lipsita Behera
 
Cyber crime ppt new
Onkar1431
 
Ad

Similar to A report on cyber Crime (20)

PDF
Cyber crime modified
Debabrata Samanta
 
PDF
Cyber Terrorism Essay
Custom Paper Services
 
PDF
Cyber crime
Debayon Saha
 
PDF
Cyber-Terrorism Essay
Papers Writing Service National University of Health Sciences
 
PDF
Cyberterrorism
Buy A Paper Gallatin
 
PPTX
cyber crime
priya sehgal
 
PDF
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
IJCSIS Research Publications
 
PDF
Cyberterrorism Essays
Help With Papers Tacoma
 
PDF
Research Paper On Cybercrime
Write My Statistics Paper Vestal
 
PPTX
cyber security and its importance .pptx
bhaskarnayak18
 
PPTX
cybersecurity subject chapter 1 lec 1-5.pptx
nicedeb699
 
PPTX
Cyber crime
BadarHossain
 
PDF
Cyber Terrorism
Buy Cheap Papers Clarkson University
 
PPTX
CLE-Cyber crimes.pptx
VipinRawat52
 
DOCX
New microsoft office word document (3)
Priyatham Kanigarla
 
PPTX
lecture notes Cyber-Crime and software Ergonomic
MbiedaNgomegniFrankG1
 
DOCX
document on cyber terrorism
Kirti Temani
 
PDF
Cybercrime: Radically Rethinking the Global Threat
NTT Innovation Institute Inc.
 
PPTX
hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh
ShikharPratap3
 
PPTX
Lesson iv on fraud awareness (cyber frauds)
Kolluru N Rao
 
Cyber crime modified
Debabrata Samanta
 
Cyber Terrorism Essay
Custom Paper Services
 
Cyber crime
Debayon Saha
 
Cyber-Terrorism Essay
Papers Writing Service National University of Health Sciences
 
Cyberterrorism
Buy A Paper Gallatin
 
cyber crime
priya sehgal
 
How Safe is Governmental Infrastructure: A Cyber Extortion and Increasing Ran...
IJCSIS Research Publications
 
Cyberterrorism Essays
Help With Papers Tacoma
 
Research Paper On Cybercrime
Write My Statistics Paper Vestal
 
cyber security and its importance .pptx
bhaskarnayak18
 
cybersecurity subject chapter 1 lec 1-5.pptx
nicedeb699
 
Cyber crime
BadarHossain
 
Cyber Terrorism
Buy Cheap Papers Clarkson University
 
CLE-Cyber crimes.pptx
VipinRawat52
 
New microsoft office word document (3)
Priyatham Kanigarla
 
lecture notes Cyber-Crime and software Ergonomic
MbiedaNgomegniFrankG1
 
document on cyber terrorism
Kirti Temani
 
Cybercrime: Radically Rethinking the Global Threat
NTT Innovation Institute Inc.
 
hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh
ShikharPratap3
 
Lesson iv on fraud awareness (cyber frauds)
Kolluru N Rao
 
Ad

Recently uploaded (20)

PDF
Exploring The Internet Of Things(IOT).ppt
rakeshk19831911
 
PPTX
Artificial_Intelligence_Basics use in our daily life
ANUBHABPANIGRAHI3
 
PDF
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
PPTX
The-Importance-of-School-Sanitation.pptx
shinjanmandal111
 
PDF
Top 8 Trusted Sources to Buy Verified Cash App Accounts.pdf
How To Buy Verified Cash App Accounts
 
PDF
The Evolution of Traditional to New Media .pdf
NIKKODENSMIRO
 
PDF
Computer Networking, Internet, Casting in Network
wakesandollar
 
PDF
KEY COB2 UNIT 1: The Business of businessĐH KInh tế TP.HCM
vannhieu190219
 
PPTX
t_and_OpenAI_Combined_two_pressentations
wuvjwfnaadbnzelauy
 
PPTX
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
Cashmir Pangandaman
 
PDF
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
PPTX
COPD_Management_Exacerbation_Detailed_Placeholders.pptx
4mmkp9d8xv
 
PDF
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
PPTX
Basic understanding of cloud computing one need
subhosvims
 
PPTX
在线订购名古屋艺术大学毕业证, buy NUA diploma学历认证失败怎么办
学历认证定制霍尔姆斯学院毕业证学位证书编号怎么查【Q微:1954292140】
 
