cyber crime jagdish mail

8/13/2019 Cyber Crime Jagdish Mail

1/29

1. Introduction

The internet in India is growing rapidly. It has given rise to new

opportunities in every field we can think of be it entertainment,business, sports or education. There are two sides to a coin. Internet

also has its own disadvantages. One of the major disadvantages is

Cybercrime illegal activity committed on the internet. The internet,

along with its advantages, has also exposed us to security risks that

come with connecting to a large network. Computers today are being

misused for illegal activities like e-mail espionage, credit card fraud,

spams, software piracy and so on, which invade our privacy and offend

our senses. Criminal activities in the cyberspace are on the rise.

"The modern thief can steal more with a computer than with a gun.

Tomorrowsterrorist may be able to do more damage with a

keyboard than with a bomb".


2/29

2. What is cyber crime?

Cybercrime is a term for any illegal activity that uses a computer

as its primary means of commission.

"It is a criminal activity committed on the internet. This is a broad

term that describes everything from electronic cracking to denial of

service attacks that cause electronic commerce sites to lose money".

Cybercrime is criminal activity done using computers and the

Internet. This includes anything from downloading illegal music files to

stealing millions of dollars from online bank accounts. Cybercrime also

includes non-monetary offenses, such as creating and distributing

viruses on other computers or posting confidential business

information on the Internet.


3/29

3. History of Cyber Crime

The first recorded cyber crime took place in the year 1820! That is not

surprising considering the fact that the abacus, which is thought to bethe earliest form of a computer, has been around since 3500 B.C. in

India, Japan and China. The era of modern computers, however, began

with the analytical engine of Charles Babbage.

In 1820, Joseph-Marie Jacquard, a textile manufacturer in France,

produced the loom. This device allowed the repetition of a series of

steps in the weaving of special fabrics. This resulted in a fear amongst

Jacquard's employees that their traditional employment and livelihoodwere being threatened. They committed acts of sabotage to discourage

Jacquard from further use of the new technology. This is the first

recorded cyber crime!


4/29

4. Category of cyber crime

Cybercrimes can be basically divided into 3 major categories:

I. Cybercrimes against personsII. Cybercrimes against property

III. Cybercrimes against government

I. Cybercrimes against personsCybercrimes committed against persons include various crimes

like transmission of child-pornography, harassment of any one with the

use of a computer such as e-mail. The trafficking, distribution, posting,

and dissemination of obscene material including pornography and

indecent exposure, constitutes one of the most important Cybercrimes

known today. The potential harm of such a crime to humanity can

hardly be amplified. This is one Cybercrime which threatens to

undermine the growth of the younger generation as also leaveirreparable scars and injury on the younger generation, if not

controlled.

A minor girl in Ahmadabad was lured to a private place through cyber

chat by a man, who, along with his friends, attempted to gang rape her.

As some passersby heard her cry, she was rescued.

Another example wherein the damage was not done to a person but tothe masses is the case of the Melissa virus. The Melissa virus first

appeared on the internet in March of 1999. It spread rapidly

throughout computer systems in the United States and Europe. It is


5/29

estimated that the virus caused 80 million dollars in damages to

computers worldwide.

II. Cybercrimes against propertyThe second category of Cyber-crimes is that of Cybercrimes

against all forms of property. These crimes include computer vandalism

(destruction of others' property), transmission of harmful programmes.

A Mumbai-based upstart engineering company lost a say and much

money in the business when the rival company, an industry major, stole

the technical database from their computers with the help of a

corporate cyber spy.

III. Cybercrimes against governmentThe third category of Cyber-crimes relate to Cybercrimes against

Government. Cyber terrorism is one distinct kind of crime in this

category. The growth of internet has shown that the medium ofCyberspace is being used by individuals and groups to threaten the

international governments as also to terrorize the citizens of a country.

