Published on

Preventive steps & Awareness

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Cybercrime Preventive steps & Awareness
  2. 2. Objectives  To provide a general awareness of Cybercrime  To understand Cybercrime methods  To identify Internet scams  To learn how to keep from being a victim
  3. 3. What is Cybercrime?  Cybercrime is any illegal act committed by using a computer network.  Cybercrime is a subset of computer crime.
  4. 4. Examples of Cybercrime  Web defacement  Identity theft  Unauthorized network  Child pornography access  Interception and  Cyber-Stalking fabrication of emails  Internet fraud  Theft of passwords
  5. 5. Who are the perpetrators?  Not just “hackers.”  Companies seeking competitor’s trade secrets  Con-artists  Pedophiles  Disgruntled employees  “Accidental” criminals  The Internet should be viewed as another medium in which criminals can conduct illegal acts.
  6. 6. Who are the cyber victims?  Companies  No security awareness  Bottom liners  Individuals  The unaware individuals  The “don’t care” individuals  The “innocent by-stander” individuals  Society
  7. 7. Desktop Security  Many people become victims of a cyber attack by what is referred to as “drive by hacking.”  Tools are freely available on the Internet to allow for such behavior to occur.  The latest Microsoft Security flaw is a good example of how vulnerable each users desktop is to such an attack.
  8. 8. Spyware  Spyware is used by companies to gather the surfing habits of individuals.  Pop-up ads are usually a result of spyware being present on a computer.  Keyloggers are a form of spyware that secretly record keystrokes and have the ability to email them back to the intruder.
  9. 9. What can I do?  Awareness is the first step in protecting yourself and your family.  Invest in Anti-virus, Firewall, and SPAM blocking software for your PC.  Detect secure websites when conducting transactions online.  Do NOT respond or act on emails sent from unknown sources.
  10. 10. Detecting Secure Websites HTTPS instead of HTTP Yellow Lock at bottom right of website
  11. 11. Emails  SPAM emails are becoming easier to detect by the average user. Look for these clues to identify SPAM:  The receiver’s name is the same as the sender’s  The subject is offering money making deals  The user is unknown and there are links to what appear to be legitimate websites.
  12. 12. Cyber crime: an important note  The IT Act provides the backbone for e- commerce and India’s approach has been to look at e-governance and e-commerce primarily from the promotional aspects looking at the vast opportunities and the need to sensitize the population to the possibilities of the information age. There is the need to take in to consideration the security aspects.
  13. 13. Cyber crime: Indian law  In Indian law, cyber crime has to be voluntary and willful, an act or omission that adversely affects a person or property. The IT Act provides the backbone for e-commerce and India’s approach has been to look at e-governance and e- commerce primarily from the promotional aspects looking at the vast opportunities and the need to sensitize the population to the possibilities of the information age. There is the need to take in to consideration the security aspects.
  14. 14. United Nations’ Definition of Cybercrime  a. Cybercrime in a narrow sense (computer crime): Any illegal behavior directed by means of electronic operations that targets the security of computer systems and the data processed by them.  b. Cybercrime in a broader sense (computer-related crime): Any illegal behavior committed by means of, or in relation to, a computer system or network, including such crimes as illegal possession [and] offering or distributing information by means of a computer system or network.
  15. 15. Cyber crime: There are more concrete examples, including  Unauthorized access  Damage to computer data or programs  Computer sabotage  Unauthorized interception of communications  Computer espionage
  16. 16. What are the basic steps in fortifying the legal position of an organisation in cases of data theft?  While passing the IT Act, the government has also amended other related legislation, such as the Copyright Act or the Law of Evidence. Now, an organisation can keep a log of how a particular piece of intellectual property was built, by documenting the steps that led to development of a solution or product. This documentation will help establish the ownership of the final product.
  17. 17. What about simple information or databases?  The same applies to these. Beginning with the source of the database or information, their build up, fine-tuning and periodical revision will establish ownership.
  18. 18. How broad is the scope of protection under the laws?  Section 66 of the IT Act has defined hacking as (among other things) intentionally destroying, deleting or altering any information residing on a computer. There is no mention of the word copying here. However, the latter part of this section refers to "diminishing the value or utility" of this information. Copying is covered under this. If someone steals information and pastes it on a web site available to all, the value of this information diminishes.
  19. 19. Are there methods to ensure adherence to data access norms for employees?  Each organisation must have a well-defined IT use policy. It is important to offer written description of the limits each employee needs to follow. They should also be told the legal consequences of any breach of the access norms. There are provisions for imprisonment of three to five years and a fine for different offences under the IT Act. The law also provides judicial custody of up to a week to allow investigation. The idea of staying in a lock-up can be a deterrent enough for the techie kind, provided they are told about it.
  20. 20. Is the redressal process speedier for those hit by cyber crimes?  Any incident of data theft can be addressed on both criminal and civil tracks of the law. While the criminal proceedings will intend to regain the custody of data, the civil proceeding will seek compensation for loss caused by such theft. Disposal of cases will be handled at par with other cases of either nature. However, under the IT Act, the secretary of the information technology department of the Central or state government has been empowered to adjudicate the civil cases. This officer has the powers to order summary investigation and is not compelled to follow any legal procedures and will simply follow. If he follows the principles of natural justice (such as giving the accused an opportunity to be heard) he can examine the evidence, impose punishment and order compensation.
  21. 21. Conclusion  The key to protecting yourself is being aware.  Not all cybercriminals are “hackers.”  There is a whole other world that exists in cyberspace…make sure that your information travels safely.
  22. 22. Questions HR & Administrative Officer