This document provides an overview of digital crimes and cybersecurity issues on a global scale. It discusses the large economic costs of digital crimes to nations and organizations, provides several case studies of significant cyber attacks and data breaches, and outlines types of digital crimes committed against governments, organizations, property, society, and individuals. The case studies illustrate how digital criminals have used viruses, spoofing, hacking, data theft, and other techniques to inflict major impacts. Overall, the document examines the changing nature of crimes in the digital age and some of the most serious cybersecurity incidents occurring worldwide.

2. CONTENTS
S. No PARTICULARS PAGE
Part 1: What we are up against?
Understanding the problem
1 Overview: Technology & Crime - the global scenario
2 From conventional to digital crime
3 Changing crime scene & trends
4 Changing motive & weapons of offense
5 Top 10 Cyber crimes in the last decade
6 Profile of the digital Criminal & Modus Operandi
7 Top 10 most notorious digital criminals
Part 2: Future of crime
Expecting the unexpected
Future of crime
Internet - the new underworld for organized crime
Social Media as a crime scene
Social Media - a source of information for the investigators
Quiz
Part 3: Policing in the Digital age
Well begun is half done
How digital crime is transforming policing
Types of digital crime
Crimes against nation/ government
Cyber war
Cyber terrorism
Electronic Vandalism and Extortion
Crimes against private organization
Unauthorized control/access over computer system/ website
Information theft
Distribution of pirated software etc.
Crimes against Property
Computer vandalism.
Transmitting virus.
Unofficial access over computer system.
Property crimes
‘Internet time’ thefts
Crimes against Society
Pornography
Trafficking
Financial crimes- cheating, fraud, forgery
Online betting/gambling
Sale of banned items- arms, drugs, counterfeit currency
Crimes against Individuals
Spam e-mails
Cyber-stalking/ cyber bullying/ Cyber threats
Distribution of obscene material

3. CONTENTS
Cheating & Fraud
Illegal control over computer system
Issues related to jurisdiction and borderless crime
Digital Financial Data Analysis
Part 3: Evidence in a Digital crime case
What To Expect, Where & Why?
What are the various types of permissible and potential Evidence
Digital Evidence and non-electronic Evidence
Properties of Evidence - Admissible, Authentic, Complete, Reliable, Believable
Handling Digital Evidence at the Scene
Collection And Preservation Of Digital Evidence
Tools and Materials for Collecting Digital Evidence
Digital Evidence And Mobile Devices
Part 4: Beginning Investigation in a Digital crime case
What To do, when and How?
Stages of investigation from registration of case to prosecution
Securing and Evaluating the Scene
Documenting the Scene
Investigative Tools and Equipment
Evidence Collection
Searching and Seizure
• with a warrant
• without a warrant
Packaging, Transportation, and Storage
Digital Evidence on Mobile Devices
Part 5: Introduction to Digital forensics
Appropriate tools in the right person’s hands
Digital evidence lab analysis tools
Part 6: law - evidence, cyber law & information technology
Plugging the loop holes
Bridging the gap between IT & Law
Copies vs. Originals
International laws on cyber crime
Landmark international & national cyber law judgments
Indian Evidence Act, 1872
IT Act and evidence
Bankers’ Books Evidence Act, 1891
Case laws
Admissibility of Electronic Records
Courtroom presentation of digital evidence
Part 7: Best practices and case studies
Learning from others success & failures
Digital evidence management from crime scene to courtroom
Best Practices In Digital Evidence Collection
Common Mistakes Made In Digital Crime Investigation & Forensic Analysis
Case studies in digital crime Investigation

4. 1. Technology & crime - the
global scenario
IMPACT OF DIGITAL CRIMES:
Digital crime costs the global economy about $575 billion every year
United States, China, Japan and Germany lose around $200 billion a year
China (83 %), Brazil and India (76 %) and USA (73 %) are the most victimized nations.
Almost 75% of surfers in US have been victims of online credit card fraud, identity theft or
received computer viruses.
More than 54 million people in Turkey, 40 million people in United States, 20 million in China
and some 16 million in Germany have fallen victims to some form of digital crime
Loss on account of stolen credit card information alone is to the tune of $150 billion.
More than half (66 percent) the cybercrimes are not even reported to the police.

5. CASE # 1: In May 2000 an email with the subject line "ILOVEYOU" and an attachment file "LOVE-
LETTER-FOR-YOU.txt.vbs" created havoc all over the globe. Even the most hard-core and
rational “techie” forgot the alertness, caution and suspicion for the unknown taught during
training and repeatedly mentioned in the security protocol, and clicked on the mail. Love was
the magic word, which triggered the whole thing. Every human being needs affection and
wants to be loved. They were no different. As soon as the email arrived even the most alert IT
professional was curious to know who is this person who loves me? And before they could
realize what was going on the Visual Basic script in the attachment had done the damage
overwriting image files and sent a copy of itself to all the addresses in the Microsoft Outlook
address book.
Impact: Within ten days over fifty million computers - almost 10% of internet-connected
computers in the world were infected. It took considerable time and effort to get rid of the
infection and recover backup files. The Pentagon, CIA, British Parliament and many large
corporations completely shut down their mail systems. It was one of the world's most
dangerous computer related disasters and created a world record for the most virulent
computer virus. Later it was known that two young Filipino computer programmers - Reonel
Ramones and Onel de Guzman had triggered the malware via Internet service provider Sky
Internet's servers.
CASE # 2: Two US lawmakers Leonard Lance of New Jersey and Grace Meng of New York have
urged the government of India to take action against telephone scammers in India using “caller
ID spoofing” to hijack caller IDs and defraud millions of people in America.
The modus operandi used by the criminals is to make it appear as if they are calling from a
government agency- a bank, police, credit card, technology company, or hospital whose
numbers appears on the victim’s phone. The scammers then make fraudulent claims and ask
for money or the person’s personal information, which they use to commit more offenses.
Impact: Millions of Americans have lost thousands of dollars because of Caller ID spoofing by
con artists and scammers. In one case Microsoft filed a suit in a Federal court in California
against C-Cubed Solutions Private Limited based in India for impersonating on behalf of
Microsoft and cheating people to pay for nonexistent services, stealing their financial
information and planting viruses. Many Indian American and South Asians have also been on
the receiving end of this type of crime. Last year Rekha Basu an Indian American syndicated
columnist received a call in which the caller identified himself as “Ian Morgan” a tax officer and
claimed that she had misreported her income and owed taxes. However the plot overturned
when Rekha who could make out an Indian accent and voices of people talking in the
background in Hindi, she refused to pay. The moment she identified herself as a journalist,
“Morgan” admitted that he was not from the tax department but was a final semester MBA
student from India who earns $50,000 a month this way.
CASE # 3: A security officer working in Leela Kempinski a five-star hotel in in Ambience Mall
Gurgaon received an email threatening bomb blasts in Delhi. The email from one Mohmmad
Abdul Aaka alias Nilanjan Bhattacharya claiming to be a part of Indian Mujahidin
(indianmujahideen@gmail.com). It read: "Mumbai Ke Bad Ab Dilli Ki Bari Hai, we will wipe off
Hotel Leela New Delhi. All the explosives are already in place." Delhi Police immediately swung
into action and started started investigating the matter.