This crime manifests itself into terrorism when an individual "cracks"

into a government or military maintained website


6/29

5. Types of cyber crime

There are many types of Cyber Crime. Many of them are below.

1. HACKING

2. DENIAL OF SERVICE ATTACK

3. VIRUS DISSEMINATION

4. SOFTWARE PIRACY

5. PORNOGRAPHY

6. IRC Crime

7. CREDIT CARD FRAUD

8. PHISHING

9. SPOOFING

10. CYBER STALKING

11. CYBER DEFAMATION

12. THREATENING

13. SALAMI ATTACK14NET EXTORTION

15. Data Theft

16. Spreading Virus or Worms

17. Identity Theft

18. E-Mail Spoofing

19. ELECTRONIC FUNDS TRANSFER FRAUD

20 ILLEGAL INTERCEPTION OF TELECOMMUNICATIONS

21. ELECTRONIC VANDALISM, TERRORISM AND EXTORTION

22. SALES AND INVESTMENT FRAUD23. ELECTRONIC MONEY LAUNDERING AND TAX EVASION

24. DISSEMINATION OF OFFENSIVE MATERIALS

25. TELECOMMUNICATIONS PIRACY


7/29

26. COMMUNICATIONS IN FURTHERANCE OF CRIMINAL CONSPIRACIES

27. THEFT OF TELECOMMUNICATIONS SERVICES

1. Hacking

What is Hacking?

Hacking is not defined in The amended IT Act, 2000. According to

wiktionary, Hacking means unauthorized attempts to bypass the

security mechanisms of an information system or network. Also, in

simple words Hacking is the unauthorized access to a computer system,programs, data and network resources. (The termhacker originally

meant a very gifted programmer. In recent years though, with easier

access to multiple systems, it now has negative implications.)

Law & Punishment: Under Information Technology (Amendment) Act,

2008, Section 43(a) read with section 66 is applicable and Section 379 &

406 of Indian Penal Code, 1860 also are applicable. If crime is provedunder IT Act, accused shall be punished for imprisonment, which may

extend to three years or with fine, which may extend to five lakh

rupees or both. Hacking offence is cognizable, bailable, compoundable

with permission of the court before which the prosecution of such

offence is pending and triable by any magistrate.

2.DENIAL OF SERVICE ATTACKThis is an act by the criminal, who floods the band width of the victims network

or fills his e-mail box with spam mail depriving him of the services he is entitled to

access or provide.


8/29

3.VIRUS DISSEMINATION

Malicious software that attaches iitself to other software.(virus, worms, Trojan Horse, Time bomb,Logic Bomb, Rabbit and Bacterium are

the malicious soft wares)

4.SOFTWARE PIRACYTheft of software through the iillegal copying of genuine programs or the

counterfeiting and distribution of products intended to pass for the original. Retail

revenue losses world wide are ever increasing due to this crime

Can be done in various ways such as end user copying, hard disk loading,

Counterfeiting, Illegal downloads from the iinternet etc.

5.PRONOGRAPHYPornography is the first consistently successful ecommerce product. It was a

deceptive marketing tactics and mouse trapping technologies. Pronography

encourage customers to access their websites. Anybody including children can log

on to the internet and access website with pronography contents with a click of a

mouse.

6.IRC CRIMEInternet Relay Chat (IRC) servers have chat rooms in which people from anywhere

the world can come together and chat with each other Criminals use it for

meeting coconspirators. Hackers use it for discussing their exploits / sharing the

techniquesPaedophiles use chat rooms to allure small children.


9/29

7.CREDIT CARD FRAUDYou siimply have to type credit card number into www page off the vendor for

online transaction If electronic transactions are not secured the credit cardnumbers can be stolen by the hackers who can misuse this card by impersonating

the credit card owner.

8.NET EXTORTIONCopying the companys confidential data in order to extort said company for huge

amount.

9.PHISHINGIt is technique of pulling out confidential information from the bank/financial

institutional account holders by deceptive means.