PPTX
MY PRESENTATION66666666666666666666.pptx
suryanshchauhan088
 
PDF
SlidesGDGoCxRAIS about Google Dialogflow and NotebookLM.pdf
minhtrietgect
 
PPTX
1402_iCSC_-_RESTful_Web_APIs_--_Josef_Hammer.pptx
mwnorman1
 
PPTX
IPCNA VIRTUAL CLASSES INTERMEDIATE 6 PROJECT.pptx
AldoCharaRojas
 
PPTX
Top Website Bugs That Hurt User Experience – And How Expert Web Design Fixes
e-Definers Technology
 
Exploring The Internet Of Things(IOT).ppt
rakeshk19831911
 
Artificial_Intelligence_Basics use in our daily life
ANUBHABPANIGRAHI3
 
Alethe Consulting Corporate Profile and Solution Aproach
debashisrakshit2025
 
The-Importance-of-School-Sanitation.pptx
shinjanmandal111
 
Top 8 Trusted Sources to Buy Verified Cash App Accounts.pdf
How To Buy Verified Cash App Accounts
 
The Evolution of Traditional to New Media .pdf
NIKKODENSMIRO
 
Computer Networking, Internet, Casting in Network
wakesandollar
 
KEY COB2 UNIT 1: The Business of businessĐH KInh tế TP.HCM
vannhieu190219
 
t_and_OpenAI_Combined_two_pressentations
wuvjwfnaadbnzelauy
 
KSS ON CYBERSECURITY INCIDENT RESPONSE AND PLANNING MANAGEMENT.pptx
Cashmir Pangandaman
 
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
COPD_Management_Exacerbation_Detailed_Placeholders.pptx
4mmkp9d8xv
 
Buy Cash App Verified Accounts Instantly – Secure Crypto Deal.pdf
pvaonit
 
Basic understanding of cloud computing one need
subhosvims
 
在线订购名古屋艺术大学毕业证, buy NUA diploma学历认证失败怎么办
学历认证定制霍尔姆斯学院毕业证学位证书编号怎么查【Q微:1954292140】
 
MY PRESENTATION66666666666666666666.pptx
suryanshchauhan088
 
SlidesGDGoCxRAIS about Google Dialogflow and NotebookLM.pdf
minhtrietgect
 
1402_iCSC_-_RESTful_Web_APIs_--_Josef_Hammer.pptx
mwnorman1
 
IPCNA VIRTUAL CLASSES INTERMEDIATE 6 PROJECT.pptx
AldoCharaRojas
 
Top Website Bugs That Hurt User Experience – And How Expert Web Design Fixes
e-Definers Technology
 