6. CASE # 4: Police arrested Syed Ismail Zabih a 21-year-old engineering student for allegedly
harassing a woman and sending her abusive text messages and obscene pictures on her mobile.
The complainant alleged that she received abusive text messages and obscene pictures through
“WhatsApp" on her mobile. Even though she did not respond to the messages, the accused
continued to harass her.
Based on her complaint, a case was registered and Zabih, a final year engineering student was
arrested from Nizamabad. He tried to initiate conversation by sending WhatsApp messages to
her. When she did not respond, he started sending more abusive text messages and obscene
images on her mobile phone. Two mobile phones were seized from him.
CASE # 5: In what is supposed to be the biggest cyber crime case in U.S. history Federal
prosecutors charged five hackers from Russia and Ukraine for a crime that cost companies
more $300 million. They hacked companies like Nasdaq, Visa Inc., J.C. Penney Co., JetBlue
Airways Corp. and French retailer Carrefour SA and stole at least 160 credit card numbers.
Each of the hackers was a specialist in his own area—Russians Vladimir Drinkman, 32, and
Alexandr Kalinin, 26, hacked into networks, while Roman Kotov, 32, mined them for data. They
allegedly hid their activities using anonymous web-hosting services provided by Mikhail Rytikov,
26, of Ukraine. Russian Dmitriy Smilianets, 29, sold the stolen data and distributed the profits.
He would charge $10 for U.S. cards, $15 for Canadian cards and $50 for European cards,
because they have a computer chip that make them more secure. The five hid their efforts by
disabling anti-virus software of their victims and storing data on multiple hacking platforms.
They sold payment card numbers to resellers, who then sold them on online forums or to
"cashers" who encode the numbers onto blank plastic cards. Albert Gonzalez a co-conspirator
was already serving 20 years in prison for helping to steal millions of credit and debit cards.
CASE # 6: The Stuxnet computer worm which damaged the Iranian nuclear program in 2010,
was a classic example of how nations, groups, and individuals throughout the world increasingly
rely on Internet attacks to gain military, political, and economic advantages over their
adversaries. It is a perfect example of what goes on in the cyberspace and how hackers working
on behalf of states or organized crime can target anyone even across the international
boundaries.
US and Israeli attackers gained control of large scale industrial facilities in Iran. Suddenly the
electric motors controlling the nuclear plant went out of control and started accelerating to
damaging speeds. Before anyone could realize what was happening, as many as 1,000
centrifuges at Iran’s Natanz nuclear facility, used for enriching weapons-grade uranium, were
destroyed. It was only later that Washington-based Institute for Science and International
Security confirmed that the attack was triggered by a virus called Stuxnet.
Once inside a computer, or a network of computers, Stuxnet ‘worm’ replicates itself and starts
corrupting and damaging the files. It causes the programs to malfunction infect other machines.
Stuxnet is designed to attack computers with Windows operating systems and soon the
infection spreads from one computer to another through removable drives or memory banks
connected to USB ports. Stuxnet is designed to self-destruct after causing the damage, making
it is virtually impossible to trace.

7. Iran blamed the U.S. and Israeli intelligence agencies for the attack but by then the damage was
already done, the Iranian nuclear program was set back by least two years. Almost one fifth of
the centrifuges at Iranian uranium enrichment facility were destroyed. It was for the first time
that a computer virus was used to cause physical damage across international boundaries. It is
sophisticated and lethal. No one before had seen anything like it and did not know what it could
do next. It was the first cyberattack specifically targeting industrial control systems.
Iran too retaliated by unleashing a series of powerful denial-of-service attacks at American
banks and Saudi Aramco which destroyed data on 30,000 Aramco computers and replaced it
with image of a burning American flag.
CRIME THAT PAYS
Many years ago, Willie Sutton, a notorious bank robber was asked why he made it his business
to rob banks. “Because there is money in it,” he
replied. Almost 50 years later digital crime is popular is
because of the opportunity it provides to make money and get
rich quick.
Call it digital crime, computer crime, technology-enabled crime,
electronic crime, high-tech crime or cyber crime, it refers to
criminal activity in which a computer or network or computers
are the source, tool, target, or place of crime. High-tech or
digital crime is today an increasingly attractive source of
revenue for organized crime groups. The frequency and
damage inflicted by cyber attacks is steadily increasing.
Information technology is providing so many opportunities to criminals that Willie Sutton could
never have dreamed.
Every day some 294 billion emails and 5 billion phone messages are exchanged. Every day some
150,000 viruses and malicious codes are planted on 148,000 computers in government and
corporate offices. Every second, 18 adults fall victim of cybercrime, meaning more than 1.5
million cybercrime victims each day at the global level. Some 550 million people are targeted by
cyber attacks every year -- equivalent of the entire GDP of Morocco, Slovakia or Bangladesh in
economic terms or equivalent to all the inhabitants of Europe In population terms.

9. TECHNOLOGY HAS CHANGED THE WAY CRIME IS COMMITTED!
Technology is making easier to commit a wide variety of crimes, conceal evidence and avoid
detection. A digital criminal can commit crime with the least chances of being detected
anywhere in the world from across the seven seas.
Increasing technology is being put to innovative uses to
commit crime. The day is not far when more and more
criminals will be using unmanned drones fitted with high
definition cameras to facilitate their criminal activities.
Chaviv Dykes, 20, and Duane Holmes, 44, two members of
the Tub Gang used airborne drones to identify burglary
targets and keep an eye on the police.
Even the Colombian drug traffickers are known to be using
self-propelled ocean-going submarines to illegally smuggle
millions of dollar worth of cocaine and other drugs to United States. It gave rise to the term
narco-submarine of Bigfoot submarine for a custom-made vessel built especially for export
cocaine from Colombia to Mexico. The first such submarines detected in 1993 were partially
submersibles and could not dive fully under water but the newer versions are fully submersible.
An 18 m long narco-submarine can carry up to 10 tons of
cocaine. Being made out of fiberglass the vessel is impossible
to detect via sonar, radar, or any other infrared device or
visually. And whenever there was a chance of being detected
the smugglers would sink the submarine and with the
cocaine so that there was no evidence of any wrong doing.
This proves the point that technology is helping organized
crime groups commit many new crimes and commit the old
crimes in new ways-- efficiently and effortlessly.
Computers, smart-phones and internet are the new
instruments of crime and an indispensible part of the
criminal’s tool kit. Drive-by downloads, fake installers, man-
in-the-middle attacks, rogue certificates, bot zombies.
Spyware, malware, Trojans- are various options in the
cybercriminals toolkit to play mischief with.
The growth in connectivity of computing and communications has proportionately increased
the variety and number of opportunities for cyber crime. At this rate the internet will soon be
the medium for both commerce and fraud.
According to a Verizon report, governments, defense contractors, financial-institutions,
technology firms, universities, banks, hospitals, health-insurance companies and companies like
Google, Facebook, Lockheed Martin have been the victims of digital crime.
The Colombian drug traffickers
are known to be using self-
propelled ocean-going
submarines to illegally
smuggle millions of dollar
worth of cocaine and other
drugs to United States.