10.SpoofiingGetting one computer on a network to pretend to have the identity of another

computer, usually one with special access privileges ,, so as to obtain access to

the other computers on the network.

11.CYBER STALKINGThe Criminal follows the victim by sending emails, entering the chat rooms

frequently.

12.CYBER DEFAMATIONThe Criminal sends emails containing defamatory matters to all concerned of the

victim or post the defamatory matters on a website. (disgruntled employee may

do this against boss, ex-boys friend against girl, divorced husband against wife

etc)


10/29

13.THREATENINGThe Criminal sends threatening email or comes in contact in chat rooms with

victim. (Any one disgruntled may do this against boss, friend or official)

14.SALAMI ATTACKIn such crime criminal makes insignificant changes in such a manner that such

changes would go unnoticed. Criminal makes such program that deducts small

amount like 2.50 per month from the account of all the customer of the Bank and

deposit the same in his account. In this case no account holder will approach the

bank for such small amount but criminal gains huge amount

15.Data Theft

What is Data Theft?

According to Wikipedia, Data Theft is a growing problem, primarily

perpetrated by office workers with access to technology such as

desktop computers and handheld devices, capable of storing digitalinformation such as flash drives, iPods and even digital cameras. The

damage caused by data theft can be considerable with todays ability to

transmit very large files via e-mail, web pages, USB devices, DVD

storage and other hand-held devices. According to Information

Technology (Amendment) Act, 2008, crime of data theft under Section

43 (b) is stated as - If any person without permission of the owner or

any other person, who is in charge of a computer, computer system ofcomputer network - downloads, copies or extracts any data, computer

data baseor information from such computer, computer system or

computer network including information or data held or stored in any

removable storage medium, then it is data theft.


11/29

Law & Punishment: Under

Information Technology (Amendment) Act, 2008, Section 43(b) readwith Section 66 is applicable and under Section 379, 405 & 420 of

Indian Penal Code, 1860 also applicable. Data Theft offence is

cognizable, bailable, compoundablewith permission of the court before

which the prosecution of such offence is pending and triable by any

magistrate.

16.Spreading Virus or Worms

What is spreading of Virus or Worms?

In most cases, viruses can do any amount of damage, the creator

intends them to do. They can send your data to a third party and then

delete your data from your computer. They can also ruin/mess up your

system and render it unusable without a re-installation of the operating

system. Most have not done this much damage in the past, but couldeasily do this in the future. Usually the virus will install files on your

system and then will change your system so that virus program is run

every time you start your system. It will then attempt to replicate itself

by sending itself to other potential victims.

Law & Punishment: Under

Information Technology (Amendment) Act, 2008, Section 43(c) & 43(e)read with Section 66 is applicable and under Section 268 of Indian Penal

Code, 1860 also applicable. Spreading of Virus offence is cognizable,

bailable, compoundable with permission of the court before which the

prosecution of such offence is pending and triable by any magistrate.


12/29

17.Identity Theft

What is Identity Theft?

According to wikipedia Identity theft is a form of fraud or cheating ofanother persons identity in which someone pretends to be someone

else by assuming that persons identity, typically in order

to access resources or obtain credit and other benefits in that persons

name. Information Technology (Amendment) Act, 2008, crime of

identity theft under Section 66-C, whoever, fraudulently or dishonestly

make use of the electronic signature, password or any other unique

identification feature of any other person known as identity theft.

Identity theft is a term used to refer to fraud that involves stealing

money orgetting other benefits by pretending to be someone else. The

term is relatively new and is actually a misnomer, since it is not

inherently possible to steal an identity, only to use it. The person whose

identityis used can suffer various consequences when they are held

responsible for the perpetrators actions. At one time the onlyway forsomeone to steal somebody elses identity was by killing that person

and taking his place. It was typically a violent crime. However, since

then, the crime has evolved and todays white collared criminals are a

lot less brutal. But the ramifications of an identity theft are still scary.

