Upload
corbytxt
View
18
Download
1
Tags:
Embed Size (px)
Citation preview
Cyber CrimeCyber Crime
SVIMS, Batch 2010-11SVIMS, Batch 2010-11
Group No. 4Group No. 4
Roll No. Members
08 Aswita Shetty
17 Jervis Martis
22 Medha Shambhu
23 Mitesh Uchil
34 Prerna Jeswani
46 Savita Shetty
53 Tejashree Nayak
What is Cyber Space?What is Cyber Space?
• Cyber space is a worldwide network of computers and the equipment Cyber space is a worldwide network of computers and the equipment
that connect them, which by its very design is free and open to the that connect them, which by its very design is free and open to the
public (the Internet).public (the Internet).
• CyberspaceCyberspace is the electronic medium of computer networks, in which is the electronic medium of computer networks, in which
online communication takes place.online communication takes place.
• We’ve become increasingly reliant on the net, and it is being used We’ve become increasingly reliant on the net, and it is being used
right now to transfer everything from friendly emails to right now to transfer everything from friendly emails to
hypersensitive data.hypersensitive data.
What is Cybercrime?What is Cybercrime?
• CybercrimeCybercrime refers to any crime that involves a computer and a refers to any crime that involves a computer and a
network, where the computers may or may not have played an network, where the computers may or may not have played an
instrumental part in the commission of a crime. instrumental part in the commission of a crime.
• Issues surrounding this type of crime have become high-profile, Issues surrounding this type of crime have become high-profile,
particularly those surrounding hacking, copyright infringement, child particularly those surrounding hacking, copyright infringement, child
pornography, child grooming, releasing of viruses, identity theft, pornography, child grooming, releasing of viruses, identity theft,
interception, access and manipulation of non public data and systems. interception, access and manipulation of non public data and systems.
What is Cybercrime?What is Cybercrime?
• Cybercrime encompasses a broad range of potentially illegal Cybercrime encompasses a broad range of potentially illegal
activities. Generally, however, it may be divided into one of two activities. Generally, however, it may be divided into one of two
types of categories:types of categories:
Why learn about CYBER CRIME ?Why learn about CYBER CRIME ?
• Everybody is using COMPUTERS.Everybody is using COMPUTERS.
• From white collar criminals to terrorist organizations and from From white collar criminals to terrorist organizations and from
teenagers to adults.teenagers to adults.
• Conventional crimes like forgery, extortion, kidnapping etc. are Conventional crimes like forgery, extortion, kidnapping etc. are
being committed with the help off computers.being committed with the help off computers.
• New generation is growing up with computers.New generation is growing up with computers.
• MOST IMPORTANT - monetary transactions are moving on to the MOST IMPORTANT - monetary transactions are moving on to the
INTERNETINTERNET
Types of CybercrimesTypes of Cybercrimes
Hacking Hacking
Denial of service attackDenial of service attack
Virus disseminationVirus dissemination
Software piracySoftware piracy
PornographyPornography
IRC crimeIRC crime
Credit card fraudCredit card fraud
Net extortionNet extortion
PhishingPhishing
SpoofingSpoofing
Cyber stalkingCyber stalking
Cyber defamationCyber defamation
ThreateningThreatening
Salami attackSalami attack
SpamSpam
FraudFraud
Obscene or offensive contentObscene or offensive content
Drug traffickingDrug trafficking
Cyber terrorismCyber terrorism
Cyber warfareCyber warfare
Virus/wormsVirus/worms
ForgeryForgery
HackingHacking
• The act of gaining unauthorized access to a computer system or The act of gaining unauthorized access to a computer system or
network and in some cases making unauthorized use of this access. network and in some cases making unauthorized use of this access.
• Hacking is also the act by which other forms of cyber-crime (e.g., Hacking is also the act by which other forms of cyber-crime (e.g.,
fraud, terrorism, etc.) are committed. fraud, terrorism, etc.) are committed.
• Hacking in simple terms means illegal intrusion into a computer Hacking in simple terms means illegal intrusion into a computer
system without the permission of the computer owner/user.system without the permission of the computer owner/user.
Denial of service attackDenial of service attack
• This is an act by the criminal, who floods the bandwidth of the This is an act by the criminal, who floods the bandwidth of the
victim’s network or fills his e-mail box with spam mail depriving him victim’s network or fills his e-mail box with spam mail depriving him
of the services he is entitled to access or provide.of the services he is entitled to access or provide.
• This involves flooding computer resources with more requests than it This involves flooding computer resources with more requests than it
can handle. This causes the resources to crash thereby denying can handle. This causes the resources to crash thereby denying
authorized users the service offered by the resources. authorized users the service offered by the resources.
Virus disseminationVirus dissemination
• Malicious software that attaches itself to other software.Malicious software that attaches itself to other software.
