This document discusses cyber crime and is presented by Ashita Phulwani, a BCA 1st semester student. It begins by defining crime and explaining that security is needed to prevent crime. It then explores different categories and types of cyber crimes like hacking, financial crimes, pornography, and intellectual property theft. Specific cyber crimes discussed in more detail include phishing, credit card fraud, software piracy, and spoofing. The document also looks at common cyber criminals, their motives, and the impacts of cyber crimes on victims. Overall, the document provides a broad overview of cyber crimes, how they are committed, and their consequences.
• IT Act is based on the model of electronic commerce
adopted by UN Commission on international trade
law in 1996.
• It provides legal recognition to electronic commerce
transactions, allows electronic filing of documents
and penalizes computer related crimes.
• The cyber law is law relating to computers,
communications and internet and referred as ICT
law.
• ICT law covers e-commerce, e-governance,
Intellectual property, data security, cyber crimes and
issues of privacy.
• IT Act is based on the model of electronic commerce
adopted by UN Commission on international trade
law in 1996.
• It provides legal recognition to electronic commerce
transactions, allows electronic filing of documents
and penalizes computer related crimes.
• The cyber law is law relating to computers,
communications and internet and referred as ICT
law.
• ICT law covers e-commerce, e-governance,
Intellectual property, data security, cyber crimes and
issues of privacy.
Cyberspace is a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures.
Index
Top Cyber Crimes
What is OSINT
Resource For OSINT
Goal - OSINT
Information Gathering
Analysis
Career as a Digital Forensics Investigator
Case Study - Malaysian Airlines Flight MH17
OSINT Process
Confidential Data of GOV
Preventive Measures
www.fomada.com
Presented By Syed Amoz: CEO Fomada
Cyberspace is a domain characterized by the use of electronics and the electromagnetic spectrum to store, modify, and exchange data via networked systems and associated physical infrastructures.
Index
Top Cyber Crimes
What is OSINT
Resource For OSINT
Goal - OSINT
Information Gathering
Analysis
Career as a Digital Forensics Investigator
Case Study - Malaysian Airlines Flight MH17
OSINT Process
Confidential Data of GOV
Preventive Measures
www.fomada.com
Presented By Syed Amoz: CEO Fomada
Pros And Cons Of Cybercrime
Pros And Disadvantages Of Cyber Crime Essay
Cyber Crime : A Crime
Cybercrime: Two Case Studies
Cyber Crime Speech
Why Cybercrime Is Important
The Issue Of Cyber Crimes Essay
Cyber Security Threats And Crimes
Cyber Crime Essay
Cybercrime Research Paper : Cybercrime
Cyber Crime In Australia
Cyber Crimes And The Crime
Research Paper On Cybercrime
Cyber Crime
Cyber Crime And Transnational Crime Essay
CyberCrime Essay
Advantages And Disadvantages Of Cyber Crime
Disadvantages Of Cyber Crime
Essay on Computer Crimes
Cyber Crime Essay
Prepared for the Ethical and Socıal Issues ın Informatıon Systems.
Titles:
What is Cybercrime ?
Types of Cybercrimes.
Cyberbullying.
Online child sexual abuse material.
Facts and statistics.
Protecting your child.
Protecting your computers.
With the advent of Social Media and Internet Technology, children have become vulnerable to cybercrimes such as cyberbullying, cyber stalking and childabuse. This presentation is an eyeopener and spreads awareness about the cyber threats prevalent on internet and gives tips on best practices for ensuring cyber safety and educates the children and the parent on how to deal with such problems .This presentation was delivered recently by Cyber law expert, Karnika Seth in Thiruvanthpuram at a National Consultation on Legislative and Executive measures required to safeguard children online.
Cyber crime is an activity done using computers and internet.
Cyber forensics is the science of collecting, examining, analyzing and reporting electronic evidence.
Defense Against The Digital Dark Arts: Navigating Online Spaces as a Journali...Michelle Ferrier
Orientation and overview of free speech, freedom of expression and free press issues in the United States and the tactics to navigate online spaces as a journalist and communicator.
Power point presentation on logical families.
A good presentation cover all topics.
For any other type of ppt's or pdf's to be created on demand contact -dhawalm8@gmail.com
mob. no-7023419969
Power point presentation on osi model.
A good presentation cover all topics.
For any other type of ppt's or pdf's to be created on demand contact -dhawalm8@gmail.com
mob. no-7023419969
Power point presentation on MS excel.
A good presentation cover all topics.
For any other type of ppt's or pdf's to be created on demand contact -dhawalm8@gmail.com
mob. no-7023419969
Power point presentation on logical families.
A good presentation cover all topics.
For any other type of ppt's or pdf's to be created on demand contact -dhawalm8@gmail.com
mob. no-7023419969
Power point presentation on backup and recovery.
A good presentation cover all topics.
For any other type of ppt's or pdf's to be created on demand contact -dhawalm8@gmail.com
mob. no-7023419969
Power point presentation on Intergrated Circuits.
A good presentation cover all topics.
For any other type of ppt's or pdf's to be created on demand contact -dhawalm8@gmail.com
mob. no-7023419969
Power point presentation on MS excel.
A good presentation cover all topics.
For any other type of ppt's or pdf's to be created on demand contact -dhawalm8@gmail.com
mob. no-7023419969
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
5. Security is necessary for prevention of
crime. And hence, we first need to know
what crime is! So first, we will learn about
the word crime and what does the term
cyber crime refer to in detail.
Crime is a social and economic phenomenon
and is as old as the human society. Crime is
a legal concept and has the sanction of the
law. Crime or an offence is “a legal wrong
that can be followed by criminal proceedings
which may result into punishment.”
The hallmark of criminality is that, it is
breach of the criminal law. Per Lord AtkinASHITA PHULWANI 5/4/2017
7. CATEGORIES OF CYBER CRIME
Cyber Crime refers to all activities done with criminal intent in
cyberspace. These fall into three slots.
• Those against persons.
• Against Business and Non-business organizations.
• Crime targeting the government.
ASHITA PHULWANI 5/4/2017
8. The first recorded cyber crime took place in the
year 1820! In 1820, Joseph-Marie Jacquard, a
textile manufacturer in France, produced the
Loom. This device allowed the repetition of a
series of steps in the weaving of special fabrics.
This resulted in a fear amongst Jacquard's
employees that their traditional employment and
livelihood were being threatened. They
committed acts of sabotage to discourage
Jacquard from further use of the new technology.