18.Law & Punishment: Under

Information Technology (Amendment) Act, 2008, Section 66-C and

Section 419 of Indian Penal Code, 1860 also applicable. Identity Theft

offence is cognizable, bailable, compoundable with permission of the

court before which the prosecution of such offence is pending and

triable by any magistrate.


13/29

19.E-Mail Spoofing

What is Email Spoofing?

According to wikipedia, e-mail spoofing is e-mail activity in which thesender addresses and other parts of the e-mail header are altered to

appear as though the e-mail originated from a different source. E-mail

spoofing is sending an e-mail to another person in such a way that it

appears that the e-mail was sent by someone else. A spoof email is one

that appears to originate from one source but actually has been sent

from another source. Spoofing is the act of electronically disguising one

computer as another for gaining as the password system. It is becoming

so common that you can no longer take for granted that the e-mail you

are receiving is truly from the person identified as the sender. Email

spoofing is a technique used by hackers to fraudulently send email

messages in which the sender address and other parts of the email

header are altered to appear as though the email originated from a

source other than its actual source. Hackers use this method to disguise

the actual email address from which phishing and spam messages are

sent and often use email spoofing in conjunction with Web page

spoofing to trick users into providing personal and confidential

information. Law & Punishment: Under Information Technology

(Amendment) Act, 2008, Section 66-D and Section417, 419 & 465of

Indian Penal Code, 1860 also applicable. Email spoofing offence is

cognizable, bailable, compoundable with permission of the court before

which the prosecution of such offence is pending and triable by any

magistrate.


14/29

20.THEFT OF TELECOMMUNICATIONS SERVICES

The "phone phreakers" of three decades ago set a precedent

for what has become a major criminal industry. By gaining access to an

organisation's telephone switchboard (PBX) individuals or criminalorganisations can obtain access to dial-in/dial-out circuits and then

make their own calls or sell call time to third parties (Gold 1999).

Offenders may gain access to the switchboard by impersonating a

technician, by fraudulently obtaining an employee's access code, or by

using software available on the internet. Some sophisticated offenders

loop between PBX systems to evade detection. Additional forms of

service theft include capturing "calling card" details and on-selling calls

charged to the calling card account, and counterfeiting or illicit

reprogramming of stored value telephone cards.

It has been suggested that as long ago as 1990, security failures at one

major telecommunications carrier cost approximately 290 million, and

that more recently, up to 5% of total industry turnover has been lost to

fraud (Schieck 1995: 2-5; Newman 1998). Costs to individual subscriberscan also be significant In one case, computer hackers in the United

States illegally obtained access to Scotland Yard's telephone network

and made 620,000 worth of international calls for which Scotland Yard

was responsible (Tendler and Nuttall 1996).


15/29

21.COMMUNICATIONS IN FURTHERANCE OF CRIMINAL

CONSPIRACIES

Just as legitimate organisations in the private and public sectors relyupon information systems for communications and record keeping, so

too are the activities of criminal organisations enhanced by technology.

There is evidence of telecommunications equipment being used to

facilitate organised drug trafficking, gambling, prostitution, money

laundering, child pornography and trade in weapons (in those

jurisdictions where such activities are illegal). The use of encryption

technology may place criminal communications beyond the reach of

law enforcement.

The use of computer networks to produce and distribute child

pornography has become the subject of increasing attention. Today,

these materials can be imported across national borders at the speed

of light (Grant, David and Grabosky 1997). The more overt

manifestations of internet child pornography entail a modest degree oforganisation, as required by the infrastructure of IRC and WWW, but

the activity appears largely confined to individuals.

By contrast, some of the less publicly visible traffic in child pornography

activity appears to entail a greater degree of organisation. Although

knowledge is confined to that conduct which has been the target of

successful police investigation, there appear to have been a number of

networks which extend cross-nationally, use sophisticated technologies

of concealment, and entail a significant degree of coordination.


