Cyber Crime

Cyber Crime :

Cyber Crime sushama

Reasons of Crime:

Reasons of Crime 1.Capacity to store data in comparatively small space - The computer has unique characteristic of storing data in a very small space. This affords to remove or derive information either through physical or virtual medium makes it much more easier .

Slide 3:

2.Easy to access - The problem encountered in guarding a computer system from unauthorised access is that there is every possibility of breach not due to human error but due to the complex technology. By secretly implanted logic bomb, key loggers that can steal access codes, advanced voice recorders; retina imagers etc. that can fool biometric systems and bypass firewalls can be utilized to get past many a security system.

Slide 4:

3. Complex- The computers work on operating systems and these operating systems in turn are composed of millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer system.

Slide 5:

4. Negligence- Negligence is very closely connected with human conduct. It is therefore very probable that while protecting the computer system there might be any negligence, which in turn provides a cyber criminal to gain access and control over the computer system. 5. Loss of evidence- Loss of evidence is a very common & obvious problem as all the data are routinely destroyed. Further collection of data outside the territorial extent also paralyses this system of crime investigation

Cyber criminals:

Cyber criminals The cyber criminals constitute of various groups/ category. This division may be justified on the basis of the object that they have in their mind. The following are the category of cyber criminals- 1. Children and adolescents between the age group of 6 – 18 years – The simple reason for this type of delinquent behaviour pattern in children is seen mostly due to the inquisitiveness to know and explore the things.  Other cognate reason may be to prove themselves to be outstanding amongst other children in their group. Further the reasons may be psychological even. E.g. the Bal Bharati (Delhi) case was the outcome of harassment of the delinquent by his friends.

Slide 7:

2. Organised hackers - These kinds of hackers are mostly organised together to fulfil certain objective. The reason may be to fulfil their political bias, fundamentalism, etc. The Pakistanis are said to be one of the best quality hackers in the world. They mainly target the Indian government sites with the purpose to fulfil their political objectives. Further the NASA as well as the Microsoft sites is always under attack by the hackers.

Slide 8:

3.      Professional hackers / crackers – Their work is motivated by the colour of money. These kinds of hackers are mostly employed to hack the site of the rivals and get credible, reliable and valuable information. Further they are ven employed to crack the system of the employer basically as a measure to make it safer by detecting the loopholes.

Slide 9:

4. Discontented employees - This group include those people who have been either sacked by their employer or are dissatisfied with their employer. To avenge they normally hack the system of their employee

Mode and Manner of cyber crime:

Mode and Manner of cyber crime 1.Unauthorized access to computer systems or networks / Hacking- This kind of offence is normally referred as hacking in the generic sense . However the framers of the information technology act 2000 have no where used this term so to avoid any confusion we would not interchangeably use the word hacking for ‘unauthorized access’ as the latter has wide connotation.

2.Theft of information contained in electronic form- :

2.Theft of information contained in electronic form- This includes information stored in computer hard disks, removable storage media etc.  Theft may be either by appropriating the data physically or by tampering them through the virtual medium

3.Email bombing- :

3.Email bombing- This kind of activity refers to sending large numbers of mail to the victim, which may be an individual or a company or even mail servers there by ultimately resulting into crashing.

4.Data diddling- :

4.Data diddling- This kind of an attack involves altering raw data just before a computer processes it and then changing it back after the processing is completed. The electricity board faced similar problem of data diddling while the department was being computerised.

5.Salami attacks- :

5.Salami attacks- This kind of crime is normally prevalent in the financial institutions or for the purpose of committing financial crimes . An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. E.g. the Ziegler case wherein a logic bomb was introduced in the bank’s system, which deducted 10 cents from every account and deposited it in a particular account.

6.Denial of Service attack- :

6.Denial of Service attack- The computer of the victim is flooded with more requests than it can handle which cause it to crash. Distributed Denial of Service (DDoS) attack is also a type of denial of service attack, in which the offenders are wide in number and widespread. E.g. Amazon, Yahoo .

7.    Virus / worm attacks- :

7. Virus / worm attacks- Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory. E.g. love bug virus , which affected at least 5 % of the computers of the globe. The losses were accounted to be $ 10 million. The world's most famous worm was the Internet worm let loose on the Internet by Robert Morris sometime in 1988.  Almost brought development of Internet to a complete halt

8.     Logic bombs- :

8. Logic bombs- These are event dependent programs. This implies that these programs are created to do something only when a certain event (known as a trigger event) occurs . E.g. even some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date (like the Chernobyl virus ).