This is the first recorded cyber crime!
The first spam email took place in 1978 when it
was sent out over the Arpanet (AdvancedASHITA PHULWANI 5/4/2017
10. The intention must be dishonest.
• Such property must be movable in nature.
• Such property must be taken out of the possession of its owner.
• Such property must be taken without the consent of the owner.
• Such property must be removed from its original place to another.
ASHITA PHULWANI
Because ,
Everybody is using COMPUTERS. From white collar criminals to terrorist organizations And from Teenagers to Adults
New generation is growing up withcomputers
MOST IMPORTANT– Money transactions
are moving on to the INTERNET
11. Computers
Cell Phones
PDA’s
Game Consoles
ASHITA PHULWANI 5/4/2017
Could be-
Disgruntled employees
Teenagers
Professional hackers
Business rival
Divorced husband
Ex-boyfriend
12. Gullible
Desperados andgreedy people
Unskilled & Inexperienced people
Unlucky people
ASHITA PHULWANI 5/4/2017
Gathering trophies(quest to become famous)
General mischief
Financial gain
Revenge
Protest
Criminal activity
Identity theft
Forging documents and messages
13. Because of-
Anonymity.
Computer’s storage capacity.
Weakness in operating system.
Lack of user awareness.
ASHITA PHULWANI 5/4/2017
Loss of revenue
Wasted time
Damaged reputation
Reduced productivity
Identity theft
Security costs
Monetary loses
Privacy
14. Smart criminals don’t use their own computers.
Floppy disks
Zip/jazz disks
Tapes
Digital cameras
Memory sticks
Printers
CDs
PDAs
Games boxes
Networks
Hard drives
ASHITA PHULWANI 5/4/2017
15. • There are five general stages to develop and deploy a
“cyber attack”
Research
reconnaissance
Development
Testing
Attack
16. One of the biggest mistake anybody could possibly make is
assume that things will not get worse.
Wireless malware
Deadly combination
A deadly payload
Intelligent malware
ASHITA PHULWANI 5/4/2017
17. 1. Hacking of computer systems and networks
2. Cyber pornography involving production and distribution of
pornographic material, including child pornography
3. Financial crimes such as siphoning of money from banks, credit card
frauds, money laundering
4. Online Gambling
5. Intellectual property crimes such as theft of computer source code,
software piracy, copyright infringement, trademark violations
6. Harassments such as cyber stalking, cyber defamation, indecent
and abusing mails
7. Cyber frauds such as forgery of documents including currency and
any other documents Launching of virus, worms and Trojans
9. Denial-of-service attacks
10. Cyber attacks and cyber terrorism
11. Economic espionage
12. Consumer harassment and consumer protection
13.Theft Privacy of citizens
14. Sale of illegal articles such as narcotics, weapons, wildlife, etcASHITA PHULWANI 5/4/2017
18. 1. E-mail abuse
2. Spam mails
3. Cyber defamation
4. Theft of source code
5. Exchange of business secrets and documents
6. Insider attacks on personal database
7. Use of office computer for running other business
8. Transmission and viewing of pornographic materials
9. External cyber attacks on an organization resulting
in denial-of-service
10. Information espionageASHITA PHULWANI 5/4/2017
20. Cyber bullying is a type of bullying that takes
place using electronic technology. Electronic
technologies include devices and equipments
like cell Phones, Computers and Tablets as well
as communication tools including Social
Media sites, Text Messages, Chat and Websites.
ASHITA PHULWANI 5/4/2017
Cell phones and computers themselves are not to
blame for cyber bullying. Social media sites can be
used for positive activities like connecting kids
with their family and friends, helping students
with school and for entertainment. But these tools
can also be used to hurt some one. Whether done
in person or through technologies.
21. KIDS WHOARE CYBERBULLIEDARE MOSTLY LIKE:
Use alcohols and drugs
Skip schools
Experience in- person bullying
Be unwilling to attend schools
Receive poor grades
Have lower self-esteem
Have more health problems
ASHITA PHULWANI 5/4/2017
22. Near 43% of kids have been bullied
online. 1 in 4 has had to happen more
than one time.
70% of students report seeing frequent
bullying online.
Over 80% of teens use a cell phones
making it a common mode of bullying.
Girls are about twice as likely as boys to
be victims and perpetrators of cyber
bullying.
Only 1 in 10 victims will inform a parent
or a trusted adult about their abuse.
ASHITA PHULWANI 5/4/2017
23. The utterance of false
charges or
misrepresentations
which defame and
damage another's
reputation through
electronics ,media
,and social sites.ASHITA PHULWANI 5/4/2017
24. Cyber Stalking is use of the
Internet or other electronic
means to stalk someone. This
term is used interchangeably
with online harassment and
online abuse. Stalking generally
involves harassing or
threatening behavior that an
individual engages in repeatedly,
such as following a person,
appearing at a persons home or
place of business, making
harassing phone calls, leaving
written messages or objects, or
ASHITA PHULWANI 5/4/2017
25. Image manipulating is a severe crime that is taking place these days. that
criminals are stealing and manipulating photos of women from Face book
,social sites, profiles etc. criminals would go to the considerable effort of
both stealing and digitally photo shopping photos to sell them to porn
sites. the danger is not only to females even the pics of males are illegally
used for many things. it seems that predators are using social media sites
to find content for shocking porn sites. The catch here is that the people
using private photos stolen from private Face book accounts aren’t
actually breaking the law. When we sign up for social media sites like
Twitter and Face book, we are kind of giving permission to the whole world
to look at our private photos and read our statuses, know our location and
even our places of employment. Though we can monitor our private
photos on Facebook and Twitter there are several ways that predators
have found to get your information.
ASHITA PHULWANI 5/4/2017
26. A realistic manipulated pic of
barack obama and ACP
pradyuman
A manipulated picture
A manipulated realistic picture of
barack obama in traditional getup just
like rahul gandhi
ASHITA PHULWANI 5/4/2017
27. Jeong Da-bin (March 4, 1980 – February 10, 2007) was a South Korean actress. Best known for the
popular television series Rooftop Room Cat, she committed suicide in 2007 at the age of 26.
ASHITA PHULWANI 5/4/2017
28. Intellectual property theft case
Jun 23, 2009 at 0119 hrs IST
The economic offences wing (EOW) of the Pune police on Monday arrested a software
engineer Asma Sandip Thorve (37), a resident of Uday Society
in Sahkar Nagar, for allegedly cheating Brainvisa Technologies
to the tune of Rs 46.5 crores, by stealing their source code.