• Eg. - Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and Eg. - Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and
Bacterium are the malicious software’sBacterium are the malicious software’s
Software piracySoftware piracy
• Software piracy is theft of software through the illegal copying of Software piracy is theft of software through the illegal copying of
genuine programs or the counterfeiting and distribution of products genuine programs or the counterfeiting and distribution of products
intended to pass for the original. intended to pass for the original.
• Retail revenue losses worldwide are ever increasing due to this Retail revenue losses worldwide are ever increasing due to this
crime.crime.
• Piracy can be done in various ways such as end user copying, hard Piracy can be done in various ways such as end user copying, hard
disk loading, Counterfeiting, Illegal downloads from the internet etc.disk loading, Counterfeiting, Illegal downloads from the internet etc.
PornographyPornography
• Pornography is the first consistently successful e-commerce product.Pornography is the first consistently successful e-commerce product.
• Pornography has deceptive marketing tactics and mouse trapping Pornography has deceptive marketing tactics and mouse trapping
technologies which encourages customers to access their websites.technologies which encourages customers to access their websites.
• Anybody including children can log on to the internet and access Anybody including children can log on to the internet and access
websites with pornographic contents with a click of a mouse.websites with pornographic contents with a click of a mouse.
• Publishing, transmitting any material in electronic form which is Publishing, transmitting any material in electronic form which is
lascivious or appeals to the prurient interest is an offence under the lascivious or appeals to the prurient interest is an offence under the
provisions of section 67 of I.T. Act -2000.provisions of section 67 of I.T. Act -2000.
IRC crimesIRC crimes
• Internet Relay Chat (IRC) servers have chat rooms in which people Internet Relay Chat (IRC) servers have chat rooms in which people
from anywhere the world can come together and chat with each other from anywhere the world can come together and chat with each other
Criminals use it for meeting co-conspirators. Criminals use it for meeting co-conspirators.
• Hackers use it for discussing their exploits / sharing the technique.Hackers use it for discussing their exploits / sharing the technique.
Paedophiles use chat rooms to allure small children.Paedophiles use chat rooms to allure small children.
Credit card fraudCredit card fraud
• Credit card fraudCredit card fraud is a wide-ranging term for theft and fraud is a wide-ranging term for theft and fraud
committed using a credit card or any similar payment mechanism as committed using a credit card or any similar payment mechanism as
a fraudulent source of funds in a transaction. a fraudulent source of funds in a transaction.
• If electronic transactions are not secured the credit card numbers can If electronic transactions are not secured the credit card numbers can
be stolen by the hackers who can misuse this card by impersonating be stolen by the hackers who can misuse this card by impersonating
the credit card owner.the credit card owner.
Net extortionNet extortion
• Copying the company’s confidential data in order to extort said Copying the company’s confidential data in order to extort said
company for huge amount.company for huge amount.
PhishingPhishing
• In computing, phishing is the criminally fraudulent process of In computing, phishing is the criminally fraudulent process of
attempting to acquire sensitive information such as usernames, attempting to acquire sensitive information such as usernames,
password and credit card details, by masquerading as a trustworthy password and credit card details, by masquerading as a trustworthy
entity in an electronic communication.entity in an electronic communication.
SpoofingSpoofing
• The process of deception by which an individual or system alters its The process of deception by which an individual or system alters its
identity or creates additional identities, thereby causing another identity or creates additional identities, thereby causing another
person or system to act incorrectly.person or system to act incorrectly.
• Getting one computer on a network to pretend to have the identity of Getting one computer on a network to pretend to have the identity of
another computer, usually one with special access privileges, so as to another computer, usually one with special access privileges, so as to
obtain access to the other computers on the network.obtain access to the other computers on the network.
Cyber stalkingCyber stalking
• Stalking in General terms can be referred to as the repeated acts of Stalking in General terms can be referred to as the repeated acts of
harassment targeting the victim such as following the victim, making harassment targeting the victim such as following the victim, making
harassing phone calls, killing the victims pet, vandalizing victims harassing phone calls, killing the victims pet, vandalizing victims
property, leaving written messages or objects. property, leaving written messages or objects.
• Cyber Stalking can be defined as the repeated acts of harassment or Cyber Stalking can be defined as the repeated acts of harassment or
threatening behaviour of the cyber criminal towards the victim by threatening behaviour of the cyber criminal towards the victim by
using internet services. using internet services.
Cyber defamationCyber defamation
• The Criminal sends emails containing defamatory matters to all The Criminal sends emails containing defamatory matters to all
concerned of the victim or post the defamatory matters on a website. concerned of the victim or post the defamatory matters on a website.
• Eg. - Disgruntled employee may do this against boss, ex-boys friend Eg. - Disgruntled employee may do this against boss, ex-boys friend
against girl, divorced husband against wife etc.against girl, divorced husband against wife etc.
