Upload
nitin-kanaujia
View
201
Download
2
Embed Size (px)
Citation preview
CYBER CRIME NOISELESS & CLUELESS THEFT
OFFICIAL WEBSITE OF MAHARASTRA GOVERNMENT HACKED
MUMBAI, 20 September 2007 — Hon. Deputy Chief Minister and Home Minister Mr R.R. Patil confirmed that the Maharashtra government’s official website http://www.maharashtragovernment.in had been hacked.
The website remain closed for the whole day .
As per the sources the first cyber crime ever recorded was In France during 1820 with the principle of Abacus.
COMPUTER CRIME Computer is used to
commit a crime Forgery, threatening email,
assuming someone’s identity, sexual harassment, defamation, spam, phishing,etc.
Computer as a target of a crime Viruses, worms, industrial
espionage, software piracy, hacking.
computer acts as a tool for crime .
Criminals simply devise different ways to undertake standard criminal activities using the new medium such al LAN, PAN, MAN ,WAN often involving the Internet
PC + INTERNET = CYBER CRIME
LEGISLATION
FAR MORE
IMPERATIVE
+ =
PC + INTERNET
MEANWHILE…….
First civilian bulletin board system on-line in Chicago. Some engaged in darker activities.
1984- Hacker groups appear. Legion Of Doom (LOD), Masters of deception (MOD), etc. War started.
1988- Robert Tappan Morris released the first Internet worm.
Robert Tappan – Morris worm
Chris Goggans (LOD) Mark Abene (MOD)
DIFFERENT TYPES OF CYBER CRIMES
Cyber crimes
Hacking Information
TheftE-mail
bombingSalami attacks
Denial of Service attacks
Trojan attacks
Web jacking
HACKING
In simple terms it means illegal intrusion into a computer system without the permission of the computer user.
IN THE NEWS……. 1 out of 5 children received a
sexual solicitation or approach over the Internet in a one-year period of time (www.missingchildren.com)
California warns of massive ID theft – personal data stolen from computers at University of California, Berkeley (Oct 21, 2004 IDG news service)
Microsoft and Cisco announced a new initiative to work together to increase internet security (Oct 18, 2004 www.cnetnews.com)
INFORMATION THEFT
Information theft is a form of stealing another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name.
E-MAIL BOMBING It is characterized by abusers repeatedly sending an
email message to a particular address at a specific victim site.
FIR NO 76/02 PS PARLIAMENT STREET
was recorded by Mrs. SONIA GANDHI .
She received threatening E-MAILS from: [email protected] [email protected]
SALAMI ATTACKS
an aspect of crime known as salami fraud, the salami technique, or simply, a salami attack. Though most often associated with electronic banking and electronic data interchange fraud, the concept can be applied to other scenarios with little relation to computing.
DENIAL OF SERVICE ATTACKSDENIAL OF SERVICE ATTACKS
This is an act by the criminal, who floods the bandwidth of the victims network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide
Frequency Of Incidents Of Cyber Crimes In India
Source: Survey conducted by ASCL
Denial of Service: Section 43
Virus: Section: 66, 43
Data Alteration: Sec. 66
U/A Access: Section 43
Email Abuse: Sec. 67, 500, Other IPC Sections
Data Theft: Sec 66, 65
To talk about a recent example –The home page of the official website of the CID,West Bengal was hacked on 31st October ,2011 by a suspected Anti-Indian Organisation callingitself THE MUSLIM LIBERATON ARMY .
Recognising the seriousness of cyber threats the CIDWest Bengal had developed a cyber crime unit under itsspecial operation group SOG.
CYBER TERRORISM
TOP CYBER CRIME COUNTRIES
IT ACT ,2000 IT ACT ,2000
In May 2000, both the houses of the Indian Parliament passed the Information Technology(IT) Bill. The Bill received the assent of the President in August 2000 and came to be known as the Information Technology Act, 2000.
Cyber laws are contained in the IT Act, 2000.
This Act aims to provide the legal infrastructure for e-commerce in India.
