cyber crime jagdish mail
TRANSCRIPT
-
8/13/2019 Cyber Crime Jagdish Mail
1/29
1. Introduction
The internet in India is growing rapidly. It has given rise to new
opportunities in every field we can think of be it entertainment,business, sports or education. There are two sides to a coin. Internet
also has its own disadvantages. One of the major disadvantages is
Cybercrime illegal activity committed on the internet. The internet,
along with its advantages, has also exposed us to security risks that
come with connecting to a large network. Computers today are being
misused for illegal activities like e-mail espionage, credit card fraud,
spams, software piracy and so on, which invade our privacy and offend
our senses. Criminal activities in the cyberspace are on the rise.
"The modern thief can steal more with a computer than with a gun.
Tomorrowsterrorist may be able to do more damage with a
keyboard than with a bomb".
-
8/13/2019 Cyber Crime Jagdish Mail
2/29
2. What is cyber crime?
Cybercrime is a term for any illegal activity that uses a computer
as its primary means of commission.
"It is a criminal activity committed on the internet. This is a broad
term that describes everything from electronic cracking to denial of
service attacks that cause electronic commerce sites to lose money".
Cybercrime is criminal activity done using computers and the
Internet. This includes anything from downloading illegal music files to
stealing millions of dollars from online bank accounts. Cybercrime also
includes non-monetary offenses, such as creating and distributing
viruses on other computers or posting confidential business
information on the Internet.
-
8/13/2019 Cyber Crime Jagdish Mail
3/29
3. History of Cyber Crime
The first recorded cyber crime took place in the year 1820! That is not
surprising considering the fact that the abacus, which is thought to bethe earliest form of a computer, has been around since 3500 B.C. in
India, Japan and China. The era of modern computers, however, began
with the analytical engine of Charles Babbage.
In 1820, Joseph-Marie Jacquard, a textile manufacturer in France,
produced the loom. This device allowed the repetition of a series of
steps in the weaving of special fabrics. This resulted in a fear amongst
Jacquard's employees that their traditional employment and livelihoodwere being threatened. They committed acts of sabotage to discourage
Jacquard from further use of the new technology. This is the first
recorded cyber crime!
-
8/13/2019 Cyber Crime Jagdish Mail
4/29
4. Category of cyber crime
Cybercrimes can be basically divided into 3 major categories:
I. Cybercrimes against personsII. Cybercrimes against property
III. Cybercrimes against government
I. Cybercrimes against personsCybercrimes committed against persons include various crimes
like transmission of child-pornography, harassment of any one with the
use of a computer such as e-mail. The trafficking, distribution, posting,
and dissemination of obscene material including pornography and
indecent exposure, constitutes one of the most important Cybercrimes
known today. The potential harm of such a crime to humanity can
hardly be amplified. This is one Cybercrime which threatens to
undermine the growth of the younger generation as also leaveirreparable scars and injury on the younger generation, if not
controlled.
A minor girl in Ahmadabad was lured to a private place through cyber
chat by a man, who, along with his friends, attempted to gang rape her.
As some passersby heard her cry, she was rescued.
Another example wherein the damage was not done to a person but tothe masses is the case of the Melissa virus. The Melissa virus first
appeared on the internet in March of 1999. It spread rapidly
throughout computer systems in the United States and Europe. It is
-
8/13/2019 Cyber Crime Jagdish Mail
5/29
estimated that the virus caused 80 million dollars in damages to
computers worldwide.
II. Cybercrimes against propertyThe second category of Cyber-crimes is that of Cybercrimes
against all forms of property. These crimes include computer vandalism
(destruction of others' property), transmission of harmful programmes.
A Mumbai-based upstart engineering company lost a say and much
money in the business when the rival company, an industry major, stole
the technical database from their computers with the help of a
corporate cyber spy.
III. Cybercrimes against governmentThe third category of Cyber-crimes relate to Cybercrimes against
Government. Cyber terrorism is one distinct kind of crime in this
category. The growth of internet has shown that the medium ofCyberspace is being used by individuals and groups to threaten the
international governments as also to terrorize the citizens of a country.