10. The government is the most attacked sector, followed by telecom, banking, energy and
defense.
The volume, variety and velocity of technology aided crime is rising at an unprecedented speed.
The sophistication of these attacks is also going up. That is because the digital environment
allows higher levels of anonymity/pseudo-identity besides allowing the criminals to operate
underground and conduct illegal business.
Cyber warfare has been equated as fifth generation warfare. It can take many forms from
targeting the military systems to disabling the launching missiles, disrupting the command and
control systems on cyber attacks on nuclear facilities. It is a hidden and invisible war constantly
going on in cyberspace.
The cyberspace is also being used extensively by ISIL and other
organizations for propaganda, recruiting, indoctrination,
directing attacks and spreading fear, panic or hatred. It is also
used to destabilize states and governments. Doctored pictures
of violence against ethnic and religious groups are used to
incite violence.
The aim of cyber espionage is to steal sensitive state secrets
and gain access to most confidential information about a
target country. China and Pakistan are constantly trying to
steal military and political secrets or industrial information
which can serve their nefarious propaganda purposes.
After the 9/11 the worst US fear is a “Cyber-Pearl Harbor” or
surprise attack on computer systems controlling critical
infrastructure: electrical grids, nuclear power stations and
financial markets.
The internet offers endless opportunities to contact billions of victims all over the world. The
Internet is a perfect medium to locate victims. It is not policed by any single law enforcement
agency making crimes difficult to detect. With an estimated 2.8 billion people and over 10
billion Internet-enabled devices the Internet provides ample opportunities to commit, facilitate,
enable or amplify crime. Anyone in the privacy of their own home can commit fraud over the
Internet. The Internet presents ways to commit unlawful acts -- that too anonymously without
revealing ones identity.
Internet fraud does not have traditional boundaries. Internet fraud is disjointed, and spread
across several countries. As such no one knows the full extent of the fraud being committed on
the Internet. Fraud over the Internet does not need a physical identity or address.
Many of the crimes – such as theft, fraud, illegal gambling, sale of fake medicines – themselves
may not be new but the opportunities presented online are making them more widespread and
damaging.
The volume, variety
and velocity of
technology aided
crime is rising. The
sophistication of these
attacks is also going
up. The digital
environment allows
the criminals to go
underground and
conduct illegal
business.

11. Using ready-made software criminals can distribute malicious code, operate fake websites or
disseminate terrorist propaganda to destabilize nations.
Some of the digital crime activities include organized crime/drugs, terrorism, online banking
frauds, credit card fraud, online auction frauds, identity theft, intellectual property theft,
securities and commodities transactions, telemarketing schemes, non-delivery of services, e-
commerce and trading, e-commerce and online gambling, sale of stolen/counterfeit
merchandise, child pornography, denial of service attacks, intrusions and money laundering.
One thing leads to another. For instance, telecommunication equipment can be used to
facilitate organized drug trafficking, gambling, prostitution, money laundering, child
pornography and trade in weapons. Use of encryption technology can help the criminal stay
beyond the reach of law enforcement.
A single computer can be used for conducting a range of crimes- from cyber espionage, sending
spam mails, cyber bullying and selling fake passports. Under the garb of e-commerce and
Internet banking facilities criminals can legitimately and safely trade in illicit drugs, clandestine
weapons, banned commodities and pornographic materials.
Addressing a function in New Delhi in connection with the 'Digital India Week' Prime Minister
Narendra Modi recently hit the nail on the head when he said, "somebody, with education of
10th or 12th class, sitting thousands of miles away, can clean up your bank account with a click
of mouse." This is the danger.
As FBI Director James B. Comey said at a recent security conference, “The United States faces
real [cybersecurity] threats from criminals, terrorists, spies, and malicious cyber actors. The
playground is a very dangerous place right now.”

12. With every passing day, the threat posed by online nuisance-mongers and miscreants from
spreading rumors, morphed images or are committing economic offences is increasing.
Cybercrime has changed drastically since discovery of the first virus 25 years ago. In the past,
cybercrime was committed mainly by individuals or small groups. Today, criminally minded
technology professionals have added a new dimension to cybercrime and other illegal activities.
New trends are emerging all the time in cybercrime.
Auction fraud is one of the most common internet fraud comprising nearly two-thirds of all
complaints. 22% of complaints pertain to payment for merchandise that was never delivered.
Credit and debit card fraud and various types of financial frauds and multi-level marketing
schemes makeup 5% of complaints each.
According to the FBI the people engaged in one type of fraud are also involved in other fraud
schemes like bank fraud and ponzi/pyramid schemes.
One of the common cybercrimes today is distribution of malware code and virus that lead to
software corruption. Another such crime is credit card skimming. Criminals copy the
information on the magnetic strip of a debit or credit card and sell the identity data to groups in
another country.
Similarly using SIM Swap fraud, fraudsters manage to get a new SIM card issued from the
mobile service provider against the registered mobile number. It all starts with the fraudsters
gathering customer's personal information through phishing, vishing, smishing or any other
means. They then approach the mobile operator posing as a customer and produce a fake ID
proof to get the original SIM blocked and new SIM issued. This new SIM card allows them to get
One Time Password (OTP) for making financial transactions through the customer’s bank
account.
As a result of advancement of technology and increased connectivity across devices, gadgets
and machines – allows criminals to easily steal personal information for fraudulent activities, or
even worse, cripple entire systems simply by targeting one device. Hackers can now access
massive amounts of data by hacking just one server
In a recent incident, Jose Bautista, an eighteen year old Miami teen was able to hack into the
school computers and change the grades for himself and four other students.
The biggest threat however is from people who live in different countries or even continents.
This is what makes cyber crime a fluid and borderless crime.
BRAIN STORMING
CYBER CRIME IS LIKE ICE-CREAM - IT MELTS FAST
A cybercrime group goes online one day, conducts the criminal activity the next day and is
gone by day three. No one sees them carry out the attack. By the time their criminal activity
is noticed, whatever logs that exist about their presence too are gone.