A report on cyber Crime

  • 1. NIKHIL KUMAR CHAUDHARY 14/CS/57 REPORT ON CYBER- CRIME & SECURITY
  • 2. A Report on: Cyber Crime and Security Submitted by: Nikhil Kumar Chaudhary University roll number: 10300114057 Registration number: 141030110057 Class roll number: 14/CS/57 Department: Computer Science and Engineering Paper: Technical report writing & Language Paper Code: HU481 Submitted to: Ms ANKANA GHOSH DASTIDAR Assistant professor Department of Applied Sciences (English) HALDIA INSTITUTE OF TECHNOLOGY April 12, 2016 i
  • 3. HALDIA INSTITUTE OF TECHNOLOGY CERTIFICATE This is to certify that NIKHIL KUMAR CHAUDHARY roll number 14/CS/57 of COMPUTER SCIENCE AND ENGINEERING department accomplished project wrote on the topic CYBER CRIME AND SECURITY in 4th semester under the supervision of Ms ANKANA GHOSH DASTIDAR. Signature: ii
  • 4. ACKNOWLEDGEMENT I would first like to express to Ms ANKANA GHOSH DASTIDAR for her careful mentoring , she spent her precious time giving me professional advice and reading different draft versions of this dissertation. This dissertation would not have come to existence without her guidance and creative inspiration to take up the topic. I would also like to thank my parents, my family members, and my friends who were always there to support me. Above all I thank and devote myself to the almighty GOD. iii
  • 5. CONTENTS TOPIC PAGE No. Abstract……………………………………………………………………………………….3 Introduction…………………………………………………………………………………..3 Cyber-crime: what does it mean ……………………………………………………………..4 The Differences between Cybercrime and Traditional Crime………………………………6 Reasons for Cyber-crime………………………………………………………………….…7 Mode and Manner of Committing Cyber-Crime…………………………………………….7 Classification…………………………………………………………………………………9 Threat perception of Cyber-Crime in India………………………………………………....14 Trends of Cyber-Crime in India…………………………………………………………....15 Impact of cybercrime in India ……………………………………………………………….16 How to tackle Cyber-Crime……………………………………………………………….....17 Conclusion…………………………………………………………………………………...19 Recommendation………………………………………………………………………….....19 References……………………………………………………………………………………20 1
  • 6. LIST OF ILLUSTRATION SL.No. Title Page No. Fig. 1 Relation between Victims, Attacker & Defender 5 Fig. 2 Country distribution of Cyber-Crimes 15 Fig. 3 Rise in number of Cyber-Crimes in India 15 Fig. 4 Cybercrime cases filed in India 16 Fig. 5 Impact of Cybercrime in India 17 2
  • 7. ABSTRACT The Computers have unleashed an era of enhanced productivity and creativity. Communication and connectedness has seen new heights in the last two decades. Internet has ushered a new revolution, The Online Revolution. In the current era of online processing, maximum of the information is online and prone to cyber threats. There are a huge number of cyber threats and their behaviour is difficult to early understanding hence difficult to restrict in the early phases of the cyber-attacks. Cyber-attacks may have some motivation behind it or may be processed unknowingly. The attacks those are processed knowingly can be considered as the cyber-crime and they have serious impacts over the society in the form of economical disrupt, psychological disorder, threat to National defence etc. Restriction of cyber-crimes is dependent on proper analysis of their behaviour and understanding of their impacts over various levels of society. Therefore, the current manuscript provides the understanding of cyber-crimes and their impacts over society with the future trends of cyber- crimes. INTRODUCTION The internet in world is growing rapidly. It has given rise to new opportunities in every field we can think of – be it entertainment, business, sports or education. There are two sides to a coin. Internet also has its own disadvantages. One of the major disadvantages is Cyber-crime – illegal activity committed on the internet. The term ‘cyber-crime’ is a misnomer. This term has nowhere been defined in any statute/Act passed or enacted by the Indian Parliament. The concept of cyber-crime is not radically different from the concept of conventional crime. Both include conduct whether act or omission, which cause breach of rules of law and counterbalanced by the sanction of the state. Before evaluating the concept of cyber-crime it is obvious that the concept of conventional crime be discussed and the points of similarity and deviance between both these forms may be discussed. The commonly accepted definition of cyber security is the protection of any computer system, software program, and data against unauthorized use, disclosure, transfer, modification, or destruction, whether accidental or intentional. Cyber- attacks can come from internal networks, the Internet, or other private or public systems. Businesses cannot afford to be dismissive of this problem because those who don’t respect address, and counter this threat will surely become victims. 3