This crime manifests itself into terrorism when an individual "cracks"
into a government or military maintained website
-
8/13/2019 Cyber Crime Jagdish Mail
6/29
5. Types of cyber crime
There are many types of Cyber Crime. Many of them are below.
1. HACKING
2. DENIAL OF SERVICE ATTACK
3. VIRUS DISSEMINATION
4. SOFTWARE PIRACY
5. PORNOGRAPHY
6. IRC Crime
7. CREDIT CARD FRAUD
8. PHISHING
9. SPOOFING
10. CYBER STALKING
11. CYBER DEFAMATION
12. THREATENING
13. SALAMI ATTACK14NET EXTORTION
15. Data Theft
16. Spreading Virus or Worms
17. Identity Theft
18. E-Mail Spoofing
19. ELECTRONIC FUNDS TRANSFER FRAUD
20 ILLEGAL INTERCEPTION OF TELECOMMUNICATIONS
21. ELECTRONIC VANDALISM, TERRORISM AND EXTORTION
22. SALES AND INVESTMENT FRAUD23. ELECTRONIC MONEY LAUNDERING AND TAX EVASION
24. DISSEMINATION OF OFFENSIVE MATERIALS
25. TELECOMMUNICATIONS PIRACY
-
8/13/2019 Cyber Crime Jagdish Mail
7/29
26. COMMUNICATIONS IN FURTHERANCE OF CRIMINAL CONSPIRACIES
27. THEFT OF TELECOMMUNICATIONS SERVICES
1. Hacking
What is Hacking?
Hacking is not defined in The amended IT Act, 2000. According to
wiktionary, Hacking means unauthorized attempts to bypass the
security mechanisms of an information system or network. Also, in
simple words Hacking is the unauthorized access to a computer system,programs, data and network resources. (The termhacker originally
meant a very gifted programmer. In recent years though, with easier
access to multiple systems, it now has negative implications.)
Law & Punishment: Under Information Technology (Amendment) Act,
2008, Section 43(a) read with section 66 is applicable and Section 379 &
406 of Indian Penal Code, 1860 also are applicable. If crime is provedunder IT Act, accused shall be punished for imprisonment, which may
extend to three years or with fine, which may extend to five lakh
rupees or both. Hacking offence is cognizable, bailable, compoundable
with permission of the court before which the prosecution of such
offence is pending and triable by any magistrate.
2.DENIAL OF SERVICE ATTACKThis is an act by the criminal, who floods the band width of the victims network
or fills his e-mail box with spam mail depriving him of the services he is entitled to
access or provide.
-
8/13/2019 Cyber Crime Jagdish Mail
8/29
3.VIRUS DISSEMINATION
Malicious software that attaches iitself to other software.(virus, worms, Trojan Horse, Time bomb,Logic Bomb, Rabbit and Bacterium are
the malicious soft wares)
4.SOFTWARE PIRACYTheft of software through the iillegal copying of genuine programs or the
counterfeiting and distribution of products intended to pass for the original. Retail
revenue losses world wide are ever increasing due to this crime
Can be done in various ways such as end user copying, hard disk loading,
Counterfeiting, Illegal downloads from the iinternet etc.
5.PRONOGRAPHYPornography is the first consistently successful ecommerce product. It was a
deceptive marketing tactics and mouse trapping technologies. Pronography
encourage customers to access their websites. Anybody including children can log
on to the internet and access website with pronography contents with a click of a
mouse.
6.IRC CRIMEInternet Relay Chat (IRC) servers have chat rooms in which people from anywhere
the world can come together and chat with each other Criminals use it for
meeting coconspirators. Hackers use it for discussing their exploits / sharing the
techniquesPaedophiles use chat rooms to allure small children.
-
8/13/2019 Cyber Crime Jagdish Mail
9/29
7.CREDIT CARD FRAUDYou siimply have to type credit card number into www page off the vendor for
online transaction If electronic transactions are not secured the credit cardnumbers can be stolen by the hackers who can misuse this card by impersonating
the credit card owner.
8.NET EXTORTIONCopying the companys confidential data in order to extort said company for huge
amount.