13. Characteristics of Cybercrime
Cyber crimes have the following characteristics:
1 # BORDERLESS CRIME AND THE BORDERLESS CRIMINAL:
Cybercrime is the ultimate borderless crime. The cops in the cyberspace do not have any
powers beyond their country’s jurisdiction though the cyber attack can come from anywhere,
anytime, and influence the lives of millions of people across the globe at the blink of an eye.
The criminals can cross international boundaries at the click of a mouse. Criminals no longer
have to come out of their countries, to commit crimes and hence difficult to identify and nab
using traditional policing methods.
A classic case of how complicated it can be when a criminal from one country commits a crime
in some other part of the world, is that of Mohamed Yassine Gharib 26-year-old Moroccan who
along with some 10 other associates hacked bank accounts in Switzerland and caused damages
worth more than $18 million before fleeing. He escaped to Thailand where he was arrested
from a hotel.
In another similar case Farid Essebar a 27-year-old Moroccan-Russian citizen responsible for
playing havoc with the online banking system in Switzerland that caused a loss of $4 billion
worth bank customers in Europe was detained in Bangkok. This is not Essebar’s first arrest. He
had served two years in prison for spreading Zotob a computer worm that targeted Windows
2000 operating systems in 2006. His victims included United States Department of Homeland
Security, Boeing, CNN, ABC News, the New York Times and United Parcel Service. Within 90
days of his arrest Thailand send him to Switzerland in accordance with the extradition
agreement between Switzerland and Thailand.
Russian hacker Vladimir Levin, operating from St Petersburg, accessed the computers of
Citibank's central wire transfer department, and transferred funds from large corporate
accounts to other accounts opened by his accomplices in the United States, Netherlands,
Finland, Germany, and Israel. Although Russian law precluded Levin's extradition, he was
arrested during a visit to the United States and subsequently imprisoned.

14. Cases like these are a nightmare for police and lawyers trying to bring the criminal to justice.
2 # LONG DISTANCE CRIME & AND THE UNKNOWN CRIMINAL:
The geographical boundaries were no longer constraints
in launching attacks. Cyber criminals can target victims in
another city, another state, or another country at the click
of a mouse with just a computer and Internet connection.
The criminal does not need any VISA or passport or has to
cross a border before committing a crime. Automation
and copy-paste functionality allows the criminals to attack
multiple victims using similar commands within a few
seconds.
Russian national Aleksandr Andreevich Panin developed a
malware—called SpyEye designed to steal bank
information from a web browser while a user was
conducting online banking in USA. He sold the SpyEye
malware to more than 150 “clients” for anywhere
between $1,000 to $8,500. Each of these cyber criminals
used the malware for their own nefarious purposes—infecting victim computers and creating
botnets (armies of hijacked computers) that collected large amounts of financial and personal
information and sent it back to servers under the control of the criminals. They were then able
to hack into bank accounts, withdraw stolen funds, create bogus credit cards. SpyEye infected
more than 1.4 million computers—mainly in the U.S.—and transferred the money from the
victims’ bank accounts and into accounts controlled by criminals. The whole operation went on
smoothly till Panin made the mistake of selling his malware online to the wrong customer—an
undercover FBI agent and one of the most widespread cybercrime cases racket went bust.
3 # INNOVATIVE CRIMINALS ALWAYS TWO STEPS AHEAD OF THE POLICE:
There is always a gap in terms of information on cyber criminals and their activities. The
innovative criminals are always ahead of law enforcement agencies. Unlike conventional crimes
where even a policeman with an average IQ can solve the case just by following the physical
evidence trail from the crime scene, solving a cybercrime case is not a one man job. Criminal
groups are becoming ever more adept at hiding their location, identity, and concealing the
electronic trail. The point to be noted is that due to the anonymity provided by the Internet, the
point of origin of attack may not necessarily be the same as the cybercriminals may like us to
believe. The cyber criminals are smart and tech-savvy. From robots, drones to artificial
intelligence they have a finger in every pie, innovating technologies for fraud, financial gain or
personal vendetta.
4 # CYBERCRIMES ARE COMPLICATED, DIFFICULT TO DETECT, HARDER TO PROSECUTE:
Cyber criminals usually go unpunished because one -- more that half the crimes are not
reported. A small percentage of the reported cases get detected and very few eventually end
up in prosecution.

15. Solving cybercrime can be highly frustrating. According to a report, it takes an average of 28
days to resolve a cybercrime. The average number of days from initial intrusion to detection is
87 days. It costs around $334 to solve an average crime case.
The basic problem is that there is no one set of laws for everyone using the Internet. There is no
internationally agreed upon ‘definition’ of cybercrime, nor an international police or judiciary to
address the various issues.
As things stand, more than 30 countries have separate laws related to cyber crime in their
statute books. Invariably the laws in different countries are contradictory as result cyber
criminals are able to exploit the legal inadequacies and go scot free.
India recently introduced the IT Act which mentions offences like hacking, publishing obscene
information and tampering of documents but certain other crimes like cyber-stalking, cyber-
theft and cyber-defamation have not been mentioned in the Act.
Law enforcement agencies do not have the resources to investigate, or prosecute, all
cybercrime. Law enforcement agencies continuously face problems with regards to jurisdiction
and enforcement. Who has the jurisdiction to take action against a cyber criminal is the biggest
question. Without international coordination and cooperation it is next to impossible to detect
such criminal activity that can take place at any time and in any location. The biggest problem in
the cyber crime cases is that the investigating agency investigating the case has no direct
control over the work of other agencies. They may request law enforcement agency in another
country to immediately search, seize and collect the evidence but cannot be sure of a prompt
and efficient response. The borderless nature of cybercrime leads to complications in
investigations. Many cross–border hurdles, international treaties and lengthy procedure are
involved which require a request from the court of one country to another. Still in some cases
the investigation comes to a standstill because the two nations are not willing to help each
another.

16. In many case the countries involved may not share the same perception in their laws about the
gravity of the offense and its punishment. The greatest challenge in a cyber crime is to resolves
differences in jurisdictions and perception - whether or not the activity is a criminal act, who
committed it, who should investigate it and who should adjudicate and punish?
Above all, the issue is -- how can the police of one country, secure information crucial for its
investigation from across the border? You still need to develop evidence that will stand up in a
court of law
It requires global solutions. No nation or international organization alone can solve this
problem.
5 # FACTORY FOR ORGANISED MADE-TO-ORDER CRIME:
Cybercrime is increasingly becoming highly organized and institutionalized. Cybercrime
syndicates are being run like well connected smart businesses which keep changing their
methodology.
It is so easy to be a cybercriminal. You don't have to be an expert or own every technology.
There are specialized groups doing the research and development in cybercrime technology
and malware products which you can download for a small fee. Even a relatively new player in
the market with limited resources can purchase or hire plug-and-play tools or services to attack
a government, military or business organization. The business of cyber criminals is shifting from
theft of financial information to business espionage and accessing government information.