ThreateningThreatening
• The Criminal sends threatening email or comes in contact in chat The Criminal sends threatening email or comes in contact in chat
rooms with victim. rooms with victim.
• Any one disgruntled may do this against boss, friend or official.Any one disgruntled may do this against boss, friend or official.
Salami attackSalami attack
• In such crime criminal makes insignificant changes in such a manner In such crime criminal makes insignificant changes in such a manner
that such changes would go unnoticed. that such changes would go unnoticed.
• Criminal makes such program that deducts small amount like $ 2.50 Criminal makes such program that deducts small amount like $ 2.50
per month from the account of all the customer of the Bank and per month from the account of all the customer of the Bank and
deposit the same in his account. deposit the same in his account.
• In this case no account holder will approach the bank for such small In this case no account holder will approach the bank for such small
amount but criminal gains huge amount.amount but criminal gains huge amount.
SpamSpam
• Spam, or the unsolicited sending of bulk email for commercial Spam, or the unsolicited sending of bulk email for commercial
purposes, is unlawful to varying degrees. purposes, is unlawful to varying degrees.
• As applied to email, specific anti-spam laws are relatively new, As applied to email, specific anti-spam laws are relatively new,
however limits on unsolicited electronic communications have however limits on unsolicited electronic communications have
existed in some forms for some time.existed in some forms for some time.
FraudFraud
• Computer fraud is any dishonest misrepresentation of fact intended Computer fraud is any dishonest misrepresentation of fact intended
to let another to do or refrain from doing something which causes to let another to do or refrain from doing something which causes
loss.loss.
Drug traffickingDrug trafficking
• Drug traffickers are increasingly taking advantage of the Internet to Drug traffickers are increasingly taking advantage of the Internet to
sell their illegal substances through encrypted e-mail and other sell their illegal substances through encrypted e-mail and other
Internet Technology. Internet Technology.
• Some drug traffickers arrange deals at internet cafes, use courier Web Some drug traffickers arrange deals at internet cafes, use courier Web
sites to track illegal packages of pills, and swap recipes for sites to track illegal packages of pills, and swap recipes for
amphetamines in restricted-access chat rooms.amphetamines in restricted-access chat rooms.
Cyber terrorismCyber terrorism
• Cyber terrorism in general, can be defined as an act of terrorism Cyber terrorism in general, can be defined as an act of terrorism
committed through the use of cyberspace or computer resources committed through the use of cyberspace or computer resources
(Parker 1983).(Parker 1983).
• As such, a simple propaganda in the Internet, that there will be bomb As such, a simple propaganda in the Internet, that there will be bomb
attacks during the holidays can be considered cyber terrorism. attacks during the holidays can be considered cyber terrorism.
• As well there are also hacking activities directed towards individuals, As well there are also hacking activities directed towards individuals,
families, organized by groups within networks, tending to cause fear families, organized by groups within networks, tending to cause fear
among people, demonstrate power, collecting information relevant for among people, demonstrate power, collecting information relevant for
ruining peoples' lives, robberies, blackmailing etc.ruining peoples' lives, robberies, blackmailing etc.
Cyber warfareCyber warfare
• The U.S. Department of Defence (DoD) notes that cyberspace has The U.S. Department of Defence (DoD) notes that cyberspace has
emerged as a national-level concern through several recent events of emerged as a national-level concern through several recent events of
geo-strategic significance. geo-strategic significance.
• Among those are included the attack on Estonia's infrastructure in Among those are included the attack on Estonia's infrastructure in
2007, allegedly by Russian hackers. 2007, allegedly by Russian hackers.
• CyberwarfareCyberwarfare has been defined by government security expert has been defined by government security expert
Richard A. Clarke, in his book Richard A. Clarke, in his book Cyber WarCyber War (May 2010), as "actions by a (May 2010), as "actions by a
nation-state to penetrate another nation's computers or networks for nation-state to penetrate another nation's computers or networks for
the purposes of causing damage or disruption."the purposes of causing damage or disruption."
ForgeryForgery
• Counterfeit currency notes, postage and revenue stamps, mark sheets Counterfeit currency notes, postage and revenue stamps, mark sheets
etc., can be forged using sophisticated computers, printers and etc., can be forged using sophisticated computers, printers and
scanners. scanners.
Preventive Measures For IndividualsPreventive Measures For Individuals
• Preventive measures should be adopted by both children as well as Preventive measures should be adopted by both children as well as
parents.parents.
• For instance children should not reveal any kind of identity while For instance children should not reveal any kind of identity while
chatting etc.chatting etc.
• Parents should use content filter software on PC.Parents should use content filter software on PC.
• For any individual, he/she should share any personal information For any individual, he/she should share any personal information
online to whomsoever it might be.online to whomsoever it might be.