PROVISIONS UNDER IT PROVISIONS UNDER IT ACT,2000 ACT,2000
Offence
Under Relevant Section IT Act
Tampering with Computer source documents Sec.65
Hacking with Computer systems, Data alteration Sec.66
Publishing obscene information Sec.67
Un-authorized access to protected system Sec.70
Breach of Confidentiality and Privacy Sec.72
Publishing false digital signature certificates Sec.73
COMPUTER RELATED CRIMES UNDER IPC AND SPECIAL LAWS
Sending threatening messages by email Sec 503 IPC
Sending defamatory messages by email Sec 499, 500 IPC
Forgery of electronic records Sec 463, 470, 471 IPC
Bogus websites, cyber frauds Sec 420 IPC
Email spoofing Sec 416, 417, 463 IPC
Online sale of Drugs NDPS Act
Web - Jacking Sec. 383 IPC
Online sale of Arms Arms Act
E-MAIL SPOOFING
Pranab Mitra , former executive of Gujarat Ambuja Cement posed as a woman, Rita Basu, and created a fake e-mail ID through which he contacted one V.R. Ninawe an Abu Dhabi businessmen . After long cyber relationship and emotional messages Mitra sent an e-mail that ‘‘she would commit suicide’’ if Ninawe ended the relationship. He also gave him ‘‘another friend Ruchira Sengupta’s’’ e-mail ID which was in fact his second bogus address. When Ninawe mailed at the other ID he was shocked to learn that Mitra had died and police is searching Ninawe. Mitra extorted few lacs Rupees as advocate fees etc. Mitra even sent e-mails as high court and police officials to extort more money. Ninawe finally came down to Mumbai to lodge a police case.
FORGERY
CYBER STALKING
Ritu Kohli (first lady to register the cyber stalking case) is a victim A friend of her husband gave her phone number and name on a chat site for immoral purposes. A computer expert, Kohli was able to trace the culprit. Now, the latter is being tried for "outraging the modesty of a woman", under Section 509 of IPC.
CYBER DEFAMATION
It can be understood as the intentional infringement of another person's right to his good name.
Cyber Defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person's friends. Information posted to a bulletin board can be accessed by anyone.
SMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra: a company’s employee (defendant) started sending defamatory and obscene e-
mails about its Managing Director. The e-mails were anonymous and frequent, and were sent to many of their business associates to tarnish the image and goodwill of the plaintiff company.
PHISHING EXAMPLE
COMMON FORMS OF ONLINE THREATS
Commercial sites (e.g., offensive content ) Domain name monetization (e.g., click-through advertising) Unhappy consumer sites (e.g., xxx-sucks. COM) Sale of Counterfeit Goods in Auction Sites Logo, Text, and Meta Tag Use in Commercial Sites Stopping unauthorized parties from using your
trademarks Managing partners use of logos and trademarks Protecting against “Google bombing”
HOW TO AVOID THIS ?
Do not give your computer password or credit
password to any one. Read the terms of use or End User License
Agreement (EULA) before gaming. If got cheated report immediately to the
authorities. Take immediate concern. Don’t visit unwanted or unprotected sites. Use internet wisely.
5 WAYS TO WIRELESS SECURITY
Use strong encryption - in case they are trying to break it, make it harder for them.
Transmit on a different frequency - this is why we haven’t intercepted the aliens yet.
Turn off WAP when not in use - do you leave your TV on running when you are not at home?
Control the wireless signal - unless you want to power the whole city, there is no need to use signal amplifiers.
Change the default admin password - avoid using
‘password’ as the password.
PROTECTION OF PERSONAL INFO.
Identifying Purposes:- The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
Openness:- An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
Safeguards:- Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
Accountability:- An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance.
Accuracy:- Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
RECOMMENDED CYBER SAFETY TIPS
Use antivirus softwares Change passwords frequently Insert firewalls Adopt regular scanning
against spyware Install software patches Uninstall unnecessary
software Separate user accounts Maintain backup Check security settings Perform IT audits
A Final Word
Treat your password like you treat your toothbrush. Never give it to anyone else to use, and change it every few months.
@9!#)”< (_@#^%@&*
!)$)_@ $)*&
)!@#$* &($)!#
!%@*^%# *^*!@!(
#^&*!^#% !#%$*/%^*$
NITIN KANAUJIA
PRIYA RAJ
PANKAJ JANGIR
PRATEEK SINGAL
SAMEEKSHA SHARMA