17. According to the FBI a large number of organized crime syndicates are run like companies with
specialists having their own area of expertise:
• LEADERS assemble the team and choose targets
• CODERS write the exploits and malware
• DISTRIBUTORS trade and sell stolen data
• TECH EXPERTS maintain the criminal enterprise’s IT infrastructure
• HACKERS search and exploit vulnerabilities in systems and networks
• FRAUDSTERS woo potential victims through phishing and spam
• HOSTED SYSTEM PROVIDERS offer illicit content servers
• CASHIERS provide names and accounts to other criminals for a fee
• MONEY MULES complete wire transfers between bank accounts
• TELLERS -transfer and launder illicit earnings
6 # CRIMINALS ARE YOUNG AND SMART & TECHNO-SAVVY:
According to NCRB data around 60 percent of the people arrested for cyber crimes between
2008 and 2011 belonged to the age group 18 to 30 years. Most of them are young, male and
college-educated.
In what was reportedly India's first ATM card fraud Chennai Police busted an international gang
with the arrest of Deepak Prem Manwani a 22-year old MBA drop-out. Manwani was caught
red-handed while breaking into an ATM and from his possession Rs 7.5 lakh looted from two
ATMs in Chennai and Rs 50,000 from an ATM in Mumbai were recovered. His interrogation
revealed the involvement of many more persons across the globe in the racket.
Manwani as a marketing executive in a Chennai firm had come across a European website
offering guidance in breaking into ATMs while browsing in an Internet café.
The website owners devised a unique way of personal identification number (PIN) numbers of
the card users. They floated a new site resembling the telecom company which had millions of
subscribers and offered to refund $11.75 collected in excess by mistake. Quite a few
subscribers believed it to be a genuine offer parted with their PINs to get the refund. Manwani
purchased the credit card numbers and magnetic codes of those cards for $200 per card. This is
what the gang needed to hack the bank ATMs and start systematic looting. Manwani and many
others were retained by the gang on a profit-sharing basis. Manwani was enterprising enough
to get the data for 30 credit cards some of which he sold to his friends in Mumbai.
Based on large number of complaints from the Once the investigation started credit card users
and banks in the United States both FBI and CBI jointly got involved and Manwani interrogation
by the CBI
The good news is that even the most knowledgeable or techno-savvy criminals leave behind
clues because they get careless, arrogant or over confident.
7 # CYBER CRIMES ARE MOSTLY NON VIOLENT CRIMES:

18. Cybercrimes are invariably non-violent crime committed for financial gain. At one end are
crimes like breach of privacy, identity theft or illegally use of digital information to blackmail a
firm or individual. In between are crimes like fraud, child pornography, digital piracy, money
laundering, and counterfeiting. At the other end of the spectrum are crimes like spam, hacking,
and denial of service attacks. Even though they are considered a non-violent crime, cyber
crimes are serious matters.
8 # NO NEED FOR PHYSICAL CONTACT BETWEEN THE VICTIM AND THE PERPETRATOR FOR A
CRIME TO BE COMMITTED:
Pictures of victims can be digitally transformed into pornographic material and distributed on
the Internet without the victims’ knowledge. The visuals posted on the Internet, remain there
indefinitely without damage to the quality of the image. The presumed anonymity of Internet
often provides a false sense of security and secrecy for both the perpetrator and the victim.
9 # WOMEN TOO ARE TAKING TO CYBERCRIME IN LARGE NUMBERS
Believe it or not, a large number of women especially those disgruntled with their jobs or
wanting to take revenge --are actively taking interest in cyber crimes. Almost 20% of all cyber
crimes in India are committed by women and the number is rising. Cyber crime tops the list of
white-collar crimes committed by Indian women. More women have a tendency to commit
cyber crime.

19. Mumbai Police unearthed a case in which a company official had been receiving obscene and
threatening mails for three months. After investigation it was revealed that the crime was
committed by an ex-woman employee who used to work under the complainant for a year. She
was now sending the emails posing as a male to take revenge against him for ill-treating her.
Alarmingly women are also the biggest victim of such attacks - nearly 40% of the cases
registered have women as victims. There is no chapter on crime against women in the Cyber
law. There are hardly any female cyber cops at the
cyber cells as women feel embarrassed to discuss
personal problems with male officers. There are also no
female counselors and judges.
In 2001 Delhi Police registered India’s first
cyberstalking case when a lady called Ritu Kohli
complained that a person who was using her identity to
chat on the website www.mirc.com and deliberately
pass on her telephone number to others chatters
encouraging them to call her at odd hours. As a result
of which, she received an estimate of 40 national as
well as international calls at odd hours within 3 days.
Delhi police registered a case under section 509 of the
Indian Penal Code and arrested Manish Kathuria for
impersonating as Ritu Kohli.
In yet another case, Kalpana Sharma (name changed),
who was working for an embassy in New Delhi received
a series of e-mails from a man asking her to pose nude
or he would put morphed photos of her along with her
telephone number and address on sex websites.
Initially, she ignored the mails, but when started
getting repeated messages she complained to the
police. Initial investigation revealed the cyber cafe in
south Delhi from which the accused was sending mails
to the victim. The police could also make out that the
accused might be known to the victim as he seemed to
know a lot about her.
In yet another recent case Michael Ford a US Embassy
employee in London was arrested for harassing
hundreds of women, sending sexually explicit images, hacking their private computers and
threatening emails to blackmail them.
Ford managed to get the password to a 22-year old Illinois woman's Google email account
posing as a Google employee. He threatened to post her images online unless she shot videos
of other women undressing. When she refused, he visited her office and school and sent a
email to her parents requesting information about their daughter.
Mumbai Police came across a case
in which a company official had
been receiving obscene and
threatening mails for three
months. Investigation revealed
that the crime was committed by
an ex-woman employee who used
to work under the complainant for
a year. She was now sending the
emails posing as a male to take
revenge for her ill-treatment by
him.

20. Similarly when an 18-year-old Kentucky woman, requested him to leave her alone, he sent a
email saying: "I want you to record videos of sexy girls changing. In gyms, clothing stores,
pools... You do that, and I disappear." When she didn’t he sent another mail, “OK, time's up.
Everything I have will be posted online and sent to your friends. Pictures, name, phone number,
home address ... I gave you a chance and you blew it!"
A search of Ford's computer at the Embassy in London revealed a spreadsheet of about 250
email addresses. Most of the women in the spreadsheet had been victims of Ford's criminal
activity.
10 # CYBER CRIMES: INSIDER V/S OUTSIDER
According to an estimate 80% of cyber crimes are committed by an insiders and the rest 20% by
outsiders.
According to a report almost 80% of these malicious acts are carried out during working hours
and nearly a similar number of these actions are planned beforehand. Financial gain is the
motive behind 81% cases, revenge in 23% of cases, and 27% people carrying out malicious acts
in times of financial difficulties.
Cybercrimes caused by external factors make news but it is the insider crimes which are
potentially more costly or damaging than incidents perpetrated by outsiders. The larger the
business, the more costly and damaging the insider threat can be.
Insiders have authorized access to data and systems and therefore have an advantage over
external adversaries because they do not have to breach security controls.