  • 8. These are the Cyber Criminals, the ill-motivated hackers, crackers and spammers. In this report, an attempt has been made to see Cyber Crime in a broad Spectrum, starting from scratch. Reports & Investigations from World’s top Cyber Security firms has been incorporated. Without delving too much into the actual means of exploitation, an attempt to visualise the entire process as whole, has been made. The use of technology has become an integral part of our lives. Our increasing dependence on technology consolidates itself as a powerful platform that has revolutionised the way we do business and communicate with people, leaving us in the open to threats of cybercrime. We have become complacent to the existence of cybercrime, perhaps putting too much faith in technology. Organisations must recognise this environment and must identify methods to address these risks proactively. As businesses and individuals increase their reliance on technology, they tend to become exposed to the growing cybercrime threats and the fact remains that we cannot ignore technology. Many businesses may not have taken time to consider whether they have sound cyber-security mechanisms in place, but ignoring this risk could endanger their operations. Through this survey we have analysed the preparedness of an individual or organisation from potential cybercrimes threats, other than highlighting preventive mechanisms to deal with this rapidly growing issue. While large organisations are beginning to take preventive measures to protect themselves, small organisations normally pay insignificant attention to risk assessment or have no funding to put the risk in place. CYBERCRIME: WHAT DOES IT MEAN? Cyber Crime: Computer crime, or cybercrime, is crime that involves a computer and a network. “Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber-crime” A generalized definition of cyber-crime may be “ unlawful acts wherein the computer is either a tool or target or both” The computer may be used as a tool in the following kinds of activity- financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail spoofing, forgery, cyber defamation, cyber stalking. The computer may however be target for unlawful acts in the following cases- unauthorized access to computer/ computer system/ computer networks, theft of information contained in the electronic form, e-mail bombing, data diddling, salami attacks, logic bombs, Trojan attacks, internet time thefts, web jacking, theft of computer system, physically damaging the computer system. 4
  • 9. Fig. 1: Relation between Victim, Attacker & Defender When was the first evercybercrime recorded? The first cybercrime was noted in 1820 by Joseph-Marie Jacquard, a textile manufacturer in France which produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber-crime! The first spam email took place in 1978 when it was sent out over the Arpanet (Advanced Research Projects Agency Network). The first virus was installed on an Apple computer in 1982 when a high school student, Rich Skrenta, developed the Elk cloner. Who is carrying it out? Cyber-attacks can be carried out by a host of people ranging between disgruntled employees, individual hacker, organised cybercrime syndicates to enemy government or an activist. These are the Cyber Criminals, the ill-motivated hackers, crackers and spammers What is the biggestmyth related to cybercrime? 100 per cent Security! 100 per cent security can be difficult to attain and should not ideally be the goal. Instead, one must establish a capability that deals with incidents to help minimise threat and loss. 5
  • 10. Are you facing cyber threat and not even realising it? The information security landscape is constantly evolving. Private and public sector organisations find it difficult to believe they could be a target for cyber-attacks. As adversary sophistication increases, many organisations react only after the event or the attack is underway. The Differences between Cybercrime and Traditional Crime:  One of the differences between cybercrime and traditional crime is the evidence of the offenses. Traditional criminals usually leave traces of a crime, through either fingerprints or other physical evidences. On the other hand, cybercriminals rely on the Internet via which they commit their crimes, and it leaves very little evidence about the cybercrime. Forensic investigators usually experience great difficulty in gathering evidence that could lead to the conviction of cybercriminals since these criminals can freely change their identities. The Internet also allows the anonymity of its users, and this implies that cybercriminals can use any pseudonyms for their identification. On the other hand, it is difficult for traditional criminals to fake their gender, race, or age.  Consequently, this leads to the second difference between traditional and cybercrimes, length of investigations. Since cybercrime involves perpetrators using falsified names and working from remote locations, it usually takes longer to identify the real cybercriminals and apprehend them. In most cases, cybercriminals (such as hackers) escape from arrest because the investigators cannot locate them. Traditional crimes take shorter time period to investigate because the criminals usually leave evidence that can be used to spot them. For instance, traditional criminals can leave evidence such as DNA, fingerprints, photographs and videos captured on surveillance cameras, or personal belongings such as identity cards, and this makes it easy for investigators to identify and capture the culprits. In addition, such evidence makes it easy for the judiciary to convict the offenders.  Lastly, the difference between traditional crimes and cybercrimes is the force involved. Most of the traditional crimes (such as rape, murder, arson, and burglary among others) involve the use of excessive force that results in physical injury and trauma on the victims. On the other hand, cybercrimes do not require the use of any force since the criminals merely use the identities of their victims to steal from them. For example, cybercriminals use spoofing and phishing to obtain personal information such as credit card numbers from their victims, or use encrypted emails to coordinate violence remotely. 6