Earlier, the police had arrested software engineer Sameer
Ashok Inamdar (36) of Kondhwa in the same case.
According to the police, Inamdar resigned from Brainvisa
Technologies in August 2006. He allegedly stole the source
code and other secret information of Brainvisa Technologies
and started his own company. Owner of Brainvisa Technologies
Nitin Hemchandra Agarwal had lodged a police complaint
alleging that the company lost Rs 46.5 crores due to this.
A team, led by assistant commissioner Pushpa Deshmukh, arrested Thorve, who was
Inamdar’s business partner and allegedly provided him the confidential data of
Brainvisa.
Thorve worked as senior manager, business development, for Brainvisa from May 2004
to December 2005 and there on as vice president till December 2008, after which she
joined Inamdar as a partner. Thorve was produced before court on Monday and has
been remanded to police custody till June 26.ASHITA PHULWANI 5/4/2017
31. Every act committed towards breaking into a computer and/or
network is hacking. Hackers write or use ready-made computer
programs to attack the target computer. They possess the desire to
destruct and they get the kick out of such destruction. Some hackers
hack for personal monetary gains, such as to stealing the credit card
information, transferring money from various bank accounts to their
own account followed by withdrawal of money.
By hacking web server taking control on another persons website
called as web hijacking
It is technique of pulling out confidential
information from the bank/financial institutional
account holders by deceptive means
ASHITA PHULWANI 5/4/2017
34. From: *****Bank [mailto:support@****Bank.com]
Sent: 08 June 2004 03:25
To: India
Subject: Official information from ***** Bank
Dear valued ***** Bank Customer!
For security purposes your account has been
randomly chosen for verification. To verify
your account information we are asking you to
provide us with all the data we are requesting.
Otherwise we will not be able to verify your identity
and access to your account will be denied. Please click
on the link below to get to the bank secure
page and verify your account details. Thank you.
https://infinity.*****bank.co.in/Verify.jsp
****** Bank Limited
ASHITA PHULWANI 5/4/2017
35. ATM card fraud is a wide-ranging term for theft and recommitted
using a credit card or any similar payment mechanism as a
fraudulent source of funds in a transaction. The purpose may be to
obtain goods without paying, or to obtain unauthorized funds from
an account. Credit card fraud is also an adjunct to identity theft.
According to the Federal Trade Commission, while identity theft had
been holding steady for the last few years, it saw a 21 percent
increase in 2008. However, credit card fraud, that crime which most
people associate with ID theft, decreased as a percentage of all ID
theft complaints for the sixth year in a row.
This would include pornographic websites; pornographic
magazines produced using computers (to publish and print the
material) and the Internet (to download and transmit
pornographic pictures, photos, writings etc).ASHITA PHULWANI 5/4/2017
36. Theft of software through the illegal
copying of genuine programs or the
counterfeiting and distribution of
products intended to pass for the original.
The unauthorized copying of software.
A mail which
misrepresents its
origin. It shows it's
origin to be different
from which actually
it originates.
ASHITA PHULWANI 5/4/2017
37. Used for the commissionof financial crimes.
Keyhere is to make the alterationso insignificant that in a single case it would
go completely unnoticed.
E.g. a bank employee inserts a program, into the bank's servers, that deducts a
small amountof money (say Rs. 5 a month) fromthe accountof everycustomer.
No account holder will probablynotice this unauthorized debit, but the bank
employee will make a sizable amount of moneyeverymonth.
Malicious software that attaches
itself to other software. (virus,
worms, Trojan Horse, Time bomb,
Logic Bomb, Rabbit and Bacterium
are the malicious. ASHITA PHULWANI 5/4/2017
38. Cyberexortion is a crime involving an attackor threat of attack against an enterprise, coupled with
a demand for moneyto avertor stop the attack.
In otherwords, demanding huge amount of moneythrough internet otherwise the companydataor
informationof an individual will be leaked.
Nowadays demandingof ransomafter kidnapping alsodone throughinternet via emailsis alsoa
type of net exortion.
Internet RelayChat (IRC) servers have chat roomsin whichpeople
fromanywhere the world can come together and chat witheach
other
• Criminalsuse it for meeting coconspirators.
• Hackers use it for discussingtheir exploits / sharingthe techniques
• Pedophilesuse chat rooms to allure small children
• Cyber Stalking - In orderto harass a woman her telephone number
is givento others as if she wants to befriend males
ASHITA PHULWANI 5/4/2017
39. Why India??? ?
121 Million Internet Users
65 Million Active Internet Users, up by 28% from 51
million in 2010
50 Million users shop online on Ecommerce and Online
Shopping Sites
46+ Million Social Network Users
346 million mobile users had subscribed to Data
Packages.
A rapidly growing online user
base
ASHITA PHULWANI 5/4/2017
40. Non Reporting-causes
60% feared negative publicity
23% did not know police
equipped to handle cyber crimes
9% feared further cyber attacks
8% had no awareness of cyber
laws
False arrest concerns
UNAUTHORISED
ACCESS 19%
E-MAIL ABUSE 21%
DATA THEFT 33%
ASHITA PHULWANI5/4/2017
41. The police have recorded 3,038 cases but made only 2,700
arrests in 3 years (between 2007 and 2010).
India registered only 1,350 cases under the IT Act and IPC in 2010
50% of cybercrimes are not even reported.
ASHITA PHULWANI 5/4/2017
42. We have covered about three instances where high-profile
government websites were hacked and defaced. However, the
actual number of Government Websites that were hacked are
quite huge.
A total number of 90, 119, 252 and 219 Government websites
tracked by the Indian Computer Emergency Response Team
(CERT-In) were hacked / defaced by various hacker groups inASHITA PHULWANI 5/4/2017
43. Continued Website Hacks and
Defacements
Data and Information theft
Increasing phishing attacks on
Ecommerce and Financial Websites
Cybercriminals targeting Social and
Professional Networks
Threats directed at the Mobile
Platform: Smartphones and Tablets
ASHITA PHULWANI 5/4/2017
44. Cyber security involves protection of sensitive personal and business
information through prevention, detection, and response to different
online attacks.
Internet security is a branch of computer security specifically related
to the Internet.
It's objective is to establish rules and measure to use against attacks
over the Internet.
