Upload
vivek-patel
View
219
Download
0
Embed Size (px)
Citation preview
8/10/2019 6- Cyber Crime and IT Act 2000
1/45
Social & Legal Issues
CYBER CRIME
&IT ACT 2000
8/10/2019 6- Cyber Crime and IT Act 2000
2/45
Social & Legal Issues
WHAT IS CYBER CRIME
All crimes performed or resorted to by abuse of electronic
media or otherwise, with the purpose of influencing the
functioning of computer or computer system.
COMPUTER CRIME is any crime where
Computer is a target.
Computer is a tool of crime
Computer is incidental to crime
8/10/2019 6- Cyber Crime and IT Act 2000
3/45
Social & Legal Issues
Who carries out Cyber Crime?
Insiders (employees)
Hackers (cyber-mercenaries)
Criminals (serious & organized crime) Terrorists (sub-state groups)
Corporations (commercial espionage)
Government agencies (counterintelligence)
8/10/2019 6- Cyber Crime and IT Act 2000
4/45
Social & Legal Issues
Motives behind Cyber Crime
There are many motives:
Revenge
Ideology
Competition
Money
Influence
8/10/2019 6- Cyber Crime and IT Act 2000
5/45
Social & Legal Issues
VICTIMS
Children and adolescents between the agegroup of 618 years
Greedy people Unskilled & Inexperienced
Unlucky people
8/10/2019 6- Cyber Crime and IT Act 2000
6/45
Social & Legal Issues
Computer Crimes are Vulnerable
Because of :
Anonymity
Computers storage capacity,
Weakness in Operating System,
Lack off Awareness off user.
8/10/2019 6- Cyber Crime and IT Act 2000
7/45
Social & Legal Issues
Cyber crime is mainly categorized in two ways
The Computer as a Target: using a computer to
attack other computers. e.g. Hacking, Virus/Worm
attacks, DOS attack etc. The Computer as a Weapon: using a computer to
commit real world crimes. e.g. Cyber Terrorism, IPR
violations, Credit card frauds, EFT frauds,
Pornography etc.
8/10/2019 6- Cyber Crime and IT Act 2000
8/45
Social & Legal Issues
Types of Cyber Crime
HACKING
DENIAL OF SERVICE
ATTACK
VIRUSDISSEMINATION
SOFTWARE PIRACY
PORNOGRAPHY
IRC CRIME
FINANCIAL FRAUD
NET EXTORTION
PHISHING
SPOOFING
CYBER STALKING CYBER DEFAMATION
THREATENING
SALAMI ATTACK
8/10/2019 6- Cyber Crime and IT Act 2000
9/45
Social & Legal Issues
1. HACKING
Hacking in simple terms means illegal intrusion into a
computer system without the permission of the computer
owner/user.
Hackers write or use ready-made computer programs to
attack the target computer. They possess the desire to destruct
and they get the kick out of such destruction. Some hackers
hack for personal monetary
8/10/2019 6- Cyber Crime and IT Act 2000
10/45
Social & Legal Issues
2. DENIAL OF SERVICE ATTACK
This is an act by the criminal, who
floods the bandwidth of the victims
network or fills his e-mail box with
spam mail depriving him of theservices he is entitled to access or
provide
8/10/2019 6- Cyber Crime and IT Act 2000
11/45
Social & Legal Issues
3.VIRUS DISSEMINATION
Malicious software that attaches itself to other
software.(virus, worms, Trojan Horse, Time bomb, Logic
Bomb, Rabbit and Bacterium are the malicious
softwares)
8/10/2019 6- Cyber Crime and IT Act 2000
12/45
Social & Legal Issues
VIRUSES
A program that has capability to infect other programsand make copies of itself and spread into otherprograms is called virus.
software that piggybacks on other software andruns when you run something else
Macro in excel, word
Transmitted through sharing programs onbulletin boards
Passing around floppy disks
An .exe, .com file in your email
8/10/2019 6- Cyber Crime and IT Act 2000
13/45
Social & Legal Issues
WORMS
Programs that multiply like viruses but spread from computer
to computer are called as worms.
Software that uses computer networks to find security holes
to get in to your computerusually in Microsoft OS. But
worm for MAC was recently written.
8/10/2019 6- Cyber Crime and IT Act 2000
14/45
Social & Legal Issues
4.SOFTWARE PIRACY
Theft of software through the illegal copying ofgenuine programs or the counterfeiting and
distribution of products intended to pass for the
original.