9.PHISHINGIt is technique of pulling out confidential information from the bank/financial
institutional account holders by deceptive means.
10.SpoofiingGetting one computer on a network to pretend to have the identity of another
computer, usually one with special access privileges ,, so as to obtain access to
the other computers on the network.
11.CYBER STALKINGThe Criminal follows the victim by sending emails, entering the chat rooms
frequently.
12.CYBER DEFAMATIONThe Criminal sends emails containing defamatory matters to all concerned of the
victim or post the defamatory matters on a website. (disgruntled employee may
do this against boss, ex-boys friend against girl, divorced husband against wife
etc)
-
8/13/2019 Cyber Crime Jagdish Mail
10/29
13.THREATENINGThe Criminal sends threatening email or comes in contact in chat rooms with
victim. (Any one disgruntled may do this against boss, friend or official)
14.SALAMI ATTACKIn such crime criminal makes insignificant changes in such a manner that such
changes would go unnoticed. Criminal makes such program that deducts small
amount like 2.50 per month from the account of all the customer of the Bank and
deposit the same in his account. In this case no account holder will approach the
bank for such small amount but criminal gains huge amount
15.Data Theft
What is Data Theft?
According to Wikipedia, Data Theft is a growing problem, primarily
perpetrated by office workers with access to technology such as
desktop computers and handheld devices, capable of storing digitalinformation such as flash drives, iPods and even digital cameras. The
damage caused by data theft can be considerable with todays ability to
transmit very large files via e-mail, web pages, USB devices, DVD
storage and other hand-held devices. According to Information
Technology (Amendment) Act, 2008, crime of data theft under Section
43 (b) is stated as - If any person without permission of the owner or
any other person, who is in charge of a computer, computer system ofcomputer network - downloads, copies or extracts any data, computer
data baseor information from such computer, computer system or
computer network including information or data held or stored in any
removable storage medium, then it is data theft.
-
8/13/2019 Cyber Crime Jagdish Mail
11/29
Law & Punishment: Under
Information Technology (Amendment) Act, 2008, Section 43(b) readwith Section 66 is applicable and under Section 379, 405 & 420 of
Indian Penal Code, 1860 also applicable. Data Theft offence is
cognizable, bailable, compoundablewith permission of the court before
which the prosecution of such offence is pending and triable by any
magistrate.
16.Spreading Virus or Worms
What is spreading of Virus or Worms?
In most cases, viruses can do any amount of damage, the creator
intends them to do. They can send your data to a third party and then
delete your data from your computer. They can also ruin/mess up your
system and render it unusable without a re-installation of the operating
system. Most have not done this much damage in the past, but couldeasily do this in the future. Usually the virus will install files on your
system and then will change your system so that virus program is run
every time you start your system. It will then attempt to replicate itself
by sending itself to other potential victims.
Law & Punishment: Under
Information Technology (Amendment) Act, 2008, Section 43(c) & 43(e)read with Section 66 is applicable and under Section 268 of Indian Penal
Code, 1860 also applicable. Spreading of Virus offence is cognizable,
bailable, compoundable with permission of the court before which the
prosecution of such offence is pending and triable by any magistrate.
-
8/13/2019 Cyber Crime Jagdish Mail
12/29
17.Identity Theft
What is Identity Theft?
According to wikipedia Identity theft is a form of fraud or cheating ofanother persons identity in which someone pretends to be someone
else by assuming that persons identity, typically in order
to access resources or obtain credit and other benefits in that persons
name. Information Technology (Amendment) Act, 2008, crime of
identity theft under Section 66-C, whoever, fraudulently or dishonestly
make use of the electronic signature, password or any other unique
identification feature of any other person known as identity theft.
Identity theft is a term used to refer to fraud that involves stealing
money orgetting other benefits by pretending to be someone else. The
term is relatively new and is actually a misnomer, since it is not
inherently possible to steal an identity, only to use it. The person whose
identityis used can suffer various consequences when they are held
responsible for the perpetrators actions. At one time the onlyway forsomeone to steal somebody elses identity was by killing that person
and taking his place. It was typically a violent crime. However, since
then, the crime has evolved and todays white collared criminals are a
lot less brutal. But the ramifications of an identity theft are still scary.