  • 11. REASONS FOR CYBER CRIME Herbert Lionel Adolphus Hart (18 July 1907 – 19 December 1992), in his work “The Concept of Law” has said ‘human beings are vulnerable so rule of law is required to protect them’. Applying this to the cyberspace we may say that computers are vulnerable so rule of law is required to protect and safeguard them against cyber- crime. The reasons for the vulnerability of computers may be said to be: 1. Capacity to store data in comparatively small space: The computer has unique characteristic of storing data in a very small space. This affords to remove or derive information either through physical or virtual medium makes it much easier. 2. Easy to access: The problem encountered in guarding a computer system from unauthorised access is that there is every possibility of breach not due to human error but due to the complex technology. By secretly implanted logic bomb, key loggers that can steal access codes, advanced voice recorders; retina imagers etc. that can fool biometric systems and bypass firewalls can be utilized to get past many a security system. 3. Complex: The computers work on operating systems and these operating systems in turn are composed of millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer system. 4. Negligence: Negligence is very closely connected with human conduct. It is therefore very probable that while protecting the computer system there might be any negligence, which in turn provides a cyber-criminal to gain access and control over the computer system. 5. Loss of evidence: Loss of evidence is a very common & obvious problem as all the data are routinely destroyed. Further collection of data outside the territorial extent also paralyses this system of crime investigation. MODE AND MANNER OF COMMITING CYBER CRIME 1. Unauthorized access to computer systems or networks / Hacking- This kind of offence is normally referred as hacking in the generic sense. However the framers of the information technology act 2000 have nowhere used this term so to avoid any confusion we would not interchangeably use the word hacking for ‘unauthorized access’ as the latter has wide connotation. 7
  • 12. 2. Theft of information contained in electronic form- This includes information stored in computer hard disks, removable storage media etc. Theft may be either by appropriating the data physically or by tampering them through the virtual medium. 3. Email bombing- This kind of activity refers to sending large numbers of mail to the victim, which may be an individual or a company or even mail servers there by ultimately resulting into crashing. 4. Data diddling- This kind of an attack involves altering raw data just before a computer processes it and then changing it back after the processing is completed. The electricity board faced similar problem of data diddling while the department was being computerised. 5. Salami attacks- This kind of crime is normally prevalent in the financial institutions or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. E.g. the Ziegler case wherein a logic bomb was introduced in the bank’s system, which deducted 10 cents from every account and deposited it in a particular account. 6. Denial of Service attack- The computer of the victim is flooded with more requests than it can handle which cause it to crash. Distributed Denial of Service (DDoS) attack is also a type of denial of service attack, in which the offenders are wide in number and widespread. E.g. Amazon, Yahoo. 7. Virus / worm attacks- Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory. E.g. love bug virus, which affected at least 5 % of the computers of the globe. The losses were accounted to be $ 10 million. The world's most famous worm was the Internet worm let loose on the Internet by Robert Morris sometime in 1988. Almost brought development of Internet to a complete halt. 8. Logic bombs- These are event dependent programs. This implies that these programs are created to do something only when a certain event (known as a trigger event) occurs. 8
  • 13. E.g. even some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date (like the Chernobyl virus). 9. Trojan attacks- This term has its origin in the word ‘Trojan horse’. In software field this means an unauthorized programme, which passively gains control over another’s system by representing itself as an authorised programme. The most common form of installing a Trojan is through e-mail. E.g. a Trojan was installed in the computer of a lady film director in the U.S. while chatting. The cyber criminal through the web cam installed in the computer obtained her nude photographs. He further harassed this lady. 10. Internet time thefts- Normally in these kinds of thefts the Internet surfing hours of the victim are used up by another person. This is done by gaining access to the login ID and the password. E.g. Colonel Bajwa’s case- the Internet hours were used up by any other person. This was perhaps one of the first reported cases related to cyber-crime in India. However this case made the police infamous as to their lack of understanding of the nature of cyber-crime. 11. Web jacking- This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the web site of another. He may even mutilate or change the information on the site. This may be done for fulfilling political objectives or for money. E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the Pakistani hackers and some obscene matter was placed therein. Further the site of Bombay crime branch was also web jacked. Another case of web jacking is that of the ‘gold fish’ case. In this case the site was hacked and the information pertaining to gold fish was changed. Further a ransom of US $ 1 million was demanded as ransom. Thus web jacking is a process whereby control over the site of another is made backed by some consideration for it CLASSIFICATION: The subject of cyber-crime may be broadly classified under the following three groups. They are- 1. Against Individuals (a). Their person & (b). Their property of an individual 9