Retail revenue losses worldwide are ever
increasing due to this crime
Can be done in various ways-
End user copying, Hard disk loading, Counterfeiting,
Illegal downloads from the internet etc.
8/10/2019 6- Cyber Crime and IT Act 2000
15/45
Social & Legal Issues
5. PORNOGRAPHY
Pornography is the first consistently successful e-commerce product.
Deceptive marketing tactics and mouse trapping
technologies Pornography encourage customers toaccess their websites.
8/10/2019 6- Cyber Crime and IT Act 2000
16/45
Social & Legal Issues
6.IRC CRIME
Internet Relay Chat (IRC) servers have chat rooms inwhich people from anywhere the world can cometogether and chat with each other
Criminals use it for meeting coconspirators.
Hackers use it for discussing their exploits / sharing thetechniques.
Pedophiles use chat rooms to allure small children.
Cyber Stalking - In order to harass a woman hertelephone number is given to others as if she wants to
befriend males.
8/10/2019 6- Cyber Crime and IT Act 2000
17/45
Social & Legal Issues
7. FINANCIAL FRAUD
You simply have to type credit card number into
www page off the vendor for online transaction
If electronic transactions are not secured
the credit card numbers can be stolen by
the hackers who can misuse this card by
impersonating the credit card owner
l l
8/10/2019 6- Cyber Crime and IT Act 2000
18/45
Social & Legal Issues
8. NET EXTORTION
Copying the companys confidential data in order toextort said company for huge amount.
l l
8/10/2019 6- Cyber Crime and IT Act 2000
19/45
Social & Legal Issues
9. PHISHING
It is technique of pulling out confidential information
from the bank / financial institutional account holders
by deceptive means.
l L l
8/10/2019 6- Cyber Crime and IT Act 2000
20/45
Social & Legal Issues
10. SPOOFING
Getting one computer on a network to pretend to
have the identity off another computer, usually one
with special access privileges, so as to obtain access
to the other computers on the network.
S i l & L l I
8/10/2019 6- Cyber Crime and IT Act 2000
21/45
Social & Legal Issues
11.CYBER STALKING
The Criminal follows the victim by sending emails,
entering the chat rooms frequently.
S i l & L l I
8/10/2019 6- Cyber Crime and IT Act 2000
22/45
Social & Legal Issues
12. CYBER DEFAMATION
The Criminal sends emails containingdefamatory matters to all concerned off the
victim or post the defamatory matters on a
website.
(disgruntled employee may do this against
boss, ex-boyfriends against girl, divorced
husband against wife, etc.)
S i l & L l I
8/10/2019 6- Cyber Crime and IT Act 2000
23/45
Social & Legal Issues
13. THREATENING
The Criminal sends threatening email
or comes in contact in chat rooms with victim.(Any one disgruntled may do this against boss, friend
or official)
S i l & L l I
8/10/2019 6- Cyber Crime and IT Act 2000
24/45
Social & Legal Issues
14. SALAMI ATTACK
In such crime criminal makes insignificantchanges in a system in such a manner thatsuch changes would go unnoticed.
For example, criminal makes such programthat deducts small amount like Rs. 2.50 permonth from the account of all the customerof the Bank and deposit the same in hisaccount. In this case no account holder will
approach the bank for such small amount butcriminal gains huge amount.
S i l & L l I
8/10/2019 6- Cyber Crime and IT Act 2000
25/45
Social & Legal Issues
15. SALE OF NARCOTICS
Sale & Purchase through net.
There are web site which offer sale and shipment off
contrabands drugs.
They may use the techniques off stenography for hidingthe messages.
