CONTENTS What is cyber crime? History Classification of cyber crime Types of cyber crime Cyber Security Cyber Security standards Cyber Law
W HAT IS CYBER CRIME ? Cyber crime refers to any crime that involves a computer/mobile and a network. The computer may have been used in the commission of a crime, or it may be the target. Cyber hackers apply all sorts of techniques (hacking, use of malware for intercepting data, etc.) in stealing personal or financial data from their victims, generally from their computers.
HISTORY The first spam email took place in 1978 when it was sent out over the ARPANET (Advanced Research Projects Agency Network). The first virus was installed on an Apple computer by a high school student, Rich Skrenta in the year 1982.
Cyber Crime refers to all activities done with criminal intent in cyberspace. These fall into three slots. Cyberspace is the electronic medium of computer networks in which online communication takes place. Those against persons. Against Business and Non-business organizations. Crime targeting the government.
C LASSIFICATION OF CYBER CRIME Computer as a tool Computer as a target Computer as an instrumentality Crime associated with prevalence of computers
C OMPUTER AS A TOOL When the individual is the main target of the crime the computer can be considered as a tool rather than target. These crimes are not done by technical experts. Eg: Spam, cyber stalking , cyber theft etc.
C OMPUTER AS A TARGET These crimes are committed by a selected group of people with technical knowledge. Destruction of information in the computer by spreading virus. Eg : Defacement, cyber terrorism etc.
C OMPUTER AS AN INSTRUMENTALITY The crime is committed by manipulating the contents of computer systems. With the advent of computer the criminal have started using the technology as an aid for its perpetuation. Eg: Drug trafficking, money laundering etc.
C RIME ASSOCIATED WITH PREVALENCE OF COMPUTERS Copyright violation Material copied from sources that are not public domain or compatibly licensed without the permission of copyright holder. Copyright violation causes legal issues.
T YPES OF CYBER CRIME Financial crimes Sale of illegal articles Online gambling Intellectual Property crimes Theft of information contained in electronic form Email bombing Key loggers
C ONTD . Cyber Defamation Cyber stalking Data Diddling Salami attacks Email spoofing Phishing Click jacking
C ONTD . Hacking Denial of Service attack Virus/worm attacks Logic bombs Trojan attacks Internet time theft Web jacking
Financial crime includes credit card frauds, money laundering, Forgery etc Money laundering is the process by which large amount of illegally obtained money is given the appearance of having originated from a legitimate source
Sale of illegal articles includes selling of narcotic drugs, weapons, wildlife etc to terrorists. Email bombing refers to sending a large amount of e- mails to the victim resulting in crashing of victims e-mail account or mail servers. Data diddling is a kind of an attack which involves altering of raw data just before it is processed by a computer and then changing it back after the processing is completed.
Intellectual Property Crimes includes software piracy, copyright infringement, trademarks violations etc. Theft of information contained in electronic from-This includes information stored in computer hard disks, removable storage media etc. Web defacement is usually the substitution of the original home page of a website with another page (usually pornographic or defamatory in nature) by a hacker.
Cyber Defamation occurs when defamation takes place with the help of computers and or the Internet e.g. e-mail containing defamatory information about that person. What is defamation? Defamation is the act of harming the reputation of person by making a false statement to another.
Cyber Stalking refers to the use of the Internet, e-mail, or other electronic communications devices to stalk another person. Stalking generally involves harassing or threatening behavior that an individual engages in repeatedly, such as following a person, appearing at a persons home or place of business, making harassing phone calls, leaving written messages or objects, or vandalizing a persons property.
Denial of Service involves flooding computer resources with more requests than it can handle. This causes the resources to crash thereby denying authorized users the service offered by the resources. Virus/worm are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses don not need the host to attach themselves to.
Trojan Horse-A Trojan as this program is aptly called, is an unauthorized program which functions from inside what seems to be an authorized program, thereby concealing what it is actually doing. Internet Time Theft-This connotes the usage by unauthorized persons of the Internet hours paid for by another person. Web jacking-This occurs when someone forcefully takes control of a website (by cracking the password ). The actual owner of the website does not have any more control over what appears on that website.
Logic bombs are dependent programs. This implies that these programs are created to do something only when a certain event occurs, e.g. some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date. E-Mail spoofing-A spoofed email is one that appears to originate from one source but actually has been sent from another source. This can also be termed as E-Mail forging.