18.Law & Punishment: Under
Information Technology (Amendment) Act, 2008, Section 66-C and
Section 419 of Indian Penal Code, 1860 also applicable. Identity Theft
offence is cognizable, bailable, compoundable with permission of the
court before which the prosecution of such offence is pending and
triable by any magistrate.
-
8/13/2019 Cyber Crime Jagdish Mail
13/29
19.E-Mail Spoofing
What is Email Spoofing?
According to wikipedia, e-mail spoofing is e-mail activity in which thesender addresses and other parts of the e-mail header are altered to
appear as though the e-mail originated from a different source. E-mail
spoofing is sending an e-mail to another person in such a way that it
appears that the e-mail was sent by someone else. A spoof email is one
that appears to originate from one source but actually has been sent
from another source. Spoofing is the act of electronically disguising one
computer as another for gaining as the password system. It is becoming
so common that you can no longer take for granted that the e-mail you
are receiving is truly from the person identified as the sender. Email
spoofing is a technique used by hackers to fraudulently send email
messages in which the sender address and other parts of the email
header are altered to appear as though the email originated from a
source other than its actual source. Hackers use this method to disguise
the actual email address from which phishing and spam messages are
sent and often use email spoofing in conjunction with Web page
spoofing to trick users into providing personal and confidential
information. Law & Punishment: Under Information Technology
(Amendment) Act, 2008, Section 66-D and Section417, 419 & 465of
Indian Penal Code, 1860 also applicable. Email spoofing offence is
cognizable, bailable, compoundable with permission of the court before
which the prosecution of such offence is pending and triable by any
magistrate.
-
8/13/2019 Cyber Crime Jagdish Mail
14/29
20.THEFT OF TELECOMMUNICATIONS SERVICES
The "phone phreakers" of three decades ago set a precedent
for what has become a major criminal industry. By gaining access to an
organisation's telephone switchboard (PBX) individuals or criminalorganisations can obtain access to dial-in/dial-out circuits and then
make their own calls or sell call time to third parties (Gold 1999).
Offenders may gain access to the switchboard by impersonating a
technician, by fraudulently obtaining an employee's access code, or by
using software available on the internet. Some sophisticated offenders
loop between PBX systems to evade detection. Additional forms of
service theft include capturing "calling card" details and on-selling calls
charged to the calling card account, and counterfeiting or illicit
reprogramming of stored value telephone cards.
It has been suggested that as long ago as 1990, security failures at one
major telecommunications carrier cost approximately 290 million, and
that more recently, up to 5% of total industry turnover has been lost to
fraud (Schieck 1995: 2-5; Newman 1998). Costs to individual subscriberscan also be significant In one case, computer hackers in the United
States illegally obtained access to Scotland Yard's telephone network
and made 620,000 worth of international calls for which Scotland Yard
was responsible (Tendler and Nuttall 1996).
-
8/13/2019 Cyber Crime Jagdish Mail
15/29
21.COMMUNICATIONS IN FURTHERANCE OF CRIMINAL
CONSPIRACIES
Just as legitimate organisations in the private and public sectors relyupon information systems for communications and record keeping, so
too are the activities of criminal organisations enhanced by technology.
There is evidence of telecommunications equipment being used to
facilitate organised drug trafficking, gambling, prostitution, money
laundering, child pornography and trade in weapons (in those
jurisdictions where such activities are illegal). The use of encryption
technology may place criminal communications beyond the reach of
law enforcement.
The use of computer networks to produce and distribute child
pornography has become the subject of increasing attention. Today,
these materials can be imported across national borders at the speed
of light (Grant, David and Grabosky 1997). The more overt
manifestations of internet child pornography entail a modest degree oforganisation, as required by the infrastructure of IRC and WWW, but
the activity appears largely confined to individuals.
By contrast, some of the less publicly visible traffic in child pornography
activity appears to entail a greater degree of organisation. Although
knowledge is confined to that conduct which has been the target of
successful police investigation, there appear to have been a number of
networks which extend cross-nationally, use sophisticated technologies
of concealment, and entail a significant degree of coordination.