21. They also may know exactly where to look for the company’s most valuable information, like
customer lists, pricing strategies, and research and development initiatives currently in progress
Insider threats are one of the greatest risks to companies all over the world because anything
stored electronically and easier to steal, especially by someone who has legitimate access to it.
There was a time when most employees would spend their entire life working for a single
company. Not anymore. Today 90 percent of people stick to one job for less than three years.
Almost half of them have volumes of data on their email accounts or deliberately carry some
data from the old company in a laptop or pen drive or when they switch jobs. Frequent job-
hopping also means decreased loyalty towards the ex-employer.
Michael Mitchell a former engineer and salesman for DuPont was recently sentenced to 18
months in prison after pleading guilty to stealing trade secrets and providing them to DuPont’s
Korean rival.
Towards the end of his contract at DuPont, Mitchell become disgruntled and was terminated
for poor performance. He was asked to sign the nondisclosure provisions in his termination
letter and asked to return any proprietary DuPont information.
But despite claiming to have done so, Mitchell kept numerous DuPont files containing sensitive
information. In due course he entered into a consulting agreement with a Korean company. The
Korean company was very happy and wished to know more about DuPont’s secrets. Mitchell
contacted other DuPont employees to gather this information on behalf of the Korean
company. This proved to be his undoing as some of them reported this to the DuPont
management. The result was a federal search warrant and forensic examination of Mitchell’s
computers. Mitchell is now behind bars.

22. HOW BIG IS THE PROBLEM OF CYBER CRIME?
• The digital world offers endless possibilities for cyber crime - there are 2 billion PC &
desktops and 3.17 billion internet users. Internet usage shifted from PC to mobile
devices in early 2014. This is the global potential for cyber crime.
• Tablets, smart-phones, internet TV have multiplied the opportunities for cyber criminals.
• By end of 2015 there will be more smart phones than humans. By 2016 there could be
10 billion smart phones or 1.4 mobiles per human on planet earth.
• Cyber crime is a today more lucrative than the illicit global narcotics trade In terms of
moneymaking. It is now a half trillion dollars annual market.
• Cyber crime is increasing; both in volume and in complexity- 7 in 10 frauds have an IT
element.
• Numbers of digital frauds have doubled in the last year. Still more than half the
incidents are still go unnoticed or unreported.
• 42 million cyber crime cases are reported in India per year -- 80 people become victim
every minute.
• Cybercrime is "displacing" conventional crimes. There would soon be more victims of
digital crime than of real-world offences says RK Raghvan former Director CBI.
• Today, you can penetrate almost any organization in the world for just $250 a month.
• Anyone can procure the most advanced malware for just a couple of hundred bucks
anywhere in the world.

23. Cyber crimes in India- At a glance
Total number of cyber crimes in India may cross 3,00,000 in 2015, almost double the level of last year
according to an ASSOCHAM-Mahindra SSG study.
Almost 12,456 cases are registered every month in India
Total number of cyber crimes was 13,301 in 2011, 22,060 in 2012, 71,780 in 2013 and 62,189 (till May)
2014 .
Phishing attacks of online banking accounts or cloning of ATM/Debit cards are common.
Use of mobile/smart phones/tablets for online banking/financial transactions is increasing.
Most of the offenders are from 18-30 age groups.
Credit and debit card fraud tops the list of cybercrimes that have increased six times in the past three
years. Around 2277 complaints of online banking/credit/debit card fraud have been reported this year.
Major complaints include cheating through mobile (61), hacking of e-mail ID (59),
abusive/offensive/obscene calls and SMS (55), and others.
Andhra Pradesh, Karnataka and Maharashtra which contribute over 70 per cent of India's revenue from
IT and IT related industries are also the top 3 victims of cyber crime.
According to the National Crime Records Bureau (NCRB), Maharashtra has seen a 44.6 per cent rise in
cyber crimes. Andhra Pradesh has seen a 48 per cent rise while Karnataka witnessed a 24.5 per cent rise.
Uttar Pradesh stood at fourth place with 81.5 per cent in one year while Kerala came 5th
.
Tamil Nadu and Bihar had very few cyber crime cases. Among the Union Territories, Delhi has seen a
rise of 72.4 per cent.
A cause for concern is that most digital attacks originated in the cyber space of foreign countries like US,
Europe, Brazil, Turkey, China, Pakistan, Bangladesh, Algeria and UAE.
Mobile frauds is an area of concern for companies where 35-40% of financial transactions are being
done via mobile devices and expected to expected to grow to 55-60% by the end of 2015
Growing internet penetration and rising popularity of online banking have made India a favourite among
the cybercriminals, who target online financial transactions using malware and India ranks third after
Japan and US in the tally of countries most affected by online banking malware during the year of 2014,
highlighted the ASSOCHAM- Mahindra SSG study.
Smartphone sales and usage is increasing in India so is the number of people falling victim to such
crimes.
Installation of uncertified applications is one of the many ways that people end up losing their sensitive
information. Most smart phone users hardly check for security certificates before downloading apps,
games, music and other software from third party or unsecured sites. Mobile banking apps store data
the PIN, account number on the phone. As such there is a risk of the information being compromised if
the phone is hacked or stolen.
The total number of Indian websites hacked in 2011 was 21,699, 27,605 in 2012, 28,481 in 2013, and
48,174 in 2014. The figure is websites hacked by various hacker group worldwide is likely to touch
85,000 by 2015.