  • 14. 2. Against Organization (a). Government (c). Firm, Company, Group of Individuals. 3. Against Societyat large The following are the crimes, which can be committed against the followings group 1. Against Individuals: – i. Harassment via e-mails. ii. Cyber-stalking. iii. Dissemination of obscene material. iv. Defamation. v. Unauthorized control/access over computer system. vi. Indecent exposure vii. Email spoofing viii. Cheating & Fraud 2. Against Individual Property: - i. Computer vandalism. ii. Transmitting virus. iii. Netrespass iv. Unauthorized control/access over computer system. v. Intellectual Property crimes vi. Internet time thefts 3. Against Organization: - i. Unauthorized control/access over computer system ii. Possession of unauthorized information. iii. Cyber terrorism against the government organization. iv. Distribution of pirated software etc. 10
  • 15. 4. Against Society at large: - i. Pornography (basically child pornography). ii. Polluting the youth through indecent exposure. iii. Trafficking iv. Financial crimes v. Sale of illegal articles vi. Online gambling vii. Forgery The above mentioned offences may discuss in brief as follows: 1. Harassment via e-mails- Harassment through e-mails is not a new concept. It is very similar to harassing through letters. Recently one of my friends had received a mail from a lady wherein she complained about the same. Her former boyfriend was sending her mails constantly sometimes emotionally blackmailing her and also threatening her. This is a very common type of harassment via e-mails. 2. Cyber-stalking- The Oxford dictionary defines stalking as "pursuing stealthily". Cyber stalking involves following a person's movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc. 3. Dissemination of obscene material/ Indecent exposure/ Pornography (basically child pornography) / Polluting through indecent exposure- Pornography on the net may take various forms. It may include the hosting of web site containing these prohibited materials. Use of computers for producing these obscene materials. Downloading through the Internet, obscene materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind. Two known cases of pornography are the Delhi Bal Bharati case and the Bombay case wherein two Swiss couple used to force the slum children for obscene photographs. The Mumbai police later arrested them. 11
  • 16. 4. Defamation- It is an act of imputing any person with intent to lower the person in the estimation of the right-thinking members of society generally or to cause him to be shunned or avoided or to expose him to hatred, contempt or ridicule. Cyber defamation is not different from conventional defamation except the involvement of a virtual medium. 5. Unauthorized control/access over computer system- This activity is commonly referred to as hacking. The Indian law has however given a different connotation to the term hacking, so we will not use the term "unauthorized access" interchangeably with the term "hacking" to prevent confusion as the term used in the Act of 2000 is much wider than hacking. 6. E mail spoofing- A spoofed e-mail may be said to be one, which misrepresents its origin. It shows it's origin to be different from which actually it originates. Eg. Rajesh Manyar, a graduate student at Purdue University in Indiana, was arrested for threatening to detonate a nuclear device in the college campus. The alleged e- mail was sent from the account of another student to the vice president for student services. However the mail was traced to be sent from the account of Rajesh Manyar. 7. Computer vandalism- Vandalism means deliberately destroying or damaging property of another. Thus computer vandalism may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral attached to the computer or by physically damaging a computer or its peripherals. 8. Transmitting virus/worms- This topic has been adequately dealt herein above. 9. Intellectual Property crimes / Distribution of pirated software- Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, copyright infringement, trademark and service mark violation, theft of computer source code, etc. 12
  • 17. The Hyderabad Court has in a land mark judgement has convicted three people and sentenced them to six months imprisonment and fine of 50,000 each for unauthorized copying and sell of pirated software. 10. Cyber terrorism against the government organization- At this juncture a necessity may be felt that what is the need to distinguish between cyber terrorism and cyber-crime. Both are criminal acts. However there is a compelling need to distinguish between both these crimes. A cyber-crime is generally a domestic issue, which may have international consequences; however cyber terrorism is a global concern, which has domestic as well as international consequences. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate emails, attacks on sensitive computer networks, etc. Technology savvy terrorists are using 512-bit encryption, which is next to impossible to decrypt. The recent example may be cited of – Osama Bin Laden, the LTTE, and attack on America’s army deployment system during Iraq war. Cyber terrorism may be defined to be “ the premeditated use of disruptive activities, or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives” Another definition may be attempted to cover within its ambit every act of cyber terrorism. A terrorist means a person who indulges in wanton killing of persons or in violence or in disruption of services or means of communications essential to the community or in damaging property with the view to – (1) Putting the public or any section of the public in fear; or (2) Affecting adversely the harmony between different religious, racial, language or regional groups or castes or communities; or (3) Coercing or overawing the government established by law; or (4) Endangering the sovereignty and integrity of the nation and a cyber-terrorist is the person who uses the computer system as a means or ends to achieve the above objectives. Every act done in pursuance thereof is an act of cyber terrorism. 13