16/29

Illustrative of such activity was the Wonderland Club, an international

network with members in at least 14 nations ranging from Europe, to

North America, to Australia. Access to the group was password

protected, and content was encrypted. Police investigation of the

activity, codenamed "Operation Cathedral" resulted in approximately

100 arrests around the world, and the seizure of over 100,000 images

in September, 1998.

22.TELECOMMUNICATIONS PIRACY

Digital technology permits perfect reproduction and easy dissemination

of print, graphics, sound, and multimedia combinations. The

temptation to reproduce copyrighted material for personal use, for sale

at a lower price, or indeed, for free distribution, has proven irresistable

to many.

This has caused considerable concern to owners of copyrighted

material. Each year, it has been estimated that losses of between

US$15 and US$17 billion are sustained by industry by reason of

copyright infringement (United States, Information Infrastructure Task

Force 1995, 131).

The Software Publishers Association has estimated that $7.4 billion

worth of software was lost to piracy in 1993 with $2 billion of that

being stolen from the Internet (Meyer and Underwood 1994).

Ryan (1998) puts the cost of foreign piracy to American industry at

more than $10 billion in 1996, including $1.8 billion in the film industry,


17/29

$1.2 billion in music, $3.8 billion in business application software, and

$690 million in book publishing.

According to the Straits Times (8/11/99) A copy of the most recent

James Bond Film The World is Not Enough, was available free on the

internet before its official release.

When creators of a work, in whatever medium, are unable to profit

from their creations, there can be a chilling effect on creative effort

generally, in addition to financial loss.

23.DISSEMINATION OF OFFENSIVE MATERIALS

Content considered by some to be objectionable exists in abundance in

cyberspace. This includes, among much else, sexually explicit materials,

racist propaganda, and instructions for the fabrication of incendiary and

explosive devices. Telecommunications systems can also be used for

harassing, threatening or intrusive communications, from thetraditional obscene telephone call to its contemporary manifestation in

"cyber-stalking", in which persistent messages are sent to an unwilling

recipient.

One man allegedly stole nude photographs of his former girlfriend and

her new boyfriend and posted them on the Internet, along with her

name, address and telephone number. The unfortunate couple,

residents of Kenosha, Wisconsin, received phone calls and e-mails from

strangers as far away as Denmark who said they had seen the photos

on the Internet. Investigations also revealed that the suspect was

maintaining records about the woman's movements and compiling

information about her family (Spice and Sink 1999).


18/29

In another case a rejected suitor posted invitations on the Internet

under the name of a 28-year-old woman, the would-be object of his

affections, that said that she had fantasies of rape and gang rape. He

then communicated via email with men who replied to the solicitationsand gave out personal information about the woman, including her

address, phone number, details of her physical appearance and how to

bypass her home security system. Strange men turned up at her home

on six different occasions and she received many obscene phone calls.

While the woman was not physically assaulted, she would not answer

the phone, was afraid to leave her home, and lost her job (Miller 1999;

Miller and Maharaj 1999).

One former university student in California used email to harass 5

female students in 1998. He bought information on the Internet about

the women using a professor's credit card and then sent 100 messages

including death threats, graphic sexual descriptions and references to

their daily activities. He apparently made the threats in response to

perceived teasing about his appearance (Associated Press 1999a).

Computer networks may also be used in furtherance of extortion. The

Sunday Times (London) reported in 1996 that over 40 financial

institutions in Britain and the United States had been attacked

electronically over the previous three years. In England, financial

institutions were reported to have paid significant amounts tosophisticated computer criminals who threatened to wipe out

computer systems. (The Sunday Times, June 2, 1996). The article cited

four incidents between 1993 and 1995 in which a total of 42.5 million

Pounds Sterling were paid by senior executives of the organisations


19/29

concerned, who were convinced of the extortionists' capacity to crash

their computer systems (Denning 1999 233-4).