-
8/13/2019 Cyber Crime Jagdish Mail
16/29
Illustrative of such activity was the Wonderland Club, an international
network with members in at least 14 nations ranging from Europe, to
North America, to Australia. Access to the group was password
protected, and content was encrypted. Police investigation of the
activity, codenamed "Operation Cathedral" resulted in approximately
100 arrests around the world, and the seizure of over 100,000 images
in September, 1998.
22.TELECOMMUNICATIONS PIRACY
Digital technology permits perfect reproduction and easy dissemination
of print, graphics, sound, and multimedia combinations. The
temptation to reproduce copyrighted material for personal use, for sale
at a lower price, or indeed, for free distribution, has proven irresistable
to many.
This has caused considerable concern to owners of copyrighted
material. Each year, it has been estimated that losses of between
US$15 and US$17 billion are sustained by industry by reason of
copyright infringement (United States, Information Infrastructure Task
Force 1995, 131).
The Software Publishers Association has estimated that $7.4 billion
worth of software was lost to piracy in 1993 with $2 billion of that
being stolen from the Internet (Meyer and Underwood 1994).
Ryan (1998) puts the cost of foreign piracy to American industry at
more than $10 billion in 1996, including $1.8 billion in the film industry,
-
8/13/2019 Cyber Crime Jagdish Mail
17/29
$1.2 billion in music, $3.8 billion in business application software, and
$690 million in book publishing.
According to the Straits Times (8/11/99) A copy of the most recent
James Bond Film The World is Not Enough, was available free on the
internet before its official release.
When creators of a work, in whatever medium, are unable to profit
from their creations, there can be a chilling effect on creative effort
generally, in addition to financial loss.
23.DISSEMINATION OF OFFENSIVE MATERIALS
Content considered by some to be objectionable exists in abundance in
cyberspace. This includes, among much else, sexually explicit materials,
racist propaganda, and instructions for the fabrication of incendiary and
explosive devices. Telecommunications systems can also be used for
harassing, threatening or intrusive communications, from thetraditional obscene telephone call to its contemporary manifestation in
"cyber-stalking", in which persistent messages are sent to an unwilling
recipient.
One man allegedly stole nude photographs of his former girlfriend and
her new boyfriend and posted them on the Internet, along with her
name, address and telephone number. The unfortunate couple,
residents of Kenosha, Wisconsin, received phone calls and e-mails from
strangers as far away as Denmark who said they had seen the photos
on the Internet. Investigations also revealed that the suspect was
maintaining records about the woman's movements and compiling
information about her family (Spice and Sink 1999).
-
8/13/2019 Cyber Crime Jagdish Mail
18/29
In another case a rejected suitor posted invitations on the Internet
under the name of a 28-year-old woman, the would-be object of his
affections, that said that she had fantasies of rape and gang rape. He
then communicated via email with men who replied to the solicitationsand gave out personal information about the woman, including her
address, phone number, details of her physical appearance and how to
bypass her home security system. Strange men turned up at her home
on six different occasions and she received many obscene phone calls.
While the woman was not physically assaulted, she would not answer
the phone, was afraid to leave her home, and lost her job (Miller 1999;
Miller and Maharaj 1999).
One former university student in California used email to harass 5
female students in 1998. He bought information on the Internet about
the women using a professor's credit card and then sent 100 messages
including death threats, graphic sexual descriptions and references to
their daily activities. He apparently made the threats in response to
perceived teasing about his appearance (Associated Press 1999a).
Computer networks may also be used in furtherance of extortion. The
Sunday Times (London) reported in 1996 that over 40 financial
institutions in Britain and the United States had been attacked
electronically over the previous three years. In England, financial
institutions were reported to have paid significant amounts tosophisticated computer criminals who threatened to wipe out
computer systems. (The Sunday Times, June 2, 1996). The article cited
four incidents between 1993 and 1995 in which a total of 42.5 million
Pounds Sterling were paid by senior executives of the organisations
-
8/13/2019 Cyber Crime Jagdish Mail
19/29
concerned, who were convinced of the extortionists' capacity to crash
their computer systems (Denning 1999 233-4).