So i l & L g l Iss s
8/10/2019 6- Cyber Crime and IT Act 2000
26/45
Social & Legal Issues
How to protect your computer
Use anti-virus software and firewalls - keep them up to date
Keep your operating system up to date with critical securityupdates and patches
Don't open emails or attachments from unknown sources Use hard-to-guess passwords. Dont use words found in a
dictionary. Remember that password cracking tools exist
Back-up your computer data on disks or CDs often
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
27/45
Social & Legal Issues
How to protect your computer
Don't share access to your computers with strangers
If you have a wi-fi network, password protect it
Disconnect from the Internet when not in use
Re-evaluate your security on a regular basis
Make sure your employees and family members know thisinformation too
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
28/45
Social & Legal Issues
How to prevent Cyber crime
Technical prevention Network administrator
Tasks
Role in the company organisation chart
Personal data and privacy
Update OS
Antivirus protection
Anti-spam and Trojan protection Home banking and Internet banking
Good legal policies
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
29/45
Social & Legal Issues
How to prevent Cyber crime
Using the computer at workplace between efficiency and
privacy
- Include the Policy on how to use Internet at workplace as a
part of the labour contract- Training the employees on usage of Internet and software
- Training the employees on how they should treat confidential
information and the essential passwords
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
30/45
Social & Legal Issues
International initiatives
Representatives from the 26 Council of Europe members, theUnited States, Canada, Japan and South Africa in 2001 signed aconvention on cyber crime in efforts to enhance internationalcooperation in combating computer-based crimes.
The Convention on Cyber crime, drawn up by experts of theCouncil of Europe, is designed to coordinate these countries'policies and laws on penalties on crimes in cyberspace, definethe formula guaranteeing the efficient operation of the criminaland judicial authorities, and establish an efficient mechanismfor international cooperation.
In 1997, The G-8 Ministers agreed to ten "Principles to CombatHigh-Tech Crime" and an "Action Plan to Combat High-TechCrime."
8/10/2019 6- Cyber Crime and IT Act 2000
31/45
8/10/2019 6- Cyber Crime and IT Act 2000
32/45
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
33/45
Social & Legal Issues
IT ACT 2000
Information technology Act 2000 consisted of 94 sections
segregated into 13 chapters. Four schedules form part of the
Act.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
34/45
Social & Legal Issues
Information Technology (Amendment) Act 2008
Information Technology (Amendment) Bill 2008 passed by
Indian Parliament in December 2008 notified as the IT(Amendment) Act 2008 has received the assent of thePresident on the 5th Feb, 2009. This Act punishes variouscyber crimes including Cyber Terrorism
These amendments have strengthened the IT Act and alsoaddressed earlier concerns about the act. Also the amendmentsare very concise and better define some of the vaguer terms inthe original version of the act
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
35/45
Social & Legal Issues
WHAT DOES IT 2008 COMPRISE OF
In the 2008 version of the Act, there are 124 sections
(excluding 5 sections that have been omitted from the earlier
version) and 14 chapters. Schedule I and II have been
replaced. Schedules III and IV are deleted.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
36/45
Social & Legal Issues
Civil liabilities, penalties and adjudication
Penalty for damage to computer, computer system etc.(Sec 43):
Any person, who, without the permission of the owner or any other personin-charge of a computer, computer system or computer network
a. accesses or secures access to such computer, computer system or
computer network; b. downloads, copies or extracts any data, computer database or
information from such computer, computer system or computer networkincluding information or data held or stored in any removable storagemedium;
c. introduces or causes to be introduced any computer contaminant orcomputer virus into any computer, computer system or computer network;
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
37/45
Social & Legal Issues
Civil liabilities, penalties and adjudication
d. damages or causes to be damaged any computer, computer system orcomputer network, data, computer database or any other programmesresiding in such computer, computer system or computer network;
e. disrupts or causes disruption of any computer, computer system orcomputer network;
f. denies or causes the denial of access to any person authorised to accessany computer, computer system or computer network;
g. provides any assistance to any person to facilitate access to a computer,computer system or computer network in contravention of the provisionsthis Act, rules or regulations made under thereunder;
h. charges the services availed of by a person to the account of anotherperson by tampering with or manipulating any computer, computer system
or computer network,shall be liable to pay damages by way ofcompensation not exceeding one crore rupees to the person so affected.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
38/45
Social & Legal Issues
Civil liabilities, penalties and adjudication
Penalty for failure to furnish information, return etc.(Sec 44): Any person who is required under the Act, or rules or regulations made
thereunder to
a. furnish any document, return or report to the Controller or the CertifyingAuthority fails to furnish the same, shall be liable to a penalty notexceeding one lakh and fifty thousand rupees for each such failure;
b. file any return or furnish any information, books or other documentswithin the time specified thereof in the regulations fails to file the same intime he shall be liable to a penalty not exceeding five thousand rupees forevery day during which such failure continues;
c. maintain books of account or records fails to maintain the same he shallbe liable to penalty not exceeding ten thousand rupees for everyday during
which the failure continues.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
39/45
Social & Legal Issues
Sections Hacking with computer system (Sec 66): Hacking with computer system is a punishable offence under the Act. It means any
person intentionally or knowingly causes wrongful loss or damage to the public ordestroys or deletes or alters any information residing in the computer resources ordiminishes its value or utility or affects it injuriously by any means, commitshacking.