24.ELECTRONIC MONEY LAUNDERING AND TAX EVASION

For some time now, electronic funds transfers have assisted in

concealing and in moving the proceeds of crime. Emerging technologies

will greatly assist in concealing the origin of ill-gotten gains.

Legitimately derived income may also be more easily concealed from

taxation authorities. Large financial institutions will no longer be the

only ones with the ability to achieve electronic funds transfers

transiting numerous jurisdictions at the speed of light. The

development of informal banking institutions and parallel banking

systems may permit central bank supervision to be bypassed, but can

also facilitate the evasion of cash transaction reporting requirements in

those nations which have them. Traditional underground banks, which

have flourished in Asian countries for centuries, will enjoy even greatercapacity through the use of telecommunications.

With the emergence and proliferation of various technologies of

electronic commerce, one can easily envisage how traditional

countermeasures against money laundering and tax evasion may soon

be of limited value. I may soon be able to sell you a quantity of heroin,in return for an untraceable transfer of stored value to my "smart-

card", which I then download anonymously to my account in a financial

institution situated in an overseas jurisdiction which protects the

privacy of banking clients. I can discreetly draw upon these funds as and


20/29

when I may require, downloading them back to my stored value card

(Wahlert 1996).

25.ELECTRONIC VANDALISM, TERRORISM AND

EXTORTION

As never before, western industrial society is dependent upon complex

data processing and telecommunications systems. Damage to, or

interference with, any of these systems can lead to catastrophic

consequences. Whether motivated by curiosity or vindictivenesselectronic intruders cause inconvenience at best, and have the

potential for inflicting massive harm (Hundley and Anderson 1995,

Schwartau 1994).

While this potential has yet to be realised, a number of individuals and

protest groups have hacked the official web pages of variousgovernmental and commercial organisations (Rathmell 1997).

http://www.2600.com/hacked_pages/ (visited 4 January 2000). This

may also operate in reverse: early in 1999 an organised hacking

incident was apparently directed at a server which hosted the Internet

domain for East Timor, which at the time was seeking its independence

from Indonesia (Creed 1999).

Defence planners around the world are investing substantially in

information warfare-- means of disrupting the information technology

infrastructure of defence systems (Stix 1995). Attempts were made to


21/29

disrupt the computer systems of the Sri Lankan Government

(Associated Press 1998), and of the North Atlantic Treaty Organization

during the 1999 bombing of Belgrade (BBC 1999). One case, which

illustrates the transnational reach of extortionists, involved a number ofGerman hackers who compromised the system of an Internet service

provider in South Florida, disabling eight of the ISPs ten servers. The

offenders obtained personal information and credit card details of

10,000 subscribers, and, communicating via electronic mail through one

of the compromised accounts, demanded that US$30,000 be delivered

to a mail drop in Germany. Co-operation between US and German

authorities resulted in the arrest of the extortionists (Bauer 1998).

More recently, an extortionist in Eastern Europe obtained the credit

card details of customers of a North American based on-line music

retailer, and published some on the Internet when the retailer refused

to comply with his demands (Markoff 2000).

26.SALES AND INVESTMENT FRAUD

As electronic commerce becomes more prevalent, the application of

digital technology to fraudulent endeavours will be that much greater.

The use of the telephone for fraudulent sales pitches, deceptive

charitable solicitations, or bogus investment overtures is increasingly

common. Cyberspace now abounds with a wide variety of investment

opportunities, from traditional securities such as stocks and bonds, to

more exotic opportunities such as coconut farming, the sale and

leaseback of automatic teller machines, and worldwide telephone

lotteries (Cella and Stark 1997 837-844). Indeed, the digital age has


22/29

been accompanied by unprecedented opportunities for

misinformation. Fraudsters now enjoy direct access to millions of

prospective victims around the world, instantaneously and at minimal

cost.