“Technology is like a fish. The longer it
stays on the shelf, the less desirable it
becomes.” -ANDREW HELLER
ASHITA PHULWANI 5/4/2017
45. Copying or Distribution
of Computer Programs
Cyberstalking
Identity Theft
Transmitting Child
Pornography
Credit Card Fraud
Theft of Intellectual
Property
Unauthorized Access to
Computer
Computer Sabotage
Computer Forgery
Bank Card Fraud
Any Computer Crime
0 5 10 15 20 25 30 35 40 45
Typesofcomputer-relatedcrimes.
Percentages of surveyed prosecutor offices with at least
one conviction.
0 20 40 60 80 100
1
Reported intrusions to law
enforcement
Internet connectioncited
as point of attack more
frequentlythaninternal
systems
Acknowledged financial
losses due to computer
breaches
Detected computer
securitybreaches within
the last 12 months
32%
80%
74%
90%
Percentage of users surveyed.
ASHITA PHULWANI 5/4/2017
46. Privacy policy :
Before submitting your name, email address, or other personal
information on a web site, look for the site's privacy policy.
Evidence that your information is being encrypted :
To protect attackers from hijacking your information, any personal
information submitted online should be encrypted. Many sites use SSL
or secure sockets layer, to encrypt information.
ASHITA PHULWANI 5/4/2017
47. Keep software up to date:
If the seller releases patches for the software operating your device,
install them as soon as possible. Installing them will prevent attackers
from being able to take advantage.
Use good passwords:
Select passwords that will be difficult for thieves to guess. Do not
choose options that allow your computer to remember your passwords.
ASHITA PHULWANI 5/4/2017
48. Explosion of computer and broadband internet
availability .
Low priority of security for software developers.
Challenge of timely patching vulnerabilities on all
systems.
49. The cyber security will defend us fromcritical attacks.
It helps us to browse the safe website.
Internet security process all the incomingand outgoingdata on our
computer.
Security will defend fromhacks andvirus.
The application of cybersecurity used in our PC needs update every week.
The security developerswill updatetheirdatabase every week once. Hence
the new virus also deleted
ASHITA PHULWANI 5/4/2017
50. Use antivirus software’s
insert firewalls
uninstall unnecessary software
maintain backup
check security settings
Stay anonymous - choose a genderless screen name
Never give your full name or address to strangers
Learn ‘Etiquette' - follow it and expect it from others
Don't respond to harassing or negative messages (flames)
Get out of uncomfortable or hostile situations quickly
Save offending messages
Learn more about Internet privacy
ASHITA PHULWANI 5/4/2017
51. Avoid disclosing any information pertaining
to oneself.
Avoid sending any photograph online
particularly to strangers.
Use latest and up date anti virus software.
Keep back up volumes.
Never send your credit card number to any
site that is not secured.
Use of firewalls may be beneficial.
ASHITA PHULWANI 5/4/2017
52. Decrease in broken software =
Increase in good software
CyberSecurity
CyberCrime
VS Graph - two sides of the same coin
ASHITA PHULWANI 5/4/2017
53. Cyber law is the area of law that deals
with the Internet's relationship to
technological and electronic elements,
including computers, software,
hardware and information systems (IS).
Cyber law or Internet law is a term
that encapsulates the legal issues
related to use of the Internet.
54. Cyber means the use of Internet technologies and
computers it includes computers, networks,
software, data storage devices, Internet,
websites, emails, ATM machines etc.
To protect the cyber crime over Internet , this
law is Passed to protect the Internet cyber
crime. This law is approved by the government.
Cyber law Includes:
~~ Cyber crimes
~~ Electronic and Digital Signatures
~~ Intellectual Property
~~ Data protection and privacy
55. Integrity and Security of Information
Security of Government Data
Intellectual Property Rights
Privacy and Confidentially of Information
Legal Status of Online Transactions
Copyright law
Trademark law
Patent law
Data Protection and Privacy Laws
56. Helpful to promote e-commerce
Enhance the Corporate Business
Filling Online Forms
High penalty for Cyber Crime
E – governance
57.
58. Cyber Cafe Monitoring System (CCMS) –
This Technology Comprises Of A
Biometric System For Recording Fingerprints Of Persons
Who Use A Workstation. This Potent System Has Some
Other Features Like Facility To Take Live Snapshots,
Public IP Address And MAC Address.
59. Cyber Law is the law governing computers and
the Internet.
companies now be able to carry
Out e-commerce.
Act allows govt. to issue
notification on web.
Consumers are now increasingly using credit cards
for shopping.
Most people are using emails for communication.
60. Tampering with computer source documents
Hacking with computer system
Publishing of information which is obscene in
electronic form
Misrepresentation
Breach of confidentiality and privacy
Publishing digital signature false in certain
particulars
Publication of unlawful document for fraudulent
purpose
Can be charged up to rupees 1 to 3 Lakhs
OR
Can get imprisonment for 2 to 10 Years
OR
Both can be implemented according to the law
Person found doing activities such as
ASHITA PHULWANI 5/4/2017
61. Hackers, virus and worm writers could get 20
years to life in federal prison.
Anyone who uses computers to cause death or
bodily harm, such as bringing down power grids
or airport control centers, can get the maximum
sentence.
The sentence is increased by 25% if they steal
personal information.
The sentence is increased by 50% if they share
the stolen information.
If posted on the Internet, sentence is doubled!
ASHITA PHULWANI 5/4/2017
62. CyberLawsinIndia
UnderTheInformation
TechnologyAct,2000
CHAPTER XI – OFFENCES – 66. Hacking with
computer system.
(1) Whoever with the Intent to cause or knowing
that he is likely to cause Wrongful Loss or
Damage to the public or any person Destroys or
Deletes or Alters any Information Residing in a
Computer Resource or diminishes its value or
utility or affects it injuriously by any means,
commits hack.
(2) Whoever commits hacking shall be punished with imprisonment up to three
years, or with fine which may extend up to two lakh rupees, or with both.