24.ELECTRONIC MONEY LAUNDERING AND TAX EVASION
For some time now, electronic funds transfers have assisted in
concealing and in moving the proceeds of crime. Emerging technologies
will greatly assist in concealing the origin of ill-gotten gains.
Legitimately derived income may also be more easily concealed from
taxation authorities. Large financial institutions will no longer be the
only ones with the ability to achieve electronic funds transfers
transiting numerous jurisdictions at the speed of light. The
development of informal banking institutions and parallel banking
systems may permit central bank supervision to be bypassed, but can
also facilitate the evasion of cash transaction reporting requirements in
those nations which have them. Traditional underground banks, which
have flourished in Asian countries for centuries, will enjoy even greatercapacity through the use of telecommunications.
With the emergence and proliferation of various technologies of
electronic commerce, one can easily envisage how traditional
countermeasures against money laundering and tax evasion may soon
be of limited value. I may soon be able to sell you a quantity of heroin,in return for an untraceable transfer of stored value to my "smart-
card", which I then download anonymously to my account in a financial
institution situated in an overseas jurisdiction which protects the
privacy of banking clients. I can discreetly draw upon these funds as and
-
8/13/2019 Cyber Crime Jagdish Mail
20/29
when I may require, downloading them back to my stored value card
(Wahlert 1996).
25.ELECTRONIC VANDALISM, TERRORISM AND
EXTORTION
As never before, western industrial society is dependent upon complex
data processing and telecommunications systems. Damage to, or
interference with, any of these systems can lead to catastrophic
consequences. Whether motivated by curiosity or vindictivenesselectronic intruders cause inconvenience at best, and have the
potential for inflicting massive harm (Hundley and Anderson 1995,
Schwartau 1994).
While this potential has yet to be realised, a number of individuals and
protest groups have hacked the official web pages of variousgovernmental and commercial organisations (Rathmell 1997).
http://www.2600.com/hacked_pages/ (visited 4 January 2000). This
may also operate in reverse: early in 1999 an organised hacking
incident was apparently directed at a server which hosted the Internet
domain for East Timor, which at the time was seeking its independence
from Indonesia (Creed 1999).
Defence planners around the world are investing substantially in
information warfare-- means of disrupting the information technology
infrastructure of defence systems (Stix 1995). Attempts were made to
-
8/13/2019 Cyber Crime Jagdish Mail
21/29
disrupt the computer systems of the Sri Lankan Government
(Associated Press 1998), and of the North Atlantic Treaty Organization
during the 1999 bombing of Belgrade (BBC 1999). One case, which
illustrates the transnational reach of extortionists, involved a number ofGerman hackers who compromised the system of an Internet service
provider in South Florida, disabling eight of the ISPs ten servers. The
offenders obtained personal information and credit card details of
10,000 subscribers, and, communicating via electronic mail through one
of the compromised accounts, demanded that US$30,000 be delivered
to a mail drop in Germany. Co-operation between US and German
authorities resulted in the arrest of the extortionists (Bauer 1998).
More recently, an extortionist in Eastern Europe obtained the credit
card details of customers of a North American based on-line music
retailer, and published some on the Internet when the retailer refused
to comply with his demands (Markoff 2000).
26.SALES AND INVESTMENT FRAUD
As electronic commerce becomes more prevalent, the application of
digital technology to fraudulent endeavours will be that much greater.
The use of the telephone for fraudulent sales pitches, deceptive
charitable solicitations, or bogus investment overtures is increasingly
common. Cyberspace now abounds with a wide variety of investment
opportunities, from traditional securities such as stocks and bonds, to
more exotic opportunities such as coconut farming, the sale and
leaseback of automatic teller machines, and worldwide telephone
lotteries (Cella and Stark 1997 837-844). Indeed, the digital age has
-
8/13/2019 Cyber Crime Jagdish Mail
22/29
been accompanied by unprecedented opportunities for
misinformation. Fraudsters now enjoy direct access to millions of
prospective victims around the world, instantaneously and at minimal
cost.