 9. Trojan attacks- :

9. Trojan attacks- This term has its origin in the word ‘Trojan horse’. In software field this means an unauthorized programme, which passively gains control over another’s system by representing itself as an authorised programme. The most common form of installing a Trojan is through e-mail. E.g. a Trojan was installed in the computer of a lady film director in the U.S. while chatting. The cyber criminal through the web cam installed in the computer obtained her nude photographs. He further harassed this lady.

10. Internet time thefts-:

10. Internet time thefts- Normally in these kinds of thefts the Internet surfing hours of the victim are used up by another person. This is done by gaining access to the login ID and the password. E.g. Colonel Bajwa’s case - the Internet hours were used up by any other person. This was perhaps one of the first reported cases related to cyber crime in India. However this case made the police infamous as to their lack of understanding of the nature of cyber crime.

11.  Web jacking- :

11. Web jacking- This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the web site of another. He may even mutilate or change the information on the site. This may be done for fulfilling political objectives or for money. E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the Pakistani hackers and some obscene matter was placed therein. Further the site of Bombay crime branch was also web jacked. Another case of web jacking is that of the ‘ gold fish’ case. In this case the site was hacked and the information pertaining to gold fish was changed. Further a ransom of US $ 1 million was demanded as ransom. Thus web jacking is a process where by control over the site of another is made backed by some consideration for it.

Classification :

Classification The subject of cyber crime may be broadly classified under the following three groups. They are- 1. Against Individuals a. their person & b. their property of an individual 2. Against Organization a. Government c. Firm, Company, Group of Individuals. 3. Against Society at large

1a. Against individual:

1a. Against individual i. Harassment via e-mails. ii. Cyber-stalking. iii. Dissemination of obscene material. iv. Defamation. v. Unauthorized control/access over computer system. vi. Indecent exposure vii. Email spoofing viii. Cheating & Fraud

1b.Against Individual Property:

1b.Against Individual Property i. Computer vandalism. ii. Transmitting virus. iii. Netrespass iv. Unauthorized control/access over computer system. v. Intellectual Property crimes vi. Internet time thefts

2. Against Organizations:

2. Against Organizations i. Unauthorized control/access over computer system ii. Possession of unauthorized information. iii. Cyber terrorism against the government organization. iv. Distribution of pirated software etc.

3. Against society Atlargre:

3. Against society Atlargre i.     Pornography (basically child pornography). ii.    Polluting the youth through indecent exposure. iii.   Trafficking iv. Financial crimes v.Sale of illegal articles vi.Online gambling vii. Forgery

Law :

Law Information Technology Act 2000 was passed and enforced on 17th May 2000. The preamble of this Act states its objective to legalise e-commerce and further amend the Indian Penal Code 1860, the Indian Evidence Act 1872, the Banker’s Book Evidence Act1891 and the Reserve Bank of India Act 1934 . The basic purpose to incorporate the changes in these Acts is to make them compatible with the Act of 2000. So that they may regulate and control the affairs of the cyber world in an effective manner

The Information Technology Act:

The Information Technology Act deals with the various cyber crimes in chapters IX & XI. The important sections are Ss. 43,65,66,67. Section 43 in particular deals with the unauthorised access, unauthorised downloading, virus attacks or any contaminant, causes damage, disruption, denial of access, interference with the service availed by a person. This section provide for a fine up to Rs . 1 Crore by way of remedy

Slide 28:

Section 65 deals with ‘ tampering with computer source documents ’ and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both. Section 66 deals with ‘ hacking with computer system’ and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both.

Slide 29:

Further section 67 deals with publication of obscene material and provides for imprisonment up to a term of 10 years and also with fine up to Rs. 2 lakhs. (14)

Analysis of the statutary provisions:

Analysis of the statutary provisions The Information Technology Act 2000 was undoubtedly a welcome step at a time when there was no legislation on this specialised field. The Act has however during its application has proved to be inadequate to a certain extent. The various loopholes in the Act are-

1. The hurry in which the legislation passed:

1. The hurry in which the legislation passed 1. The hurry in which the legislation was passed, without sufficient public debate, did not   really serve the desired purpose

Slide 32:

2. “ Cyberlaws, in their very preamble and aim, state that they are targeted at aiding e-commerce, and are not meant to regulate cybercrime ” But (The preamble, if read as a whole, makes it very clear that the Act equally aims at legalising e-commerce and to curb any offences arising there from.)