ASHITA PHULWANI 5/4/2017
63. Whoever without permission of
the owner of the computer :
Secures Access;
Downloads, Copies or extracts
any data, computer database or
any information;
Introduce or causes to be introduce
any Virus or Contaminant;
Disrupts or causes disruption;
Denies or causes denial of access to any person;
Provides any assistance to any person to
facilitate access
Charges the services availed of by a person to
the account of another person by Tampering with
or Manipulating any Computer, Computer
System, or Computer Network;
Shall be liable to pay damages by way of
compensation not exceeding one crore rupees toASHITA PHULWANI 5/4/2017
64. Legal recognition of the E-commerce
Digital Signatures and Regulatory Regime
Electronic Documents at par with paper documents
E-Governance
ElectronicFiling of Documents
Amend certain Acts
Define Civil wrongs, Offences, punishments
Investigation, Adjudication
Appellate Regime
ASHITA PHULWANI 5/4/2017
65. Conflict of Jurisdiction
Domain names
Intellectual Property Rights
Various kinds of cyber crimes are not defined
Privacy and content regulation
Parameters for its implementation
ASHITA PHULWANI 5/4/2017
66. email would now be a valid and legal form of communication
in our country that can be duly produced and approved in a court
of law.
Companies shall now be able to carry out electronic commerce
using the legal infrastructure provided by the Act.
Digital signatures have been given legal validity and sanction in the
Act.
The Act now allows Government to issue notification on the web
thus heralding e-governance
statutory remedy in case if anyone breaks into companies
computer systems or network and causes damages or copies data
ASHITA PHULWANI 5/4/2017
67. Information Technology
Amendment Act, 2008
Section – 43,
Destroys, Deletes or Alters any Information residing in a computer
resource or diminishes its value or utility or affects it injuriously by
any means;
Steals, conceals, destroys or alters or causes any person to steal,
conceal, destroy or alter any computer source code used for a
computer resource with an intention to cause damage;
“If any person, dishonestly, or fraudulently, does any act referred to
in section 43, he shall be punishable with imprisonment for a term
which may extend to two three years or with fine which may extend to
five lakh rupees or with both.” [S.66]ASHITA PHULWANI 5/4/2017
68. S.66A - Punishment for sending offensive messages through
communication service, etc
Any person who sends, by means of a computer resource or a
communication device;
Any information that is grossly offensive or has menacing
character; or
Any information which he knows to be false, but for the purpose
of causing annoyance, inconvenience, danger, obstruction, insult,
injury, criminal intimidation, enmity, hatred, or ill will,
persistently makes by making use of such computer resource or a
communication device;
Any electronic mail or electronic mail message for the purpose of
causing annoyance or inconvenience or to deceive or to mislead the
addressee or recipient about the origin of such messages;
Shall be punishable with imprisonment for a term which may extend
to three years and with fine.
ASHITA PHULWANI 5/4/2017
69. S. 66E - Punishment for violation of privacy.
“Whoever, intentionally or knowingly captures, publishes or transmits
the image of a private area of any person without his or her
consent, under circumstances violating the privacy of that person,
shall be punished with imprisonment which may extend to three
years or with fine not exceeding two lakh rupees, or with both”
S. 67 A - Punishment for publishing or transmitting of
material containing sexually explicit act, etc. in electronic
form
“Whoever publishes or transmits or causes to be published or
transmitted in the electronic form any material which contains
sexually explicit act or conduct shall be punished on first conviction
with imprisonment of either description for a term which may
extend to five years and with fine which may extend to ten lakh
rupees”
ASHITA PHULWANI 5/4/2017
71. S. 67 C - Preservation and Retention of information
by intermediaries.
“(1) Intermediary shall preserve and retain such
information as may be specified for such duration and
in such manner and format as the Central Government
may prescribe.
(2) Any intermediary who intentionally or knowingly
contravenes the provisions of sub section (1) shall be
punished with an imprisonment for a term which may
extend to three years and shall also be liable to fine.”
ASHITA PHULWANI 5/4/2017
72. a negotiable instrument as defined in section 13 of the
Negotiable Instruments Act, 1881;
a power-of-attorney as defined in section 1A of the Power-of-
attorney Act, 1882;
a trust as defined in section 3 of the Indian Trusts Act, 1882;
a will as defined in section 2 (h) of the Indian Succession Act,
1925 (39 of 1925) including any other testamentary
disposition by whatever name called;
any contract for the sale or conveyance of immovable
property or any interest in such property;
any such class of documents or transactions as may be
notified by the Central Government in the Official Gazette.
ASHITA PHULWANI 5/4/2017
73. Arrests& ReportsUnderITAct
Under the IT Act, 966 cybercrime
cases were filed in 2010
420 in 2009)
Geographic breakdown of cases
reported:
o 153 from Karnataka,
o 148 from Kerala
o 142 from Maharashtra
o 105 Andhra Pradesh
o 52 Rajasthan
o 52 Punjab
233 persons were arrested in 2010
33% of the cases registered were
related to hacking
Source: National Crime Records Bureau
ASHITA PHULWANI 5/4/2017
74. Under the IPC, 356 cybercrime cases were
registered in 2010 (276 cases in 2009)
Geographic breakdown of cases reported --
o 104 from Maharashtra
o 66 Andhra Pradesh
o 46 Chhattisgarh
The majority of these
crimes were either
forgery or fraud cases.
ASHITA PHULWANI 5/4/2017
75. Arms ActOnline sale of Arms
Sec. 383 IPCWeb - Jacking
NDPS ActOnline sale of Drugs
Sec 416, 417, 463 IPCEmail spoofing
Sec 420 IPCBogus websites, cyber frauds
Sec 470, 471 IPCForgery of electronic records
Sec 499, 500 IPCSending defamatory messages by email
Sec 503 IPCSending threatening messages by email
ASHITA PHULWANI 5/4/2017
76. Tampering with
the computer
source documents
• imprisonment up to three years
• fine up to Rs. 2 lakhs
hacking
• imprisonment up to three years
• fine up to Rs. 2 lakhs
published any
matter which is
obscene
• imprisonment up to five years
• RS. 1,00,000
unauthorized
access
• imprisonment up to ten years
• Some fine
breach of
confidentiality and
privacy
• imprisonment up to two years
• RS. 1,00,000
ASHITA PHULWANI 5/4/2017
77. IT professionals
Corporate security personnel
Private investigators
Law enforcement
ASHITA PHULWANI 5/4/2017
78. Ability to control what information one reveal about oneself over the
Internet, and to control who can access that information
Data is a corporate asset, like any other
Corporate data is at a higher risk of theft or misuse than ever before
Companies have obligations to protect data
Laws, regulations, guidelines
Contracts with third parties
Privacy policies for users of websites, other online features
Breaches of data privacy, data security can result in
Damage to reputation
Disruption of operations
Legal liability under new and amended laws, regulations, and guidelines, as well as under
contracts
Financial costs
ASHITA PHULWANI 5/4/2017
79. right to share one’s thoughts and experiences with a community of fellow Internet users
BUT
contributors should avoid infringing on other people’s individual rights, including their right to
privacy and the protection of personal data
ASHITA PHULWANI 5/4/2017
80. • “Personally identifiable information” (PII) can be linked to a specific individual
Name, e-mail, full postal address, birth date, Social Security number, driver’s license
number, account numbers
• “Non-personally identifiable information” (non-PII) cannot, by itself, be used to
identify a specific individual
Aggregate data, zip code, area code, city, state, gender, age
ASHITA PHULWANI 5/4/2017
81. Do you need one?
• No, if your website:
Is merely static
Is business-to-business (B2B) only, and collects no
PII from consumers
• Yes, otherwise
What must it cover?
