CYBER CRIME NOISELESS & CLUELESS THEFT

OFFICIAL WEBSITE OF MAHARASTRA GOVERNMENT HACKED

MUMBAI, 20 September 2007 — Hon. Deputy Chief Minister and Home Minister Mr R.R. Patil confirmed that the Maharashtra government’s official website http://www.maharashtragovernment.in had been hacked.

The website remain closed for the whole day .

As per the sources the first cyber crime ever recorded was In France during 1820 with the principle of Abacus.

COMPUTER CRIME Computer is used to

commit a crime Forgery, threatening email,

assuming someone’s identity, sexual harassment, defamation, spam, phishing,etc.

Computer as a target of a crime Viruses, worms, industrial

espionage, software piracy, hacking.

computer acts as a tool for crime .

Criminals simply devise different ways to undertake standard criminal activities using the new medium such al LAN, PAN, MAN ,WAN often involving the Internet

PC + INTERNET = CYBER CRIME

LEGISLATION

FAR MORE

IMPERATIVE

+ =

PC + INTERNET

MEANWHILE…….

First civilian bulletin board system on-line in Chicago. Some engaged in darker activities.

1984- Hacker groups appear. Legion Of Doom (LOD), Masters of deception (MOD), etc. War started.

1988- Robert Tappan Morris released the first Internet worm.

Robert Tappan – Morris worm

Chris Goggans (LOD) Mark Abene (MOD)

DIFFERENT TYPES OF CYBER CRIMES

Cyber crimes

Hacking Information

TheftE-mail

bombingSalami attacks

Denial of Service attacks

Trojan attacks

Web jacking

HACKING

In simple terms it means illegal intrusion into a computer system without the permission of the computer user.

IN THE NEWS……. 1 out of 5 children received a

sexual solicitation or approach over the Internet in a one-year period of time (www.missingchildren.com)

California warns of massive ID theft – personal data stolen from computers at University of California, Berkeley (Oct 21, 2004 IDG news service)

Microsoft and Cisco announced a new initiative to work together to increase internet security (Oct 18, 2004 www.cnetnews.com)

INFORMATION THEFT

Information theft is a form of stealing another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name.

E-MAIL BOMBING It is characterized by abusers repeatedly sending an

email message to a particular address at a specific victim site.

FIR NO 76/02 PS PARLIAMENT STREET

was recorded by Mrs. SONIA GANDHI .

She received threatening E-MAILS from: missonrevenge84@khalsa.com missionrevenge84@hotmail.com

SALAMI ATTACKS

an aspect of crime known as salami fraud, the salami technique, or simply, a salami attack. Though most often associated with electronic banking and electronic data interchange fraud, the concept can be applied to other scenarios with little relation to computing.

DENIAL OF SERVICE ATTACKSDENIAL OF SERVICE ATTACKS

This is an act by the criminal, who floods the bandwidth of the victims network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide

Frequency Of Incidents Of Cyber Crimes In India

Source: Survey conducted by ASCL

Denial of Service: Section 43

Virus: Section: 66, 43

Data Alteration: Sec. 66

U/A Access: Section 43

Email Abuse: Sec. 67, 500, Other IPC Sections

Data Theft: Sec 66, 65

To talk about a recent example –The home page of the official website of the CID,West Bengal was hacked on 31st October ,2011 by a suspected Anti-Indian Organisation callingitself THE MUSLIM LIBERATON ARMY .

Recognising the seriousness of cyber threats the CIDWest Bengal had developed a cyber crime unit under itsspecial operation group SOG.

CYBER TERRORISM

TOP CYBER CRIME COUNTRIES

IT ACT ,2000 IT ACT ,2000

In May 2000, both the houses of the Indian Parliament passed the Information Technology(IT) Bill. The Bill received the assent of the President in August 2000 and came to be known as the Information Technology Act, 2000.

Cyber laws are contained in the IT Act, 2000.

This Act aims to provide the legal infrastructure for e-commerce in India.