Classic pyramid schemes and "Exciting, Low-Risk Investment

Opportunities" are not uncommon. The technology of the World Wide

Web is ideally suited to investment solicitations. In the words of two

SEC staff "At very little cost, and from the privacy of a basement office

or living room, the fraudster can produce a home page that looks betterand more sophisticated than that of a Fortune 500 company" (Cella and

Stark 1997, 822).

27.ILLEGAL INTERCEPTION OF TELECOMMUNICATIONS

Developments in telecommunications provide new opportunities forelectronic eavesdropping. From activities as time-honoured as

surveillance of an unfaithful spouse, to the newest forms of political

and industrial espionage, telecommunications interception has

increasing applications. Here again, technological developments create

new vulnerabilities. The electromagnetic signals emitted by a computer

may themselves be intercepted. Cables may act as broadcast antennas.

Existing law does not prevent the remote monitoring of computer

radiation.


23/29

It has been reported that the notorious American hacker Kevin Poulsen

was able to gain access to law enforcement and national security

wiretap data prior to his arrest in 1991 (Littman 1997). In 1995, hackers

employed by a criminal organisation attacked the communicationssystem of the Amsterdam Police. The hackers succeeded in gaining

police operational intelligence, and in disrupting police communications

(Rathmell 1997).

28.ELECTRONIC FUNDS TRANSFER FRAUD

Electronic funds transfer systems have begun to proliferate, and so has

the risk that such transactions may be intercepted and diverted. Valid

credit card numbers can be intercepted electronically, as well as

physically; the digital information stored on a card can be

counterfeited.

Of course, we don't need Willie Sutton to remind us that banks are

where they keep the money. In 1994, a Russian hacker Vladimir Levin,

operating from St Petersburg, accessed the computers of Citibank's

central wire transfer department, and transferred funds from large

corporate accounts to other accounts which had been opened by his

accomplices in The United States, the Netherlands, Finland, Germany,

and Israel. Officials from one of the corporate victims, located in

Argentina, notified the bank, and the suspect accounts, located in San

Francisco, were frozen. The accomplice was arrested. Another

accomplice was caught attempting to withdraw funds from an account

in Rotterdam. Although Russian law precluded Levin's extradition, he


24/29

was arrested during a visit to the United States and subsequently

imprisoned. (Denning 1999, 55).

The above forms of computer-related crime are not necessarily

mutually exclusive, and need not occur in isolation. Just as an armed

robber might steal an automobile to facilitate a quick getaway, so too

can one steal telecommunications services and use them for purposes

of vandalism, fraud, or in furtherance of a criminal conspiracy.1

Computer-related crime may be compound in nature, combining two or

more of the generic forms outlined above.


25/29

6. PREVENTION

6.1 PREVENTIVE STEPS FOR INDIVIDUALS

6.1.1. CHILDREN:

Children should not give out identifying information such as Name,

Home address, School Name or Telephone Number in a chat room.

They should not give photographs to anyone on the Net without first

checking or informing parents guardians. They should not respond to

messages, which are suggestive, obscene, belligerent or threatening,

and not to arrange a face-toface meeting without telling parents or

guardians. They should remember that people online might not be who

they seem.

6.1.2 PARENTS:

Parent should use content filtering software on PC to protect children

from pornography, gambling, hate speech, drugs and alcohol.

There is also software to establish time controls for use of limpets (for

example blocking usage after a particulars time) and allowing parents

to see which site item children have visited. Use this software to keep

track of the type of activities of children.

6.1.3. GENERAL INFORMATION:

Dont delete harmful communications (emails, chats etc). They will

provide vital information about system and address of the person

behind these.


26/29

Try not to panic.

If you feel any immediate physical danger contact your local police.

Avoid getting into huge arguments online during chat and discussionswith other users.

Remember that all other Internet users are strangers; you do not know

who you are chatting with. So be careful.

Be extremely careful about how you share personal information about

yourself online.

Choose your chatting nickname carefully so as others.