• Actual practices for PII and information that
reasonably could be associated with a person or
device, regarding
Collection
Storage
Use
Sharing
Special concerns if information involves
Financial information
Medical information
Children’s information
Special concerns for specific jurisdictions
European Union
California
Opt outs from information collection available?
Caution regarding links to third party sites
Notice whenever privacy practices change
Best practices:
• Clear and concise
• Comprehensive
• Comprehensible
• Current
• Consistent with your actual practices
Do not overpromise: “We will never share your
information . . .”
ASHITA PHULWANI5/4/2017
82. Do not panic or overreact
Get facts: nature, scope of breach
Determine whether, when to notify affected
individuals
Prevent further unauthorized access
Preserve evidence, deal with law enforcement
(your “frien-emy”?)
Notify vendors (such as payment processors)
Notify insurers
Offer contact person
Do not forget to alert those “on the front lines”
ASHITA PHULWANI 5/4/2017
83. Web pixel spyware – single-pixel clear GIF
Image reference buried in HTML
Browser requests image
Server returns bug plus cookie
Request provides click stream data
Difficult to spot a Web pixel spyware
Web pixel spyware in HTML formatted e-mail
Secret return receipt
ASHITA PHULWANI 5/4/2017
This Web
bug is
designed to
be seen
84. Again, this one is designed to be seen
ASHITA PHULWANI 5/4/2017
85. Surveillance
Continual observation
Tampa – facial scanning at Super Bowl
Packet sniffing
Monitoring
The act of watching someone or something
E-mail Web bugs
Workplace monitoring is legal
ASHITA PHULWANI 5/4/2017
Spyware
Sends collected data over back channel
Snoop ware
Records target’s online activities
Retrieved later
Screen shots, logs, keystrokes
Other surveillance/monitoring sources
On Star and GPS tracking
E-ZPass systems
Phone calls and credit card purchases
86. Fake banner ads like this one are very annoying
Spawner – spawns its own pop-up ads
Mouse-trapper
Turns off browser’s Back button
Disable pop-ups ad’s close button
No way to close ad – must reboot
Spam is a source of spawners and mouse-trappers
ASHITA PHULWANI 5/4/2017
87. The crime of obtaining money or some other benefit by deliberate deceptio
Most common forms of IT fraud
Identity theft
Credit card fraud
Scammers and con artists
Financial swindles
ASHITA PHULWANI 5/4/2017
Implement appropriate security measures
Get a copy of your credit report
Use:
Junk e-mail account
Anonymous remailer
Stealth surfing service
Common sense
Deal with recognized, trusted e-retailers
Keep important numbers and passwords secret
Use good passwords
If your computer acts strangely, find out why
88. User-tracking:
Internet Service Providers (capable to observe any Internet-related activity of the user)
Cookies (parcels of text sent by a server) tracking and maintaining specific information of the
user
Data logging (may include recording times when the computer is in use, or which web sites
are visited)
Spyware programs
Web bug
Social engineering
Phishing
Malicious proxy server
Search engines
Illegal and harmful content:
A. Need to fight against the illegal content of the Internet with legal tools (top-down
control):
Council of Europe`s 2001 Convention on Cybercrime (child-pornography) – Additional
Protocol, 2006 (racist and xenophobic materials), but only 11 countries ratified it…)
OECD Recommendation on Cross-border Co-operation in the Enforcement of Laws Protecting
Privacy
European Commission: Safer Internet and Safer Internet Plus programs
B. Need to fight against the harmful content of the Internet (bottom-up control):
from self-regulation to co-regulation
On-line social networks:
Concept dates back to the 1960s, but participation increased in recent years (Hungary: 1.5 million
registered iWiW users)
Participants are offering self-profile in order to contact or being contacted.
Risks range from identity theft to online and phisical stalking, embarrasment, discrimination and
blackmailing. ASHITA PHULWANI 5/4/2017
89. Anonymising and pseudonym use e.g. nicknames
Moderation principles
Problems:
which identifier used on the Iinternet qualify as personal data?
uncontrollable manners of personal data disclosure
lack of international cooperation
ASHITA PHULWANI 5/4/2017
Children spend annual 300 billion $ of their pocket money on a global
market!
More vulnerability:
- underestimation of risks,
- ignorance of privacy information
→ need of additional protection!
90. 99% of the attacks are thwarted by basic hygiene and some luck
DO
Think before you click etcetera
Up-to-date anti-virus, firewall and site advisor
BUT
Some new attacks may get through. However, attacker may only use your
machine to attack others and not attack you per se.
Will not prevent data loss by merchants and other servers. However, still have
safety in numbers. Attackers can steal a lot of account numbers but can exploit
much fewer.
1% of the attacks are difficult and expensive to defend or detect
For most individuals
We are simply not an attractive enough target.