PROVISIONS UNDER IT PROVISIONS UNDER IT ACT,2000 ACT,2000

Offence

Under Relevant Section IT Act

Tampering with Computer source documents Sec.65

Hacking with Computer systems, Data alteration Sec.66

Publishing obscene information Sec.67

Un-authorized access to protected system Sec.70

Breach of Confidentiality and Privacy Sec.72

Publishing false digital signature certificates Sec.73

COMPUTER RELATED CRIMES UNDER IPC AND SPECIAL LAWS

Sending threatening messages by email Sec 503 IPC

Sending defamatory messages by email Sec 499, 500 IPC

Forgery of electronic records Sec 463, 470, 471 IPC

Bogus websites, cyber frauds Sec 420 IPC

Email spoofing Sec 416, 417, 463 IPC

Online sale of Drugs NDPS Act

Web - Jacking Sec. 383 IPC

Online sale of Arms Arms Act

E-MAIL SPOOFING

Pranab Mitra , former executive of Gujarat Ambuja Cement posed as a woman, Rita Basu, and created a fake e-mail ID through which he contacted one V.R. Ninawe an Abu Dhabi businessmen . After long cyber relationship and emotional messages Mitra sent an e-mail that ‘‘she would commit suicide’’ if Ninawe ended the relationship. He also gave him ‘‘another friend Ruchira Sengupta’s’’ e-mail ID which was in fact his second bogus address. When Ninawe mailed at the other ID he was shocked to learn that Mitra had died and police is searching Ninawe. Mitra extorted few lacs Rupees as advocate fees etc. Mitra even sent e-mails as high court and police officials to extort more money. Ninawe finally came down to Mumbai to lodge a police case.

FORGERY

CYBER STALKING

Ritu Kohli (first lady to register the cyber stalking case) is a victim A friend of her husband gave her phone number and name on a chat site for immoral purposes. A computer expert, Kohli was able to trace the culprit. Now, the latter is being tried for "outraging the modesty of a woman", under Section 509 of IPC.

CYBER DEFAMATION

It can be understood as the intentional infringement of another person's right to his good name.

Cyber Defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person's friends. Information posted to a bulletin board can be accessed by anyone.

SMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra: a company’s employee (defendant) started sending defamatory and obscene e-

mails about its Managing Director. The e-mails were anonymous and frequent, and were sent to many of their business associates to tarnish the image and goodwill of the plaintiff company.

PHISHING EXAMPLE

COMMON FORMS OF ONLINE THREATS

Commercial sites (e.g., offensive content ) Domain name monetization (e.g., click-through advertising) Unhappy consumer sites (e.g., xxx-sucks. COM) Sale of Counterfeit Goods in Auction Sites Logo, Text, and Meta Tag Use in Commercial Sites Stopping unauthorized parties from using your

trademarks Managing partners use of logos and trademarks Protecting against “Google bombing”

HOW TO AVOID THIS ?

Do not give your computer password or credit

password to any one. Read the terms of use or End User License

Agreement (EULA) before gaming. If got cheated report immediately to the

authorities. Take immediate concern. Don’t visit unwanted or unprotected sites. Use internet wisely.

5 WAYS TO WIRELESS SECURITY

Use strong encryption - in case they are trying to break it, make it harder for them.

Transmit on a different frequency - this is why we haven’t intercepted the aliens yet.

Turn off WAP when not in use - do you leave your TV on running when you are not at home?

Control the wireless signal - unless you want to power the whole city, there is no need to use signal amplifiers.

Change the default admin password - avoid using

‘password’ as the password.

PROTECTION OF PERSONAL INFO.

Identifying Purposes:- The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.

Openness:- An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.

Safeguards:- Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.

Accountability:- An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance.

Accuracy:- Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.

RECOMMENDED CYBER SAFETY TIPS

Use antivirus softwares Change passwords frequently Insert firewalls Adopt regular scanning

against spyware Install software patches Uninstall unnecessary

software Separate user accounts Maintain backup Check security settings Perform IT audits

A Final Word

Treat your password like you treat your toothbrush. Never give it to anyone else to use, and change it every few months.

@9!#)”< (_@#^%@&*

!)$)_@ $)*&

)!@#$* &($)!#

!%@*^%# *^*!@!(

#^&*!^#% !#%$*/%^*$

NITIN KANAUJIA

PRIYA RAJ

PANKAJ JANGIR

PRATEEK SINGAL

SAMEEKSHA SHARMA