  • 18. 11. Trafficking- Trafficking may assume different forms. It may be trafficking in drugs, human beings, arms weapons etc. These forms of trafficking are going unchecked because they are carried on under pseudonyms. A racket was busted in Chennai where drugs were being sold under the pseudonym of honey. 12. Fraud & Cheating Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. It may assume different forms. Some of the cases of online fraud and cheating that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc. Recently the Court of Metropolitan Magistrate Delhi found guilty a 24-year-old engineer working in a call centre, of fraudulently gaining the details of Campa's credit card and bought a television and a cordless phone from Sony website. Metropolitan magistrate Gulshan Kumar convicted Azim for cheating under IPC, but did not send him to jail. Instead, Azim was asked to furnish a personal bond of Rs 20,000, and was released on a year's probation.. THREAT PERCEPTION OF CYBERCRIME IN INDIA Cybercrime can affect any organisation, large or small. Many of the incidents are not publicly known and have not been reported by the media. However, companies in U.S., are legally granted the responsibility to report incidents to the authorities. Distinctly, about 51 per cent perceive themselves to be an easy target for cyber attacks due to the nature of their business. Out of these 51%, about 68% respondents claim that they monitor their cybercrime threats on a daily basis. Inadequate detection processes may conceal the real number of cybercrime attacks. Although many organisations today are equipped with state of the art security systems, they may still be unable to manage or handle cybercrime incidents. Perception of cybercrime in India: Cybercrime is a major threat. Easy target for cyber-attacks. In this increasingly hyper-connected world, cybercrime has emerged as a major threat as acknowledged by an overwhelming 89% of survey respondents. 14
  • 19. TRENDS OF CYBERCRIME IN INDIA In the past, India used to be a target of cyber-attacks for political motivation only. Over the past few years, the global cybercrime landscape has changed dramatically, with criminals employing more sophisticated technology and greater knowledge of cyber security. Until recently, malware, spam emails, hacking into corporate sites and other attacks of this nature were mostly the work of computer ‘geniuses’ showcasing their talent. These attacks, which were rarely malicious, have gradually evolved into cybercrime syndicates siphoning off money through illegal cyber channels. Country Distribution: Survey done by Cyber Attack Timeline Fig. 2: Country distribution of Cyber-Crimes Rise inNumber of Cyber Crime in INDIA: Fig. 3: Rise in number of Cyber-Crimes in India 15
  • 20. Survey result analysis done by KPMG in India: of the respondents have experienced cybercrime in the last. It is evident that only half of the respondents have been a victim of cyber-attacks in the last year which indicated that the number of cybercrime incidents in India has been on rise. Cybercrime Cases Filed in India: Survey done by National Crime Records Bureau Fig. 4: Cybercrime cases filed in India IMPACT OF CYBERCRIME IN INDIA The effects of a single, successful cyber-attack can have far-reaching implications including financial losses, theft of intellectual property, and loss of consumer confidence and trust. The overall monetary impact of cyber-crime on society and government is estimated to be billions of dollars a year. The overall monetary impact of cyber-crime on society and government are unknown. Some estimates are that viruses and worms cause damages into the billions of dollars a year. It is estimated that only 5 - 10% of cyber-crime is reported to law enforcement authorities. Reasons why cyber-crime is not reported varies from not knowing that a cyber incident has occurred to not wanting the public to know that a company’s security data may have been exposed. 16
  • 21. Survey result analysis done by KPMG in India: Fig. 5: Impact of Cybercrime in India HOW TO TACKLE CYBER-CRIME Prevention is always better than cure. It is always better to take certain precaution while operating the internet. Cybercrime prevention can be straight-forward - when armed with a little technical advice and common sense, many attacks can be avoided. In general, online criminals are trying to make their money as quickly and easily as possible. The more difficult you make their job, the more likely they are to leave you alone and move on to an easier target. The tips below provide basic information on how you can prevent online fraud.  Keep your computer current with the latest patches and updates: One of the best ways to keep attackers away from your computer is to apply patches and other software fixes when they become available. By regularly updating your computer, you block attackers from being able to take advantage of software flaws (vulnerabilities) that they could otherwise use to break into your system.  Make sure your computer is configured securely: Configuring popular Internet applications such as your Web browser and email software is one of the most important areas to focus on. Keep in mind that a newly purchased computer may not have the right level of security for you. When you are installing your computer at home, pay attention not just to making your new system function, but also focus on making it work securely. 17