For the US Department of Defense and its contractors
A huge target. Current score: 50-1 in favor of attackers (roughly)
For companies in less sensitive businesses
A serious threat to be taken seriously
ASHITA PHULWANI 5/4/2017
92. PAST, PRESENT
Cyber security is a young and immature field
The attackers are more innovative than defenders
Defenders are mired in FUD (fear, uncertainty and doubt) and fairy tales
Attack back is illegal or classified
FUTURE
Cyber security will become a scientific discipline
Cyber security will be application and technology centric
Cyber security will never be “solved” but will be “managed”
Attack back will be a integral part of cyber security
ASHITA PHULWANI 5/4/2017
Security Objectives:
Black-and-white to shades of grey
Attackers:
Innovative beyond belief
Defenders:
Need new doctrine
93. Major Innovations
Bonnets
Robust underground economy and supply chain
Targeted attacks
Stealthy attacks
Some Examples
Drive by downloads
Scare ware
Doctored online statements
Long-lived stealth attacks
Status
Attackers have sizable inventory of known but unused or rarely used
tricks
Innovation will continue
ASHITA PHULWANI 5/4/2017
94. OLD: Cyberspace is a supporting infrastructure
NEW: Cyberspace is a war-fighting domain on par with land,
sea, air and space
OLD: It’s all defense, no attack back or preemptive attack
NEW: All’s fair in war
OLD: Defend the entire network to the same degree
NEW: Defend selectively and dynamically
OLD: Blame and harass the end user
NEW: The user is part of the solution
OLD: Defend against yesterday’s attacks
NEW: Be proactive, get ahead of the curve, future-proof
ASHITA PHULWANI 5/4/2017
97. Financial Rewards
Politics
Show Off
Personal Gratification
They know they can
Web Site Research
User Groups
Email Staff
Call Modems
Read Trash
Impersonated Someone You Trust
Scan Your Systems
War Drive Your Wireless
Use Known and Unknown Exploits
Viruses, Trojans & Worms
Phishing
Attack Partner Networks to Gain Access to Yours
Sniff Your Traffic
Brute Force Passwords
Spam You
Denial of Service ASHITA PHULWANI 5/4/2017
98. Intellectual Property
Customer’s And Staff’s Privacy
Confidential Data
System Availability
Reputation
Regulatory Challenges
Roadmap
Establishes Baseline
Strengthens Security
Provides Due Diligence
Efficient Formal Audits
Finds the Weak Areas
ASHITA PHULWANI 5/4/2017
99. Holistic Approach
Comprehensive reviews (infrastructure, server, application, etc.)
Based on Organizational Security Policy, and taking full life cycle into
account
Consider people and processes, as well as technology
Sensible, accessible documentation
Helpful to executive decision-makers: explanation of risk in business
terms
Helpful to managers: project plans, prioritization of tasks
Helpful to technical staff: clear standards, specific recommendations
Threat Modeling
Identifying assets
Identifying threats
Making qualitative (or quantitative) assessments of risk
ASHITA PHULWANI 5/4/2017
100. 1. Policies & Procedures
2. Security Awareness
3. Access and Authorization
4. Patch Management
5. Mis-Configured Systems & Applications
6. Encryption & Digital Signatures
7. Incident Handling Processes
8. Disaster Recovery & Business Continuity
9. Physical Safeguards
10. Intentional Bypassing of Security Controls
ASHITA PHULWANI 5/4/2017
101. Communicate Your Organizations Commitment to Security
Provide a Baseline and Roadmap for Security Controls
Demonstrate Due Diligence
All Pertinent Security Control Information Communicated
Realistic – Manageable
Enforceable
A well trained user will assist your security efforts
Time needs to be invested in user training
A well trained user usually requires less help desk support
ASHITA PHULWANI 5/4/2017
102. Weak Passwords
Sharing Accounts
Not Enforced
Easy to Exploit
Prevention
Strong Security Policies
Utilize OS Complex Password Configuration
Implement Technical Authorization, Authentication and Accounting Mechanisms (AAA)
Implement Two-Factor Authentication
Hard to Manage
Less Window of Opportunity
Exploits are coming too fast
Can Break System
Require Resources
Prevention
Strong Patch Management Mechanisms – Automate
Add Intrusion Prevention Mechanisms
Assure only needed or updated Services
Strengthen SNMP Strings
Secure Wireless Networks
Remove Default Settings
Filter Outgoing Access at FirewallASHITA PHULWANI 5/4/2017
103. Intrusion Prevention/Detection
Anti-virus Mechanisms
Logging/Auditing
Strong Policies and Documentation
Formal Plan
Prioritized Systems
Standard Backup Process
Tested Backups
Redundant Systems
Visitor Badges
Building & Data Center Access/Monitoring
Fire Prevention/Suppression & Detection
UPS Testing and LoadASHITA PHULWANI 5/4/2017
104. Installing
Modems
Wireless Networks
Gotomypc or other remote access items
Unauthorized Software – Games, Screensavers, etc
Prevention
Strong Security Policies
Centralized and Managed Intrusion Prevention Mechanisms
Implement Network Admission Control
National Institute of Standards & Technology Referenced Throughout Most Regulations
Policies and Procedures Are Critical to NIST Best Practices
ISO-17799 is Industry Recognized Standard for Security
ISO-17799 Covers 10 Areas of Security
Each ISO-17799 Area Has Individual Security Items
If You Follow NIST and ISO-17799 You Would Have a Strong Security Posture and Should Pass
Almost Every Audit
Combine NIST 800-26 Levels and ISO-17799ASHITA PHULWANI 5/4/2017
105. Security Policies
Organizational Security
Asset Classification & Control
Personnel Security
Physical and Environmental Security
Communications & Operations Management
Access Control
System Development & Maintenance
Business Continuity Management
Compliance
Level 1 –
control objective documented in a security policy
Level 2 –
security controls documented as procedures
Level 3 –
procedures have been implemented
Level 4 –
procedures and security controls are tested and reviewed
Level 5 –
procedures and security controls are fully integrated into a comprehensive program.
ASHITA PHULWANI 5/4/2017
106. It is important to budget for remediation
A security assessment without remediation efforts is a waste of
time and money
Remediation usually involves resource time and product cost
It is important to budget for one time and reoccurring costs
Prioritize Risks and Remediation Steps
Align Business and IT Strategies
Establish Resources – Internal, External, Products
Establish Internal SLAs between IT and Business Units
ASHITA PHULWANI 5/4/2017
107. Year Title Intent
1970 Fair Credit Reporting Act Limits the distribution of credit reports to those who need to know.
1974 Privacy Act Establishes the right to be informed about personal information on government
databases.
1978 Right to Financial Privacy Act Prohibits the federal government from examining personal financial accounts
without due cause.
1986 Electronic Communications Privacy
Act
Prohibits the federal government from monitoring personal e-mail without a
subpoena.
1988 Video Privacy Protection Act Prohibits disclosing video rental records without customer consent or a court
order.
2001 Patriot Act Streamlines federal surveillance guidelines to simplify tracking possible
terrorists.