24. CYBER CRIME CHAPTER 1 - QUIZ
1. What is a computer virus?
A video game available at toy shops An email service like Gmail or Hotmail
A computer programs which when
opened, replicates itself and damages
the user's hard drive
A program that updates the computer
software
2. What is cybercrime?
An illegal crime committed using
computers, internet or smart phones
An illegal crime committed without
using computers
Letting other people use your
computer
A program
3 What is a spam?
Barrage of advertising and other
irrelevant posts
Junk email or unsolicited messages
Forcing unwanted message on people
who otherwise do not wish to receive
them
All of the above
4 A crime that is not reported to the police and remains unknown to officials is…
Dark figure of crime Crime typology
Light figure of crime Cyberstalking
5 An unlawful activity undertaken and supported by organized criminal groups
operating across national boundaries is called…
Organized crime Borderless crime
Corporate crime Computer crime
6 Malicious computer programs - viruses, worms, and Trojan horses are examples of…
Malpractice Malafide
Malware Misconduct

25. CYBER CRIME BUSTERS
A CYBER SECURITY INVESTIGATION GAME
1. Ravi’s boss was having an affair with his secretary. Ravi hated his boss. So he sent an
email to his boss asking him to leave Rs 10 Lakh in a car parked outside his house or
else he would inform his wife about the affair. What crime is Ravi committing?
Sextortion Corporate crime
Denial of service None of the above
2. Ashley Reynolds was a happy 14-year-old till she came across 26-year-old Lucas
Michael Chansler who threatened to post her topless picture on the Internet if she
didn’t send more explicit images of herself. Which of the following are true?
It is crime of Sextortion in which young
girls and boys are targeted
The child tormentors use multiple
personas and multiple fake identies
Predator mostly has multiple victims-
nearly 350 teenage girls in this case
All are true. Lucas Chansler was sent
to prison for 105 years for victimizing
nearly 350 teenage girls
3 With the help of Europol, Spanish police arrested hackers involved in denial of
service attacks and web defacement using servers hosted by companies located in
the Czech Republic and Bulgaria, although they were remotely controlled from
Spain. This is an example of borderless crime. Which of the following is not true?
Quick and timely response as well as
multi-country cooperation
Sharing of information among the
investigators in various countries
Effectively collection of evidence and
timely arrest of the perpetrators
All cyber criminals are graduates and
trained in academies
4 Onel de Guzman created ''Love Bug,'' the most destructive computer virus in history
causing an estimated $10 billion in damage to computers worldwide. In many
countries, he would have landed him in jail but in Philippine he was let off because of
insufficient evidence. Why?
Although his conduct would have been
punishable in many other countries,
the virus that caused damages was
unleashed from Philippines only the
law enforcement agencies in
Philippines had jurisdiction over him.
They did obtain a search warrant but
Double Criminality- an international
law governing extradition requires
“double criminality” or conduct of a
crime in the jurisdiction where it was
committed, as well as in the
jurisdiction seeking to extradite an

26. were unable to prosecute him as there
were no laws.
offender.
Philippines those days did not have
laws against hacking. Since then many
countries have updated their criminal
codes and made digital crimes a
punishable offense.
All the above. Despite causing damage
in more than 20 countries, Guzman
could not be extradited because
hacking was not a crime under
Philippines law at that time.
5 An adult website operator from Germany finds a case against it for spreading
pornographic material even though it has never done any business with anyone in
Singapore. Around the same time the website owners are ordered to appear before
a court in Belgium because the models used in the photos appear to be minors.
Which of the three countries has a right to prosecute and investigate the case
Germany - from where the website
operates
Belgium because the models used in
the photos are minors.
Singapore, which finds the
pornographic material objectionable.
No one because pornography is not a
crime in Germany
6 In most conventional crime cases the criminals have fled before the police arrive. It
is almost the same story in cyber crime cases where the investigator’s start after the
criminals have finished covering their tracks. Which of the following is not true?
Law enforcement agencies have no
jurisdiction outside their country’s
border, the criminals do not have any
restriction
The criminal are getting smarter -
instead of the noisy guns they are
using a silent mouse…
The criminals are always two steps
ahead of the police - they lead, the
police follows
There are no separate laws dealing
with Cybercrime
7 Surinder Chauhan from Chandigarh received an email offering a job in a hotel in
London. The sender then called him up and demanded a sum of Rs 15,000. As soon
as he did that he was asked to deposit Rs 35,000. Chauhan called up the UK Embassy
only to be told that no such hotel existed. The accused was traced to Mumbai. What
is tool required to get the evidence in this case?
Ballistics DNA investigation
Horoscope Computer forensics
8 The above is a case of…
Cyber stalking Cyber fraud
Netiquette Piracy

27. CASE HISTORIES (VIDEO)
Case History # 1: Operation Ghost Click
Vladimir Tsastsin, 35, an Estonian national masterminded one of the largest cyber hack, money
laundering and fraud scheme that affected more than 4 million victims in 100 countries and left
him and his co-conspirators richer by $14 million by manipulating the multi-billion-dollar
Internet advertising industry.
The cyber ring started operations around 2007. Government agencies like NASA, individuals and
businesses were among the victims.
The relatively simple modus operandi involved using a DNS changer malware to block anti-virus
updates and alter the infected PC's DNS settings to redirect queries for popular domains to
malicious servers. This allowed the attackers to redirect traffic, to a site other than the link
clicked by the user. Each such 'click' triggered meant additional payment for the gang which
also hijacked search results and replaced website advertising. Fake anti-virus malware was
another source of revenue for the gang.
The advertising replacement fraud, involved replacing the advertisements on a site with others
which pay them a commission for each advertisement served.
In short the game plan was to increase traffic to the websites and advertisements that would
earn them money and made it appear to advertisers that the traffic came from legitimate clicks

28. on the ads displayed. They used DNSChanger malware and rogue DNS servers to carry out the
schemes.
The gang laundered its profits through a number of companies, including Estonia-based Rove
Digital, created by Tsastsin. Atleast three other companies were used to launder fake
advertising.
All along users of infected machines were totally unaware that their computers had been
compromised and that the malicious software rendered their machines vulnerable to a host of
other viruses.
This led to Operation Ghost Click a two-year-long investigation in 2009. The group’s data
centers in New York and Chicago were raided and a command & control (C&C) infrastructure
consisting of more than 100 servers was taken offline. A joint probe by U.S. and Estonian
authorities let to dismantling the group’s operation in 2011. Security firm Trend Micro -also
assisted in the investigation.
Tsastsin's extradition was delayed in part because he faced money-laundering charges in
Estonia, and had argued that he couldn't be punished twice - by the Estonian and U.S.
authorities - for the same crimes. But Estonia's Court of Appeals in 2014 sentenced him to serve
six years and four months in jail for money laundering, and also ruled that the U.S. indictment
had charged him with separate computer crimes.