Classic pyramid schemes and "Exciting, Low-Risk Investment
Opportunities" are not uncommon. The technology of the World Wide
Web is ideally suited to investment solicitations. In the words of two
SEC staff "At very little cost, and from the privacy of a basement office
or living room, the fraudster can produce a home page that looks betterand more sophisticated than that of a Fortune 500 company" (Cella and
Stark 1997, 822).
27.ILLEGAL INTERCEPTION OF TELECOMMUNICATIONS
Developments in telecommunications provide new opportunities forelectronic eavesdropping. From activities as time-honoured as
surveillance of an unfaithful spouse, to the newest forms of political
and industrial espionage, telecommunications interception has
increasing applications. Here again, technological developments create
new vulnerabilities. The electromagnetic signals emitted by a computer
may themselves be intercepted. Cables may act as broadcast antennas.
Existing law does not prevent the remote monitoring of computer
radiation.
-
8/13/2019 Cyber Crime Jagdish Mail
23/29
It has been reported that the notorious American hacker Kevin Poulsen
was able to gain access to law enforcement and national security
wiretap data prior to his arrest in 1991 (Littman 1997). In 1995, hackers
employed by a criminal organisation attacked the communicationssystem of the Amsterdam Police. The hackers succeeded in gaining
police operational intelligence, and in disrupting police communications
(Rathmell 1997).
28.ELECTRONIC FUNDS TRANSFER FRAUD
Electronic funds transfer systems have begun to proliferate, and so has
the risk that such transactions may be intercepted and diverted. Valid
credit card numbers can be intercepted electronically, as well as
physically; the digital information stored on a card can be
counterfeited.
Of course, we don't need Willie Sutton to remind us that banks are
where they keep the money. In 1994, a Russian hacker Vladimir Levin,
operating from St Petersburg, accessed the computers of Citibank's
central wire transfer department, and transferred funds from large
corporate accounts to other accounts which had been opened by his
accomplices in The United States, the Netherlands, Finland, Germany,
and Israel. Officials from one of the corporate victims, located in
Argentina, notified the bank, and the suspect accounts, located in San
Francisco, were frozen. The accomplice was arrested. Another
accomplice was caught attempting to withdraw funds from an account
in Rotterdam. Although Russian law precluded Levin's extradition, he
-
8/13/2019 Cyber Crime Jagdish Mail
24/29
was arrested during a visit to the United States and subsequently
imprisoned. (Denning 1999, 55).
The above forms of computer-related crime are not necessarily
mutually exclusive, and need not occur in isolation. Just as an armed
robber might steal an automobile to facilitate a quick getaway, so too
can one steal telecommunications services and use them for purposes
of vandalism, fraud, or in furtherance of a criminal conspiracy.1
Computer-related crime may be compound in nature, combining two or
more of the generic forms outlined above.
-
8/13/2019 Cyber Crime Jagdish Mail
25/29
6. PREVENTION
6.1 PREVENTIVE STEPS FOR INDIVIDUALS
6.1.1. CHILDREN:
Children should not give out identifying information such as Name,
Home address, School Name or Telephone Number in a chat room.
They should not give photographs to anyone on the Net without first
checking or informing parents guardians. They should not respond to
messages, which are suggestive, obscene, belligerent or threatening,
and not to arrange a face-toface meeting without telling parents or
guardians. They should remember that people online might not be who
they seem.
6.1.2 PARENTS:
Parent should use content filtering software on PC to protect children
from pornography, gambling, hate speech, drugs and alcohol.
There is also software to establish time controls for use of limpets (for
example blocking usage after a particulars time) and allowing parents
to see which site item children have visited. Use this software to keep
track of the type of activities of children.
6.1.3. GENERAL INFORMATION:
Dont delete harmful communications (emails, chats etc). They will
provide vital information about system and address of the person
behind these.
-
8/13/2019 Cyber Crime Jagdish Mail
26/29
Try not to panic.
If you feel any immediate physical danger contact your local police.
Avoid getting into huge arguments online during chat and discussionswith other users.
Remember that all other Internet users are strangers; you do not know
who you are chatting with. So be careful.
Be extremely careful about how you share personal information about
yourself online.