ASHITA PHULWANI 5/4/2017
108. Prohibits“unfair or deceptive practices in or affectingcommerce.” No need to prove intent.
• A practice is “unfair” if:
It causes or is likelyto cause substantial injuryto consumers
It cannot reasonablybe avoidedby consumers
It is not outweighed by countervailing benefits to consumers or to competition
• A representation, omission, or practice is “deceptive”if:
It misleads, or is likelyto mislead, consumers
Consumers’ interpretation of it is reasonableunder circumstances
It is material
Practices attacked by FTCas “deceptive”:
• Violatingpublishedprivacypolicies
• Downloadingspyware, adware ontounsuspecting users’computers
• Failingto verifyidentityof persons to whomconfidential consumerinformation was
disclosed
Practices attacked by FTCas “unfair”:
• Failingto implement reasonable safeguards to protect privacy of consumer information
ASHITA PHULWANI 5/4/2017
109. Applies to operators of commercial websites and online services that collect
information from children under age 13
“No one knows you’re a dog on the internet.”
Requires reasonable efforts to get verifiable consent of parent or guardian or to notify
parent or guardian
Requires notice of
What information is collected from children
How information is used
How information is shared
Prohibits conditioning child’s participation in an activity on disclosure of more PI than is
necessary
Amendments effective July 1, 2013
Include geo-location information, photos, and videos in types of PI that cannot be
collected without parental notice and consent
Provide streamlined approval process for new ways to get parental consent
Require website operators to take reasonable steps to release children’s PI only to
companies capable of keeping it secureASHITA PHULWANI 5/4/2017
110. Controlling the Assault of Non-SolicitedPornography and Marketing
Prohibits fraudulent, abusive, deceptive commercial email
“One-bite” rule:
Businessmay sendunsolicitedcommercial email message, properly labeled, to consumer, with
easymeansfor consumerto opt out. If the consumer opts out, businessmay no longer send
emails
Commercial email broadly definedas having primarypurposeto advertise or promote
commercial product or service
Does not apply to transactional emails, which facilitateor giveupdate on agreed-
upontransaction
Businessmust monitor thirdparty handling email marketing to ensure
compliance
Pre-empts state statutes, but states may enforce sections of Act addressing
fraudulent or deceptive acts, computer crimes, other advertising restrictions
ASHITA PHULWANI 5/4/2017
111. Invisible crimes are dangerous than visible crimes.
To 5 countries affected by cyber crimes are 1.USA 2.CHINA
3.RUSSIA 4.BRAZIL 5.INDIA.
The world loses 557 million’$’ annually to cyber crime.
Computer crime rises 57% year by year.
Treat your password like you treat your toothbrush. Never
give it to anyone else to use, and change it every few months
A MODERN PROVERB: " The modern thief can steal more with a
computer than with a gun. Tomorrow's terrorist may be able to do
more damage with a keyboard than with a bomb".
–National Research Council, U S A
"Computers at Risk”.1991ASHITA PHULWANI 5/4/2017
112. Cybercrime is indeed getting the recognition it deserves.
However, it is not going to restricted that easily.
In fact, it is highly likely that cybercrime and its hackers will continue developing
and upgrading to stay ahead of the law.
So, to make us a safer we must need cyber security.
The only possible step is to make people aware of
their rights and duties (to report crime as a
collective duty towards the society) and further
making the application of the laws more stringent to
check crime.
ASHITA PHULWANI 5/4/2017
113. Established national “Do Not Call” registry
Regulates use of “automated telephone equipment” such as auto-
dialers, artificial or pre-recorded voice messages, fax machines
Prohibits transmission of a “call” using an “automatic telephone
dialing system” without prior consent of called party
Per FCC, “call” covers both voice calls and text messages (even texts
for which called party is not charged)
Enforcement by federal or state authorities
Individuals may bring civil actions
Papa John’s class action over text messages claimed violations of
TCPA, Washington Consumer Protection Act
Relief can include injunction, actual damages, statutory damages of
$500 per violation, treble damages
ASHITA PHULWANI 5/4/2017
114. User awareness is key to a secure computer/network
Do not open suspicious files/emails
Verify ActiveX/Java prompts
Avoid using P2P programs
Avoid downloading freeware
If attacked, disconnect the network. Do not turn off the computer
Without Careful Attention To These Issues, The Uncontrolled Interconnection Of
Existing Systems, On Which People And Organizations Are Critically Dependent, Will
Continue To Create Huge, Ill-defined And Defenseless Super - Systems.
So We Must Pay Attention To All Those Issues And Protect The World From Cyber
Crime.
Indian Laws are well drafted and are capable of handling all kinds of challenges as
posed by cyber criminals. However, the enforcement agencies are required to be well
versed with the changing technologies and Laws.”
"As internet technology advances so does the threat of cyber crime. In times like these
we must protect ourselves from cyber crime. Anti-virus software, firewalls and security
patches are just the beginning. Never open suspicious e-mails and only navigate to
trusted sites.”
ASHITA PHULWANI 5/4/2017
115. We gather from all the above information
that cyber laws are very necessary in any
country for the proper regulation of
Internet activities.
The Information Technology Act, 2000 is a
historical step taken by the country to
solve the problem of increasing number of
cyber crimes.
Although this act covers a lot of areas, it
also has its shortcomings and thus, a few
amendments are needed for correct
regulation of cyber crimes.
ASHITA PHULWANI 5/4/2017
116. Crimes are not to be measured by the issue of
events, but by the bad intensions of men.
The greatest crimes do not arise from a want of
feeling for others but from an over sensibility for
ourselves and an over indulgence in our own
desires.
ASHITA PHULWANI 5/4/2017
This information is from the Web site with URL
http://www.ojp.usdoj.gov/nij/sciencetech/slides/fromBJSNCJ193441.pdf
Resource(s)
Attachment E: http://www.ojp.usdoj.gov/nij/sciencetech/slides/fromBJSNCJ193441.pdf
Confidentiality - The information requires protection from unauthorized disclosure.
Integrity - The information must be protected from unauthorized, unanticipated, or unintentional modification. This includes, but is not limited to:
Authenticity – A third party must be able to verify that the content of a message has not been changed in transit.
Non-repudiation – The origin or the receipt of a specific message must be verifiable by a third party.
Accountability - A security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.
Availability - The information technology resource (system or data) must be available on a timely basis to meet mission requirements or to avoid substantial losses. Availability also includes ensuring that resources are used only for intended purposes.