Embed Size (px)
Citation preview
Information Technology Act
Rather Than Giving Information, It gives Rise to Cyber crime.
Information Technology Act It was introduced on 18th December 2000.
The main objective was to enable electronic filing of documents with the Government agencies.
To amend the Indian Penal Code, the Indian Evidence Act, 1872, the Banker's Book Evidence Act, 1891 and the Reserve Bank of India Act, 1934.
The act will not be applicable to a negotiable instruments , a power-of-attorney , and to a trust as defined in the act .
To give emphasis on e-commerce and digital or electronic signature.
Contents
Certifying Authority
Tata Consultancy Services
Certification Practice Statement
Digital Signature
Affixing Digital Signature
Key Pair
Asymmetric Crypto System
Hash Function
Functions of the Act
Legal recognition of electronic records.
Legal recognition of digital signatures.
Use of electronic records and digital signatures in Government and its agencies.
Power to make rules by Central Government in respect of digital signature.
Secure electronic record.
Secure digital signature.
Security procedure
Application Of The Act In Various Sectors.
Financial Agricultural Retail E-commerce Telecommunication Government Defense
How Cyber Crime Works
.
Cyber Crime has become an
profession, people with low technical
skills steal lack’s of money without
leaving their homes, the only time the
criminal leaves the PC is to collect money. Sometimes they do
not even do that know as Hackers .
Types of Cyber Criminals
Coders
Kids
Drops
Mobs
Cyber Crime Activities
HACKING PHISHING
Denial Of Service Attack
SPOOFING
Virus Dissemination CYBER STALKING
Software Piracy CYBER DEFAMATION
PORNOGRAPHY THREATENING
IRC CRIME SALAMI ATTACK
CREDIT CARD FRAUD NET EXTORTION
HACKING
Hacking in simple terms means illegal intrusion into computer system without the permission of the computer owner/user .
DENIAL OF SERVICE ATTACK
This is an Act by the Criminal, who floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide.
VIRUS DISSEMINATION
Malicious software that attaches itself to other software. E.g.
Virus , Worms, Trojan Horse, Time Bomb, Logic Bomb, Rabbit and Bacterium are the malicious software's .
SOFTWARE PIRACY
Theft of software through the illegal copying of genuine programs and distribution of products intended to pass for the original .
Retail revenue losses worldwide is increasing rapidly due to this Crime.
PORNOGRAPHY
•Is the first consistently successful e-commerce product.•Deceptive marketing tactics and mouse trapping technologies encourage customers to access to PORNOGRAPHY sites.•Gives a very negative impact to the society, anybody including minors can log into this sites.•Publishing transmitting any material in the electronic form which is LUSTFUL and DEGRADING is an offence under the provision of SECTION 67 OF IT ACT-2000
PAEDOPHILIES-SLAUGHTER OF INNOCENCEPaedophilies or sexual attraction to
children by an adult is a sickness that does not discriminate by race, class or age.
Open discussion of sexual contents way to lure young victims.
Disguised identities for approaching children.
Ability to build a long term Internet Relation with a potential victim attempting to engage the child in physical contact.
IRC CRIME
Internet Relay Chat servers have chat rooms in which people from anywhere in the world can come together and chat with each other.
Criminals use it for meeting and planning.
Hackers use it for discussing their exploits and sharing techniques
Cyber Stalking –In order to harass a woman her telephone number is given to others as if she wants to befriend males.
CREDIT CARD FRAUD
You simply have to type the credit card number into www page of the vendor for online transaction
If electronic transaction are not secured the credit card numbers can be stolen by the hackers who can misuse this card by impersonating the credit card owner.
PHISHING
It is a technique of pulling out confidential information from the bank/financial institutional account holders by deceptive means.
ACTUAL LOGIN PAGE
DECEPTIVE LOGIN PAGE
SPOOFING
Getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges. So as to obtain access to the other computers on the network.
CYBER STALKING
The Criminal follows the victim by sending emails, entering the chat rooms frequently.
CYBER DEFAMTION
The criminal sends emails containing defamatory matter to all concerned of the victim or post the defamatory matters on a website.
Employee may do this against boss, Ex-girl friend against boyfriend. Divorced wife against Husband.
THREATENING
The criminal sends threatening email or comes in contact in chat rooms with victim.
SALAMI ATTACK
In such crimes criminal makes insignificant changes in such a manner that such changes would go unnoticed.
Criminal makes such program that deducts small amount like Rs 2.50 per month from the account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount.
Types Of Hackers
White Hat Hackers
Is a person who is ethically opposed to the abuse of computer systems. Many such people are employed by computer security companies they are also called sneakers. A white hat hacker is generally less skilled than the Black Hat hacker.
Grey Hat Hackers
Refers to skilled hacker who sometimes acts legally and sometimes ill-legally, they are a hybrid between white and black hat hackers. They usually do not hack for personal gains but during the course may hack due to technological exploits.
Black Hat Hackers
A person who compromises the security of a computer system without the permission from an authorized party. The use of the term CRACKERS is mostly limited as BLACK HAT. A high level of computing skills are referred as Hackers.
The Certifying Authorities
Safes cryptNICIDRBTTCSMtnl Trust lineGNFCE-Mudhra CA
Role of Certifying Authorities
A certificate authority(CA) is an entity that issues Digital Certificates.
CA plays as the third party between the owner of the certificate and the party relying upon the certificate.
CA’s are the characteristic of many PUBLIC KEY INFRASTRUCTURE(PKI) schemes.
NASSCOM ROLE AND OBJECTIVESActs as an advisor to the industry
for the global off shoring market and maintain India’s leadership position.
Advise both established and emerging companies for the further growth.
Trade development, improving talent supply, strengthening local infrastructure and building partnerships.
Development of It workforce and enhanced Cyber security.
ANTI PIRACY ACTIVITY
Extensive media campaign. Implementation of code of conduct.Training and awareness programs
for police and Law Enforcement authorities.
Creation of IPR cells in every states.Nasscom statement on HIB Visa
quota getting Exhausted by FY2008.
Nasscom, Pune Police and Persistent Systems set up India’s fourth Cyber Lab
Different section Under Cyber Crime
Section 65 Source code
Section 66 hacking
Section 67 pornography Section 69 decryption of information
Section 70 protected system
Section 72 breach of confidentiality
Cyber Crime under IPC and Special Law Sending threatening messages by email
Sec 503 IPC Sending Defamatory messages by Email
Sec 499 IPC Forgery of Electronic Records
Sec 463 IPC Bogus Websites Cyber Frauds
Sec 420 IPC Emails Spoofing Sec
463 IPC Online Sale of Drugs NDPS
Act Web Jacking Sec
383 IPPC Online Sale of Arms Arms
Act
CONCLUSION
It is not possible to eliminate cyber crime from the cyber space. It is quite possible to check them.
From the above one can get aware about the cyber crime and try to protect from being scammed.
The Government has mistakenly relied too much upon “self governance” by private sectors and in that zeal kept aside the “welfare State role”.
The Government must also draw a line between “privatization’ and “abdication of duties” as imposed by the Supreme Constitution of India.
There should be a restriction on the web pages which may cause harm to the society.
Every individual should not be given access to the internet without an identification number.
Proper education of e-commerce among masses and improvement in our system.
