Cyber CrimeCyber Crime

SVIMS, Batch 2010-11SVIMS, Batch 2010-11

Group No. 4Group No. 4

Roll No. Members

08 Aswita Shetty

17 Jervis Martis

22 Medha Shambhu

23 Mitesh Uchil

34 Prerna Jeswani

46 Savita Shetty

53 Tejashree Nayak

What is Cyber Space?What is Cyber Space?

• Cyber space is a worldwide network of computers and the equipment Cyber space is a worldwide network of computers and the equipment

that connect them, which by its very design is free and open to the that connect them, which by its very design is free and open to the

public (the Internet).public (the Internet).

• CyberspaceCyberspace is the electronic medium of computer networks, in which is the electronic medium of computer networks, in which

online communication takes place.online communication takes place.

• We’ve become increasingly reliant on the net, and it is being used We’ve become increasingly reliant on the net, and it is being used

right now to transfer everything from friendly emails to right now to transfer everything from friendly emails to

hypersensitive data.hypersensitive data.

What is Cybercrime?What is Cybercrime?

• CybercrimeCybercrime refers to any crime that involves a computer and a refers to any crime that involves a computer and a

network, where the computers may or may not have played an network, where the computers may or may not have played an

instrumental part in the commission of a crime. instrumental part in the commission of a crime.

• Issues surrounding this type of crime have become high-profile, Issues surrounding this type of crime have become high-profile,

particularly those surrounding hacking, copyright infringement, child particularly those surrounding hacking, copyright infringement, child

pornography, child grooming, releasing of viruses, identity theft, pornography, child grooming, releasing of viruses, identity theft,

interception, access and manipulation of non public data and systems. interception, access and manipulation of non public data and systems.

What is Cybercrime?What is Cybercrime?

• Cybercrime encompasses a broad range of potentially illegal Cybercrime encompasses a broad range of potentially illegal

activities. Generally, however, it may be divided into one of two activities. Generally, however, it may be divided into one of two

types of categories:types of categories:

Why learn about CYBER CRIME ?Why learn about CYBER CRIME ?

• Everybody is using COMPUTERS.Everybody is using COMPUTERS.

• From white collar criminals to terrorist organizations and from From white collar criminals to terrorist organizations and from

teenagers to adults.teenagers to adults.

• Conventional crimes like forgery, extortion, kidnapping etc. are Conventional crimes like forgery, extortion, kidnapping etc. are

being committed with the help off computers.being committed with the help off computers.

• New generation is growing up with computers.New generation is growing up with computers.

• MOST IMPORTANT - monetary transactions are moving on to the MOST IMPORTANT - monetary transactions are moving on to the

INTERNETINTERNET

Types of CybercrimesTypes of Cybercrimes

Hacking Hacking

Denial of service attackDenial of service attack

Virus disseminationVirus dissemination

Software piracySoftware piracy

PornographyPornography

IRC crimeIRC crime

Credit card fraudCredit card fraud

Net extortionNet extortion

PhishingPhishing

SpoofingSpoofing

Cyber stalkingCyber stalking

Cyber defamationCyber defamation

ThreateningThreatening

Salami attackSalami attack

SpamSpam

FraudFraud

Obscene or offensive contentObscene or offensive content

Drug traffickingDrug trafficking

Cyber terrorismCyber terrorism

Cyber warfareCyber warfare

Virus/wormsVirus/worms

ForgeryForgery

HackingHacking

• The act of gaining unauthorized access to a computer system or The act of gaining unauthorized access to a computer system or

network and in some cases making unauthorized use of this access. network and in some cases making unauthorized use of this access.

• Hacking is also the act by which other forms of cyber-crime (e.g., Hacking is also the act by which other forms of cyber-crime (e.g.,

fraud, terrorism, etc.) are committed. fraud, terrorism, etc.) are committed.

• Hacking in simple terms means illegal intrusion into a computer Hacking in simple terms means illegal intrusion into a computer

system without the permission of the computer owner/user.system without the permission of the computer owner/user.

Denial of service attackDenial of service attack

• This is an act by the criminal, who floods the bandwidth of the This is an act by the criminal, who floods the bandwidth of the

victim’s network or fills his e-mail box with spam mail depriving him victim’s network or fills his e-mail box with spam mail depriving him

of the services he is entitled to access or provide.of the services he is entitled to access or provide.

• This involves flooding computer resources with more requests than it This involves flooding computer resources with more requests than it

can handle. This causes the resources to crash thereby denying can handle. This causes the resources to crash thereby denying

authorized users the service offered by the resources. authorized users the service offered by the resources.

Virus disseminationVirus dissemination

• Malicious software that attaches itself to other software.Malicious software that attaches itself to other software.

• Eg. - Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and Eg. - Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and

Bacterium are the malicious software’sBacterium are the malicious software’s

  

Software piracySoftware piracy

• Software piracy is theft of software through the illegal copying of Software piracy is theft of software through the illegal copying of

genuine programs or the counterfeiting and distribution of products genuine programs or the counterfeiting and distribution of products

intended to pass for the original. intended to pass for the original.