Preventive measures for Government & other Preventive measures for Government & other organizationsorganizations
• Physical security Physical security
• Access controlAccess control
• Password Password
• Finding the holes in network Finding the holes in network
• Using network scanning programs Using network scanning programs
• Using intrusion alert programsUsing intrusion alert programs
• FirewallsFirewalls
• Frequent password changing Frequent password changing
• Safe surfing Safe surfing
• Frequent virus checksFrequent virus checks
• Email filtersEmail filters
• Using encryptionUsing encryption
Cyber lawCyber law
• India has enacted the first I.T.Act,2000 based on the UNCITRAL India has enacted the first I.T.Act,2000 based on the UNCITRAL
model. model.
• Chapter XI of this Act deals with offence/crimes along with certain Chapter XI of this Act deals with offence/crimes along with certain
other provisions scattered in this Acts.other provisions scattered in this Acts.
Offence Section Under IT ActOffence Section Under IT Act
OFFENCEOFFENCE SECTION
Tampering with computer source documentsTampering with computer source documents Sec.65Sec.65
Hacking with computer systems , Data alterationHacking with computer systems , Data alteration Sec.66Sec.66
Publishing obscene informationPublishing obscene information Sec.67Sec.67
Un- authorized access to protected SystemUn- authorized access to protected System Sec.70Sec.70
Breach of Confidentiality & PrivacyBreach of Confidentiality & Privacy Sec.72Sec.72
Publishing false digital signature certificatesPublishing false digital signature certificates Sec.73Sec.73
Computers Related Crimes Covered Under Computers Related Crimes Covered Under IPC & Special LawsIPC & Special Laws
OFFENCEOFFENCE SECTIONSSECTIONS
Sending threatening messages by e-mailSending threatening messages by e-mail Sec 503 IPCSec 503 IPC
Sending defamatory messages by e-mailSending defamatory messages by e-mail Sec 499 IPCSec 499 IPC
Forgery of electronic recordsForgery of electronic records Sec 463 IPCSec 463 IPC
Bogus websites , cyber fraudsBogus websites , cyber frauds Sec 420 IPCSec 420 IPC
E-mail spoofingE-mail spoofing Sec 463 IPCSec 463 IPC
Web-JackingWeb-Jacking Sec.383 IPCSec.383 IPC
E-mail AbuseE-mail Abuse Sec.500 IPC Sec.500 IPC
Online sale of DrugsOnline sale of Drugs NDPS ActNDPS Act
Cyber security Cyber security
• Cyber security involves protection of sensitive personal and business Cyber security involves protection of sensitive personal and business
information through prevention, detection and response to different information through prevention, detection and response to different
online attack. online attack.
• Cyber security standards are security standards which enable Cyber security standards are security standards which enable
organizations to practice safe security techniques to minimize the organizations to practice safe security techniques to minimize the
number of successful cyber security attacks. number of successful cyber security attacks.
• ISO/IEC 27002ISO/IEC 27002
• BS7799 part I & BS 7799 part IIBS7799 part I & BS 7799 part II
• NIST has also released several publications addressing cyber security.NIST has also released several publications addressing cyber security.
Advantages of cyber securityAdvantages of cyber security
• It defends us from critical attacks.It defends us from critical attacks.
• It helps us browse safe websites.It helps us browse safe websites.
• It defends us from hacks and virus.It defends us from hacks and virus.
• Security developers update their database every week hence new Security developers update their database every week hence new
virus also gets deleted.virus also gets deleted.
• Internet security process all the incoming and outgoing data on our Internet security process all the incoming and outgoing data on our
computercomputer..
Case studiesCase studies
• Pune Citibank emphasis Call Center FraudPune Citibank emphasis Call Center Fraud
• Baazee.com caseBaazee.com case
• Andhra Pradesh Tax CaseAndhra Pradesh Tax Case
ConclusionConclusion
The modern thief can steal more with a computer The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a to do more damage with a keyboard than with a bomb.bomb.
Bibliography & WebliographyBibliography & Webliography
• ‘‘Information Technology for ManagementInformation Technology for Management’ book ’ book
By E Fraim TurbanBy E Fraim Turban
Dorothy LeinerDorothy Leiner
Ephraim McleanEphraim Mclean
James WetherbeJames Wetherbe
• www.cyberlawsindia.netwww.cyberlawsindia.net
• www.iprfirm.comwww.iprfirm.com
• www.cybercellmumbai.comwww.cybercellmumbai.com
• www.cybercrime.planetindia.netwww.cybercrime.planetindia.net
• www.indiacyberlab.inwww.indiacyberlab.in
• www.virtualpune.comwww.virtualpune.com
• www.brighthub.comwww.brighthub.com
• www.cyberlawclinic.orgwww.cyberlawclinic.org
Thank you Thank you