  • 22.  Choose strong passwords and keepthem safe: Selecting a password that cannot be easily guessed is the first step toward keeping passwords secure and away from the wrong hands. Strong passwords have eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?). Avoid using any of the following as your password: your login name, anything based on your personal information such as your last name, and words that can be found in the dictionary. Try to select especially strong, unique passwords for protecting activities like online banking.  Protect your computer with security software: Several types of security software are necessary for basic online security. Security software essentials include firewall and antivirus programs. A firewall is usually your computer's first line of defence it controls who and what can communicate with your computer online. You could think of a firewall as a sort of "policeman" that watches all the data attempting to flow in and out of your computer on the Internet, allowing communications that it knows are safe and blocking "bad" traffic such as attacks from ever reaching your computer.  Protect your personal information: Exercise caution when sharing personal information such as your name, home address, phone number, and email address online  Don't respond to email messages that ask for personal information.  Steer clear of fraudulent Web sites used to steal personal information.  Pay attention to privacy policies on Web sites and in software.  Online offers that look too good to be true usually are: While you may not directly pay for the software or service with money, the free software or service you asked for may have been bundled with advertising software ("adware") that tracks your behaviour and displays unwanted advertisements. You may have to divulge personal information or purchase something else in order to claim your supposed content winnings. If an offer looks so good it's hard to believe, ask for someone else's opinion, read the fine print, or even better, simply ignore it.  Review bank and credit card statements regularly: The impact of identity theft and online crimes can be greatly reduced if you can catch it shortly after your data is stolen or when the first use of your information is attempted. One of the easiest ways to get the tip-off that something has gone wrong is by reviewing the monthly statements provided by your bank and credit card companies for anything out of the ordinary. 18
  • 23. CONCLUSION Capacity of human mind is unfathomable. It is not possible to eliminate cyber-crime from the cyber space. It is quite possible to check them. History is the witness that no legislation has succeeded in totally eliminating crime from the globe. The only possible step is to make people aware of their rights and duties (to report crime as a collective duty towards the society) and further making the application of the laws more stringent to check crime. Undoubtedly the Act is a historical step in the cyber world. Further I all together do not deny that there is a need to bring changes in the Information Technology Act to make it more effective to combat cyber-crime. I would conclude with a word of caution for the pro-legislation school that it should be kept in mind that the provisions of the cyber law are not made so stringent that it may retard the growth of the industry and prove to be counter-productive. RECOMMENDATION Cybercrime is broadly defined by tech company, Symantec, as any offence that is committed using a computer, network or hardware device. It is not a new occurrence, but its scope is constantly evolving. Once cyber criminals have your personal details, they gain access to an abundance of information that will allow them to clone just about any account that is tied to you. This includes: credit cards, investment bonds, personal savings accounts, as well as cheque accounts. The list does not stop there as your entire identity can be stolen within seconds. To tackle cybercrime efficiently, it is essential to establish active partnerships and cooperation between the private sector, information security organizations, financial institutions and public institutions to investigate cybercrime, to supervise financial market transactions and to enforce laws. Without efficient private-public cooperation, cybercrime will never be tackled effectively. The private sector needs to be assured of a confidential relationship in which information can be exchanged for investigative and intelligence purposes.  Be aware of what you do while using public Wi-Fi Hotspots While these access points are convenient, they are far from secure. Avoid conducting financial or corporate transactions on these networks. 19
  • 24.  Be social media savvy Make sure your social networking profiles (e.g. Facebook, Twitter, YouTube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online. Once it is on the Internet, it is extremely difficult to remove.  Secure mobile devices More often than not, we leave our mobile devices unattended. By activating the built- in security features you can avoid any access to personal details. Never store passwords, pin numbers and even your own address on any mobile device.  Protect your Data Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups of all your important data, and store it in a different location. REFERENCES 1. Cyber-Crime Report 2015 given by KMPG- India. 2. National Crime Records Bureau India 3. https://en.wikipedia.org/wiki/Cybercrime 4. http://www.spiceworks.com/marketing/top-8-tips-prevent-cybercrime/ 5. http://in.norton.com/cybercrime-prevention 20