Comsat s institute of information technology

Cyber crime

introductionIn 1960s internet was developed for better communication and research. With advancement of technology and expansion ofinternet every area becomes easy to access but it also provides a pathway to commit crimes easily without any effort only sitting on a system.Some human minds of criminal nature use internet as a tool of crime which is now known as cyber crime committed in all countries first cyber crime reported in 1820

WHAT IS CRIME?

Crime is a social and economic phenomenon

“a legal wrong that can be followed by criminal proceedings which may result into punishment.”

definition : Crime is an intentional act of commission or omission in contravention to the law of the land and accordingly punishable when proved in judicial proceeding

CYBER CRIME

The term “cyber crime” was first coined by Barry Collins in 1980’s

“Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime”

A generalized definition of cyber crime may be “ unlawful acts wherein the computer is either a tool or target or both”

REASONS FOR CYBER CRIME:

Capacity to store data in comparatively small space

Easy to access Complex Negligence Loss of evidence Money Fun ego

CYBER CRIMINALS:

The cyber criminals constitute of various groups/ category. The following are the category of cyber criminals:

• Children and adolescents between the age group of 6 – 18 years

• Organised hackers• Professional hackers / crackers• Discontented employees

TYPES OF CRIME

Conventional and new forms of crime White collar crime Organized crime Victimless crime

Types of cyber crime

Hacking Theft of information Packet sniffing spyware Data diddling Virus / worm attacks Logic bombs

Contd.

  Trojan attacks  Internet time thefts Web jacking

Packet Sniffers — Software programs that monitor’s network traffic. Attackers use packet sniffers to capture and analyze data transmitted via a network. Specializedsniffers capture passwords as they cross a networkSpyware gathers information without theusers’ knowledge. Spyware is typically bundled covertlywith another program. The user does not know thatinstalling one also installs the other. Once installed, thespyware monitors user activity on the Internet andtransmits that information in the background to someone else

Virus program or piece of code that spreads from computer to computer without the users’ consent. They usually cause an unexpected and negative event when run by a computer. Viruses contaminate legitimate computerprograms Worms are wholly contained viruses

that travel through networks, automatically duplicate themselves and send themselves to other computers whose addresses are in the host computer.

Viruses are always embedded within another file or program. Worm: self-reproducing program which propagates via the network. Trojan horse: program which purports to do one thing, but secretly does something else; example: free screen saver installs with a backdoor

 Data diddling: This is altering raw data just before a computer processes it and then changing it back after the processing is completed. Denial of Service attack: The computer is flooded with more requests than it can handle which cause it to crash. Distributed Denial of Service (DDOS) attack is a example.

Web jacking: This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the web site of another. Email bombing: It refers to sending large numbers of mail to the victim, which may be an individual or a company by ultimately resulting into crashing.

Hacking Intrusion into computer system without the permission of the computer owner/user.

. Identity Theft • A form of fraud in which a person pretends to be someone else by assuming the other person’s identity • Undertaken to access resources or obtain credit and other benefits in the victim’s name . E-mail spoofing • A technique used by hackers to send mails in which sender’s address and other parts of the email are altered. • This method is used to disguise the actual email address from which phishing and spam messages are sent • Motive: to trick users into providing personal and confidential information

SQL injection The ability to inject SQL commands into the database engine through an existing application

CATEGORIES OF CYBER CRIMES

Internal Computer crimes

Virus worms Trojan horses

Tele communication crimes

Phone breaking

Phone tapping Hacking

Computer Manipulation Crimes

Embezzlements

Frauds

Support of Criminal Enterprises

Data bases to support drug Distribution

Data bases to keep records of client transaction

Money laundering

Hardware and softwareTheft

Software piracy

Theft of computer and microchips

Theft of trade secrets

TYPES OF CYBER CRIME

Classification of cyber crime1. Against

Individuals a. their

person &b. their

property of an individual

 

2. Against Organization

a. Governmentc. Firm, Company,

Group of Individuals 

3. Against Society at large 

AGAINST INDIVIDUALS Harassment via e-mails. Cyber-stalking. Dissemination of obscene material. Defamation. Unauthorized control/access over computers Indecent exposure Email spoofing Cheating & Fraud

AGAINST INIDVIDUAL PROPERTY: Computer vandalism. Transmitting virus. Net trespass Unauthorized control/access over

computers Intellectual Property crimes Internet time thefts

AGAINST ORGANISATION

Cyber terrorism against the government organization.

Distribution of pirated software etc.

CYBER TERRORISM

Scientific war against Governments

CYBER TERRORISM

Cyber terrorism is the convergence of terrorism and cyberspace. It is generally understood to

mean unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.

WITH INCLUSION OF COMPUTER

LTTE AUM

Perpetrator Group/Individual Group/Individual

Place Sri Lanka/London/Australia

Japan/US/WorldwideWorldwide

Tool Threats/Violence/Recruitment/Education/Strategies

Violence/Recruitment/Education/Strategies

Target Government Officials/Recruits

Governments

Motivation Social/Political Change

World Domination

DEFENDING AGAINST CYBER TERRORISM

DETERRENCE CRIMINAL JUSTICE ENHANCED DEFENSE NEGOTIATIONS

AGAINST SOCIETY AT LARGE   Pornography (basically child

pornography) Polluting the youth through

indecent exposure   Trafficking Financial crimes Sale of illegal articles Online gambling Forgery

TOP 20 :

VARIOUS SECTIONS

Section 43

deals with the unauthorised access, unauthorised downloading, virus attacks or any contaminant, causes damage, disruption, denial of access, interference with the service availed by a person

Section 65 deals with ‘tampering with computer source documents’ and provides for imprisonment up to 3 years or fine

Section 66 deals with ‘hacking with computer system’ and provides for imprisonment up to 3 years or fine

section 67 deals with publication of obscene material and provides for imprisonment up to a term of 10 years

PREVENTIONS

.Use antivirus software’s

.Insert firewalls

.uninstall unnecessary software

.maintain backup

.check security settings

.Stay anonymous –

.choose a genderless screen name

.Never give your full name or address to strangers..

PREVENTION OF CYBER CRIME To prevent cyber stalking avoid disclosing any

information pertaining to oneself. This is as good as disclosing your identity to strangers in public place.

Always avoid sending any photograph online particularly to strangers and chat friends as there have been incidents of misuse of the photographs.

Always use latest and up date anti virus software to guard against virus attacks.

Always keep back up volumes so that one may not suffer data loss in case of virus contamination

Never send your credit card number to any site that is not secured, to guard against frauds.

CONTD. Always keep a watch on the sites that your

children are accessing to prevent any kind of harassment or depravation in children.

Web site owners should watch traffic and check any irregularity on the site. Putting host-based intrusion detection devices on servers may do this

Web servers running public sites must be physically separate protected from internal corporate network.

CONCLUSION History is the witness that no legislation has

succeeded in totally eliminating crime from the globe. The only possible step is to make people aware of

their rights and duties (to report crime as a collective duty towards the society) and further making the application of the laws more stringent to check crime.

Undoubtedly the IT Act is a historical step in the cyber world. Further I all together do not deny that there is a need to bring changes in the Information Technology Act to make it more effective to combat cyber crime.