29. Tsastsin was extradited to the United States where he pleaded guilty to wire fraud and
computer-intrusion conspiracy. "I knew what I was doing was wrong," he told U.S. Magistrate
Judge Michael H. Dolinger.
Tsastsin faces up to 25 years in prison for both charges – one count of conspiracy to commit
wire fraud and one count of conspiracy to commit computer intrusion. He is scheduled to be
sentenced on Oct. 14, 2015.
Atleast six others were charged in connection with Operation Ghost Click: Timur Gerassimenko,
Dmitri Jegorov, Valeri Aleksejev, Konstantin Poltev, Andrey Taame and Anton Ivanov.
Case History # 2: Rs 400 Million SMS Scam
Jayanand Nadar, 30 the mastermind behind a Rs 400 million SMS fraud who duped at least
50,000 people was arrested along with Ramesh Gala, 26 an associate from a hotel in Mira Road,
Mumbai.
According to the Mumbai police Economic
Offences Wing (EOW) Nadar, a first year
college dropout and his brother Jayaraj
along with Gala launched the first-of-its-
kind SMS fraud in India to dupe at least
50,000 people of Rs.400 million.
It all started with the duo releasing a
catchy advertisement in the local print
media stating: "Nothing is impossible. The
word itself is: I M Possible" in August
2006.
The duo claimed to be working for a US-
based Aropis Advertising Company, which wanted to market its products in India through SMS'.
The brothers even floated a website (www.getpaid4sms. com) to promote the project. The
subscribers were told that their American client wanted to conduct a survey about the response
to their advertisement using SMS as the medium of communication.
The brothers randomly messaged people and told them to contact them if they were interested
in 'earning Rs.10,000 per month. As more and more people turned up wanting to work as an
agent, Gala was made to look after the accounts.
Each of the interested 'subscribers' was asked to deposit Rs.500. Subscribers who registered
with them received about 10 SMS' per day about various products and were offered handsome
commissions for forwarding the messages and roping in more subscribers.
In return, the Nadars promised to pay Rs.10,000 to the subscribers in installment of Rs.1,000
every month.

30. Initially, the brothers paid up small amounts. But when cheques and pay orders of larger sums
issued by the duo were not honoured, the agents got worried. The SMSes too suddenly
stopped.
Meanwhile the agents lodged a complaint with the police after a pay order of Rs.2.17 million
issued by the Nadar brothers failed to get cleared. Nadars and Gala vanished leaving the agents
in a quandary.
The police suspect that the fraud amount may be over Rs.1 billion in the scam spread all over
India.
Investigation reveals that the Nadars, who used to live in an upmarket Juhu-Tara Road flat
owned a fleet of imported sport utility vehicles and sedans. They led an extravagant life. Stayed
in top five star hotels and threw massive parties for investors.
Case History # 3: online romance that went bad ….
Brian Curtis Hile, a 30-year-old resident of Fremont,
Michigan, USA was engaged in a romantic online
relationship with someone he believed to be a woman.
In course of that relationship, which lasted a couple of
years, Hile exchanged romantic communications and
explicit photographs.
It was only later that Hile discovered that his online
paramour was in fact a man from South Africa. And the
romance was nothing more than a catfishing scheme.
Hile was enraged and wanted to kill both the man and
the woman in the photographs.
Since South Africa was far beyond his reach Hile decided to focus on the woman whose photos
had been used.
His first target was to identify the woman. He conducted an extensive search of the Internet,
including chat rooms and online gaming sites. This helped. He was soon able to identify and
locate the woman in the photographs as a resident of San Diego County, whose Photo Bucket
account was compromised a few years ago, as a result of which her photographs got distributed
all over the Internet.
The woman who was 18 years old then had taken revealing pictures of herself. They were
meant for personal use and never meant to be shared publicly. She had stored them in her
online account from where they were stolen. One thing led to another and she had no control
what happened to the photos thereafter.
An avid Internet user and computer gamer Hile conducted used online search and hacking tools
to learn about the woman’s identity.

31. Hile not only identified the woman but also managed to obtain personal information about her
as well as her live-in boyfriend, her family members, and friends.
Hile decided to kill her and purchased a bus ticket from Michigan to San Diego. But his family
alerted the authorities and Hile was detained in San Diego—about a mile from the woman’s
residence.
Hile had hacked into her e-mail account to retrieve the confidential information and at the time
of his arrest was in possession of the victims’ address, telephone numbers, e-mail address and
contacts information including her favorite restaurant, and the addresses of the for educational
institutions that she attended.
He was fully prepared for the kill and was carrying a trench coat, knife, chloroform and duct
tape at the time of his arrest
U.S. District Judge Janis L. Sammartino who
pronounced a sentence of 60 months’ custody
followed by three years of supervised release,
ordered Hile to stay away from the victims and
their families and friends.
One of the victims told the court that even years
after the incident she still had regular nightmares
that someone was trying to kill her. She was so
afraid that did not put her name on anything for
fear that Hile would find her and her family again.
The case should serve as a caution for others. Particularly with regards to social media, you
should be really careful what you communicate and with whom. If you don’t know the person
on the other side you shouldn’t be sharing personal information or photographs. The Internet is
a wonderful place but could turn into a scary place at the drop of a hat.

32. Commonly used terms
Audit Trail: identifies each and every time a digital asset file is enhance, opened, exported or
printed. The report can be displayed in court to chain of custody
Advanced fee fraud Fraud where a person is targeted with the promise of large sums of money
if they provide relatively small payments up front. These include lottery scams and 419 frauds.
Botnets: A collection of computers infected with malicious bots which can be remotely
controlled by the attacker (the owner of the botnet).
Bots A computer infected with a piece of malware such that it carries out certain actions upon
receiving a command – normally used without the knowledge or consent of the owner.
Computer Forensics specialized techniques for the preservation, identification, extraction,
authentication, examination, analysis, interpretation and documentation of digital information.
Computer forensics helps reconstruction of computer system usage, examination of residual
data, authentication of data by technical analysis or explanation of technical features of data
and computer usage. Computer Forensics requires specialized expertise beyond normal data
collection and preservation techniques available to end-users or system support personnel.
Chain of custody is the record of the custodial history of the evidence.
Chain of evidence is the record of the collection, processing and analysis of the digital evidence.
It proves that the presented evidence is derived from the acquired digital information.
Cloud computing describes consumption and delivery model for IT services and often
virtualized resources as a service over the Internet. It comprises common business applications
accessed from a web browser, while the software and data are stored on servers in unknown
locations on the Internet.
Data carrier is any device that contains or transports digital information. It could be a physical
hard drive, floppy disk, Personal Digital Assistants (PDAs), Universal Serial Bus devices (USBs),
SIM-card from a cell phone, flash memory stick/card, or a server. The list is non-exhaustive.
Denial of Service attacks: A malicious attempt to disrupt the operation of a specific computer,
network, web site or other entity in cyber space.
Distributed Denial of Service attacks: use of multiple computers for denial of service attack.
Digital information can be divided into the content and metadata (filenames, pathnames, the
date and time that a document has been created or edited or an e-mail has been sent, received
or opened, the creator/ sender of a document or e-mail, etc.).
Digital evidence is all digital information that may be used as evidence in a case. The gathering
of the digital information may be carried out by confiscation of the storage media (data carrier),
the tapping or monitoring of network traffic, or the making of digital copies (forensic images,
file copies, etc), of the data held. Although hard copy print outs of digital information are not
digital evidence in the strict sense of this definition, it is considered a starting point for applying
digital evidence gathering in the future.