Choose your chatting nickname carefully so as others.
Be extremely cautious about meeting online introduced person. If
you choose to meet, do so in a public place along with a friend.
If a situation online becomes hostile, log off and if a situation places
you in fear, contact local police.
Save all communications for evidence. Do not edit it in any way. Also,
keep a record of your contacts and inform Law Enforcement Officials.
6.2 PREVENTIVE STEPS FOR ORGANISATIONS AND GOVERNMENT
6.2.1 PHYSICAL SECURITY: Physical security is most sensitivecomponent, as prevention from cyber crime Computer network should
be protected from the access of unauthorized persons.
6.2.2 ACCESS CONTROL: Access Control system is generally
implemented using firewalls, which provide a centralized point from
-
8/13/2019 Cyber Crime Jagdish Mail
27/29
which to permit or allow access. Firewalls allow only authorized
communications between the internal and external network.
6.2.3 PASSWORD: Proof of identity is an essential component to
identify intruder. The use of passwords in the most common security
for network system including servers, routers and firewalls. Mostly all
the systems are programmed to ask for username and password for
access to computer system. This provides the verification of user.
Password should be charged with regular interval of time and it should
be alpha numeric and should be difficult to judge.
6.2.4 FINDING THE HOLES IN NETWORK: System managers should trackdown the holes before the intruders do. Many networking product
manufactures are not particularly aware with the information about
security holes in their products. So organization should work hard to
discover security holes, bugs and weaknesses and report their findings
as they are confirmed.
6.2.5 USING NETWORK SCANNING PROGRAMS: There is a security
administrations tool called UNIX, which is freely available on Internet.
This utility scans and gathers information about any host on a network,
regardless of which operating system or services the hosts were
running. It checks the known vulnerabilities include bugs, security
weakness, inadequate password protection and so on. There is another
product available called COPS (Computer Oracle and Password System).
It scans for poor passwords, dangerous file permissions, and dates ofkey files compared to dates of CERT security advisories.
6.2.6 USING INTRUSION ALERT PROGRAMS: As it is important to
identify and close existing security holes, you also need to put some
watchdogs into service. There are some intrusion programs, which
-
8/13/2019 Cyber Crime Jagdish Mail
28/29
identify suspicious activity and report so that necessary action is taken.
They need to be operating constantly so that all unusual behaviour on
network is caught immediately.
6.2.7 USING ENCRYPTION: - Encryption is able to transform data into a
form that makes it almost impossible to read it without the right key.
This key is used to allow controlled access to the information to
selected people. The information can be passed on to any one but only
the people with the right key are able to see the information.
Encryption allows sending confidential documents by E-mail or save
confidential information on laptop computers without having to fear
that if someone steals it the data will become public. With the right
encryption/decryption software installed, it will hook up to mail
program and encrypt/decrypt messages automatically without user
interaction.
3.0 DETECTION: Cyber crime is the latest and perhaps the most
specialized and dynamic field in cyber laws. Some of the Cyber Crimes
like network Intrusion are difficult to detect and investigation even
though most of crimes against individual like cyber stalking, cyber
defamation, cyber pornography can be detected and investigated
through following steps:
After receiving such type of mail
(1) Give command to computer to show full header of mail.
(2) In full header find out the IP number and time of delivery of number
and this IP number always different for every mail. From this IP number
we can know who was the Internet service provider for that system
from which the mail had come.
-
8/13/2019 Cyber Crime Jagdish Mail
29/29
(3) To know about Internet Service Provider from IP number take the
service of search engine like nic.com, macffvisualroute. Com,
apnic.com, arin.com.
(4) After opening the website of any of above mentioned search engine,
feed the IP number and after some time name of ISP can be obtained.
(5) After getting the name of ISP we can get the information about the
sender from the ISP by giving them the IP number, date and time of
sender.
(6) ISP will provide the address and phone number of the system, which
was used to send the mail with bad intention.
After Knowing the address and phone number criminal can be
apprehended by using conventional police methods.
-Cyber Crime is Silent Violence- -Be Aware, Play Safe- Prevent Cyber
Crimes!!!