Salami attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed e.g. A bank employee inserts a program into bank’s servers, that deducts a small amount from the account of every customer. Clickjacking is a form of cyber attack where the hacker uses an invisible layer over the embedded web content (this could be an image, video or button) to intercept and ‘hijack’ you to a mirror website and mine information from you.
Cyber terrorism is the premeditated use of disruptive activities, or the threat thereof, in cyber space, with the intention to further social, ideological, religious, political or similar objectives, or to intimidate any person in furtherance of such objectives. Eg: A simple propaganda in the Internet/SMS, that there will be bomb attacks during the holidays Mobile pickpocketing (SMS/call fraud), or the ability to charge a phone bill via SMS billing and phone calls. Malware uses these mechanisms to steal directly from user accounts.
Keyloggers are regularly used in computers to log all the strokes a victim makes on the keyboard. Eg: If a key logger is installed on a computer which is regularly used for online banking and other financial transactions then their passwords can be taken without the knowledge of the user
C YBER SECURITY It is not possible to eliminate cyber crime from the cyber space. It is quite possible to check them. Awareness is the first step in protecting yourself. Invest in Anti-virus, Firewall, and SPAM blocking software for your PC. Change passwords on a regular basis Use complex passwords (include numbers and special characters)
C ONTD . Do not automatically check boxes before reading the contents of any agreement of the software. Avoiding use of unauthorized software. Avoid opening of unknown emails. Use internet filtering software. Data Level Security Using encrypting softwares Disable remote connectivity (such as Bluetooth)
C YBER SECURITY STANDARDS Cyber security standards are security standards which enable organizations to practice safe security techniques to minimize the number of successful cyber security attacks. It provides general outlines as well as specific techniques for implementing cyber security. Some of the standards are ISO 27002,NERC, NIST,ISO 15408,RFC 2196,ISA-99.
L EGAL ACTS• The Computer Fraud and Abuse Act• The Digital Millennium Copyright Act• The Electronic Communications Privacy Act• The Stored Communications Act• Identity Theft and Aggravated Identity Theft• Identity Theft and Assumption Deterrence Act• Gramm-Leach-Bliley Act• Internet Spyware Prevention Act
C ONTD . Stored Communications Act which is passed in 1986 is focused on protecting the confidentiality, integrity and availability of electronic communications that are currently in some form of electronic storage Digital Millennium Copyright Act which is passed in 1998 is a United States copyright law that criminalizes the production and dissemination of technology, devices Electronic Communications Privacy Act of 1986 extends the government restrictions on wiretaps from telephones.
C ONTD . Internet Spyware Prevention Act (I-SPY) prohibits the implementation and use of spyware. Gramm-Leach-Bliley Act (GLBA) requires financial institutions and credit agencies increase the security of systems that contain their customers’ personal information. Identity Theft and Aggravated Identity Theft defines the conditions under which an individual has violated identity theft laws.
C YBER LAW Cyberlaw is a generic term which refers to all the legal and regulatory aspects of Internet and the World Wide Web. Anything concerned with or related to or emanating from any legal aspects or issues concerning any activity of netizens in and concerning Cyberspace comes within the ambit of Cyberlaw.
C YBERLAW P ROVISIONS IN I NDIAOffence Section under actTampering with Computer source Sec.65documentsHacking with Computer systems, Sec.66Data alterationPublishing obscene information Sec.67Un-authorized access to Sec.70protected systemBreach of Confidentiality and Sec.72PrivacyPublishing false digital signature Sec.73certificates
C ONTD .Offence Section under actSending threatening messages Sec 503 IPCby emailSending defamatory messages Sec 499 IPCby emailForgery of electronic records Sec 463 IPCBogus websites, cyber frauds Sec 420 IPCEmail spoofing Sec 463 IPCWeb-Jacking Sec 383 IPCE-Mail Abuse Sec 500 IPCOnline sale of Drugs NDPS ActOnline sale of Arms Arms Act
Though we have so many methods to protect from cyber crime, only awareness will help us to get rid of this problem. In case of emergency to complaint about cyber crime contact the following email ids and phone numbers. email@example.com ,firstname.lastname@example.org , email@example.com , firstname.lastname@example.org 0422-23452350, 98414-94329,22201026 ,22943050 .