Be extremely cautious about meeting online introduced person. If

you choose to meet, do so in a public place along with a friend.

If a situation online becomes hostile, log off and if a situation places

you in fear, contact local police.

Save all communications for evidence. Do not edit it in any way. Also,

keep a record of your contacts and inform Law Enforcement Officials.

6.2 PREVENTIVE STEPS FOR ORGANISATIONS AND GOVERNMENT

6.2.1 PHYSICAL SECURITY: Physical security is most sensitivecomponent, as prevention from cyber crime Computer network should

be protected from the access of unauthorized persons.

6.2.2 ACCESS CONTROL: Access Control system is generally

implemented using firewalls, which provide a centralized point from


27/29

which to permit or allow access. Firewalls allow only authorized

communications between the internal and external network.

6.2.3 PASSWORD: Proof of identity is an essential component to

identify intruder. The use of passwords in the most common security

for network system including servers, routers and firewalls. Mostly all

the systems are programmed to ask for username and password for

access to computer system. This provides the verification of user.

Password should be charged with regular interval of time and it should

be alpha numeric and should be difficult to judge.

6.2.4 FINDING THE HOLES IN NETWORK: System managers should trackdown the holes before the intruders do. Many networking product

manufactures are not particularly aware with the information about

security holes in their products. So organization should work hard to

discover security holes, bugs and weaknesses and report their findings

as they are confirmed.

6.2.5 USING NETWORK SCANNING PROGRAMS: There is a security

administrations tool called UNIX, which is freely available on Internet.

This utility scans and gathers information about any host on a network,

regardless of which operating system or services the hosts were

running. It checks the known vulnerabilities include bugs, security

weakness, inadequate password protection and so on. There is another

product available called COPS (Computer Oracle and Password System).

It scans for poor passwords, dangerous file permissions, and dates ofkey files compared to dates of CERT security advisories.

6.2.6 USING INTRUSION ALERT PROGRAMS: As it is important to

identify and close existing security holes, you also need to put some

watchdogs into service. There are some intrusion programs, which


28/29

identify suspicious activity and report so that necessary action is taken.

They need to be operating constantly so that all unusual behaviour on

network is caught immediately.

6.2.7 USING ENCRYPTION: - Encryption is able to transform data into a

form that makes it almost impossible to read it without the right key.

This key is used to allow controlled access to the information to

selected people. The information can be passed on to any one but only

the people with the right key are able to see the information.

Encryption allows sending confidential documents by E-mail or save

confidential information on laptop computers without having to fear

that if someone steals it the data will become public. With the right

encryption/decryption software installed, it will hook up to mail

program and encrypt/decrypt messages automatically without user

interaction.

3.0 DETECTION: Cyber crime is the latest and perhaps the most

specialized and dynamic field in cyber laws. Some of the Cyber Crimes

like network Intrusion are difficult to detect and investigation even

though most of crimes against individual like cyber stalking, cyber

defamation, cyber pornography can be detected and investigated

through following steps:

After receiving such type of mail

(1) Give command to computer to show full header of mail.

(2) In full header find out the IP number and time of delivery of number

and this IP number always different for every mail. From this IP number

we can know who was the Internet service provider for that system

from which the mail had come.


29/29

(3) To know about Internet Service Provider from IP number take the

service of search engine like nic.com, macffvisualroute. Com,

apnic.com, arin.com.

(4) After opening the website of any of above mentioned search engine,

feed the IP number and after some time name of ISP can be obtained.

(5) After getting the name of ISP we can get the information about the

sender from the ISP by giving them the IP number, date and time of

sender.

(6) ISP will provide the address and phone number of the system, which

was used to send the mail with bad intention.

After Knowing the address and phone number criminal can be

apprehended by using conventional police methods.

-Cyber Crime is Silent Violence- -Be Aware, Play Safe- Prevent Cyber

Crimes!!!

cyber crime jagdish mail

Documents