3.Cyber torts- :

3. Cyber torts- The recent cases including Cyber stalking cyber harassment, cyber nuisance, and cyber defamation have shown that the I.T.Act 2000 has not dealt with those offences . Further it is also contended that in future new forms of cyber crime will emerge which even need to be   taken care of. Therefore India should sign the cyber crime convention.

  4.Cyber crime in the Act is neither comprehensive nor exhaustive- :

4. Cyber crime in the Act is neither comprehensive nor exhaustive- "The IT Act, 2000 is not comprehensive enough and doesn't even define the term 'cyber crime" . Supporters of the Indian Penal Code School vehemently argue that IPC has stood the test of time and that it is not necessary to incorporate any special laws on cyber crime. This is because it is debated by them that the IPC alone is sufficient for all kinds of crime. However, in practical terms, the argument does not have appropriate backing. It has to be distinctly understood that cyber crime and cyberspace are completely new whelms, where numerous new possibilities and opportunities emerge by the day in the form of new kinds of crimes .”

5.Ambiguity in the definitions-:

5. Ambiguity in the definitions- hacking provided in section 66 of the Act is very wide and capable of misapplication . Further section 67 is also vague to certain extent. It is difficult to define the term lascivious information or obscene pornographic informa­tion.

6.Uniform Law:

6.Uniform Law Cyber crime is a global phenomenon and therefore the initiative to fight it should come from the same level. E.g. the author of the love bug virus was appreciated by his countrymen

7.Lack of Awareness:

7.Lack of Awareness If the people are vigilant about their rights the law definitely protects their right. E.g. the Delhi high court in October 2002 prevented a person from selling Microsoft pirated software over an auction site.

8. Jurisdiction issues- :

8 . Jurisdiction issues - Jurisdiction is also one of the debatable issues in the cases of cyber crime due to the very universal nature of cyber space . With the ever-growing arms of cyber space the territorial concept seems to vanish . New methods of dispute resolution should give way to the conventional  methods. The Act of 2000 is very silent on these issues

9. Extra territorial application- :

9. Extra territorial application- Though S.75 provides for extra-territorial operations of this law, but they could be meaningful only when backed with provisions recognizing orders and warrants for Information issued by competent authorities outside their jurisdiction and measure for cooperation for exchange of material and evidence of computer crimes between law enforcement agencies

10. Raising a cyber army-:

10. Raising a cyber army- The government has taken a leap in this direction by constituting cyber crime cells in all metropolitan and other important cities. Further the establishment of the Cyber Crime Investigation Cell (CCIC) of the Central Bureau of Investigation (CBI) 11 ) is definitely a welcome step in this direction.

Eg. Need of Army:

Eg. Need of Army Case 1: When a woman at an MNC started receiving obscene calls, CBI found her colleague had posted her personal details on Mumbaidating.com. Status: Probe on Case 2: CBI arrested a man from UP, Mohammed Feroz, who placed ads offering jobs in Germany. He talked to applicants via e-mail and asked them to deposit money in his bank account in Delhi. Status: Chargesheet not filed Case 3: The official web-site of the Central Board of Direct Taxes was hacked last year. As Pakistan-based hackers were responsible, authorities there were informed through Interpol. Status: Pak not cooperating

11. Cyber savvy bench-:

11. Cyber savvy bench- Cyber savvy judges are the need of the day. Judiciary plays a vital role in shaping the enactment according to the order of the day. One such stage, which needs appreciation, is the P.I.L., which the Kerela High Court has accepted through an email . The role of the judges in today’s word may be gathered by the statement- judges carve ‘law is’ to ‘law ought to be’. Mr T.K.Vishwanathan , member secretary, Law Commission , has highlighted  the requirements for introducing e-courts in India . In his article published in The Hindu he has stated “ if there is one area of Governance where IT can make a huge difference to Indian public is in the Judicial System”.

12. Dynamic form of cyber crime- :

12. Dynamic form of cyber crime- " In short, even though we have markedly improved our capabilities to fight cyber intrusions the problem is growing even faster and we are falling further behind .”

13. Hesitation to report offences-:

13. Hesitation to report offences - "The police are a powerful force today which can play an instrumental role in preventing cybercrime. At the same time, it can also end up wielding the rod and harassing innocent s, preventing them from going about their normal cyber business."

Conclusion :

Conclusion Capacity of human mind is unfathomable . It is not possible to eliminate cyber crime from the cyber space. It is quite possible to check them. History is the witness that no legislation has succeeded in totally eliminating crime from the globe. The only possible step is to make people aware of their rights and duties (to report crime as a collective duty towards the society) and further making the application of the laws more stringent to check crime