Such offenses will be punished with three years imprisonment or with fine of twolakh rupees or with both.
Publishing of information which is obscene in electronic form (Sec 67):
Whoever publishes or transmits or causes to be published in the electronic form,any material which is lascivious or appeals to prurient interest or if its effect is suchas to tend to deprave and corrupt persons who are likely, having regard to allrelevant circumstances, to read, see or hear the matter contained or embodied in it
shall be punished on first conviction with imprisonment for a term extending up to5 years and with fine which may extend to one lakh rupees. In case of second andsubsequent conviction imprisonment may extend to ten years and also with finewhich may extend up to two lakh rupees.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
40/45
Social & Legal Issues
Sections
Failure to comply with orders of the controller by a CertifyingAuthority or any employee of such authority (Sec 68):
Failure to comply with orders of the Controller by any Certifying Authorityor by any employees of Certifying Authority is a punishable offence. Such
persons are liable to imprisonment for a term not exceeding three years orto a fine not exceeding two lakh rupees or to both.
Fails to assist any agency of the Government to decrypt theinformation (Sec 69):
If any subscriber or any person-in-charge of the computer fails to assist orto extend any facilities and technical assistance to any Government agencyto decrypt the information on the orders of the Controller in the interest ofthe sovereignty and integrity of India etc. is a punishable offence under the
Act. Such persons are liable for imprisonment for a term, which mayextend to seven years.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
41/45
S c & L g Iss s
Sections
Unauthorized access to a protected system (Sec 70):
Any person who secures access or attempts to secure access toa protected system in contravention of the provisions is
punishable with imprisonment for a term which may extend to
ten years and also liable to fine. Misrepresentation before authorities (Sec 71):
Any person who obtains Digital Signature Certificate bymisrepresentation or suppressing any material fact from theController or Certifying Authority as the case may be punished
with imprisonment for a term which may extend two years orwith fine up to one lakh rupees or with both.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
42/45
S & g ss s
Sections
Breach of confidentiality and privacy (Sec 72): Any person in pursuant of the powers conferred under the act, unauthorisedly
secures access, to any electronic record, books, register, correspondence,information, document or other material without the consent of the personconcerned discloses such materials to any other person shall be punished withimprisonment for a term which may extend to two years, or with fine up to one lakhrupees or with both.
Publishing false particulars in Digital Signature Certificate (Sec 73):
No person can publish a Digital Signature Certificate or otherwise make it availableto any other person with the knowledge that: -
a. the Certifying Authority listed in the certificate has not issued it; or
b. the subscriber listed in the certificate has not accepted it; or
c. the certificate has been revoked or suspended
unless such publication is for the purpose of verifying a digital signature createdprior to such suspension or revocation. Any person who contravenes the provisionsshall be punishable with imprisonment for a term, which may extend to two yearsor with fine up to rupees one lakh or with both.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
43/45
& g
Sections
Publication of Digital Signature Certificate for fraudulent purpose (Sec 74):
Any person knowingly creates, publishes or otherwise makes available a Digital
Signature Certificate for any fraudulent or unlawful purpose shall be punished with
imprisonment for a term which may extend to two years or with fine up to one lakhrupees or with both
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
44/45
g
Limitations
IT Act, 2000 does not mention about domain names and the rights ofdomain names owners.
IT Act, 2000 does not mention about INTELLECTUAL PROPERTYRIGHTS
IT Act, 2000 does not confer any right upon any person to insist that the
document in questions should be accepted in electronic form.
Social & Legal Issues
8/10/2019 6- Cyber Crime and IT Act 2000
45/45
g
Mumbai Cyber lab is a joint initiative of Mumbai police andNASSCOMmore exchange and coordination of this kind
Suggested amendments to the IT Act,2000-new provisions forchild pornography, etc
More Public awareness campaigns
Training of police officers to effectively combat cyber crimes
More Cyber crime police cells set up across the country
Effective E-surveillance
Websites aid in creating awareness and encouraging reporting
of cyber crime cases. Specialized Training of forensic investigators and experts
Active coordination between police and other lawenforcement agencies and authorities is required.