• Retail revenue losses worldwide are ever increasing due to this Retail revenue losses worldwide are ever increasing due to this

crime.crime.

• Piracy can be done in various ways such as end user copying, hard Piracy can be done in various ways such as end user copying, hard

disk loading, Counterfeiting, Illegal downloads from the internet etc.disk loading, Counterfeiting, Illegal downloads from the internet etc.

PornographyPornography

• Pornography is the first consistently successful e-commerce product.Pornography is the first consistently successful e-commerce product.

• Pornography has deceptive marketing tactics and mouse trapping Pornography has deceptive marketing tactics and mouse trapping

technologies which encourages customers to access their websites.technologies which encourages customers to access their websites.

• Anybody including children can log on to the internet and access Anybody including children can log on to the internet and access

websites with pornographic contents with a click of a mouse.websites with pornographic contents with a click of a mouse.

• Publishing, transmitting any material in electronic form which is Publishing, transmitting any material in electronic form which is

lascivious or appeals to the prurient interest is an offence under the lascivious or appeals to the prurient interest is an offence under the

provisions of section 67 of I.T. Act -2000.provisions of section 67 of I.T. Act -2000.

IRC crimesIRC crimes

• Internet Relay Chat (IRC) servers have chat rooms in which people Internet Relay Chat (IRC) servers have chat rooms in which people

from anywhere the world can come together and chat with each other from anywhere the world can come together and chat with each other

Criminals use it for meeting co-conspirators. Criminals use it for meeting co-conspirators.

• Hackers use it for discussing their exploits / sharing the technique.Hackers use it for discussing their exploits / sharing the technique.

Paedophiles use chat rooms to allure small children.Paedophiles use chat rooms to allure small children.

Credit card fraudCredit card fraud

• Credit card fraudCredit card fraud is a wide-ranging term for theft and fraud is a wide-ranging term for theft and fraud

committed using a credit card or any similar payment mechanism as committed using a credit card or any similar payment mechanism as

a fraudulent source of funds in a transaction. a fraudulent source of funds in a transaction.

• If electronic transactions are not secured the credit card numbers can If electronic transactions are not secured the credit card numbers can

be stolen by the hackers who can misuse this card by impersonating be stolen by the hackers who can misuse this card by impersonating

the credit card owner.the credit card owner.

Net extortionNet extortion

• Copying the company’s confidential data in order to extort said Copying the company’s confidential data in order to extort said

company for huge amount.company for huge amount.

PhishingPhishing

• In computing, phishing is the criminally fraudulent process of In computing, phishing is the criminally fraudulent process of

attempting to acquire sensitive information such as usernames, attempting to acquire sensitive information such as usernames,

password and credit card details, by masquerading as a trustworthy password and credit card details, by masquerading as a trustworthy

entity in an electronic communication.entity in an electronic communication.

SpoofingSpoofing

• The process of deception by which an individual or system alters its The process of deception by which an individual or system alters its

identity or creates additional identities, thereby causing another identity or creates additional identities, thereby causing another

person or system to act incorrectly.person or system to act incorrectly.

• Getting one computer on a network to pretend to have the identity of Getting one computer on a network to pretend to have the identity of

another computer, usually one with special access privileges, so as to another computer, usually one with special access privileges, so as to

obtain access to the other computers on the network.obtain access to the other computers on the network.

Cyber stalkingCyber stalking

• Stalking in General terms can be referred to as the repeated acts of Stalking in General terms can be referred to as the repeated acts of

harassment targeting the victim such as following the victim, making harassment targeting the victim such as following the victim, making

harassing phone calls, killing the victims pet, vandalizing victims harassing phone calls, killing the victims pet, vandalizing victims

property, leaving written messages or objects. property, leaving written messages or objects.

• Cyber Stalking can be defined as the repeated acts of harassment or Cyber Stalking can be defined as the repeated acts of harassment or

threatening behaviour of the cyber criminal towards the victim by threatening behaviour of the cyber criminal towards the victim by

using internet services. using internet services.

Cyber defamationCyber defamation

• The Criminal sends emails containing defamatory matters to all The Criminal sends emails containing defamatory matters to all

concerned of the victim or post the defamatory matters on a website. concerned of the victim or post the defamatory matters on a website.

• Eg. - Disgruntled employee may do this against boss, ex-boys friend Eg. - Disgruntled employee may do this against boss, ex-boys friend

against girl, divorced husband against wife etc.against girl, divorced husband against wife etc.

ThreateningThreatening

• The Criminal sends threatening email or comes in contact in chat The Criminal sends threatening email or comes in contact in chat

rooms with victim. rooms with victim.

• Any one disgruntled may do this against boss, friend or official.Any one disgruntled may do this against boss, friend or official.

Salami attackSalami attack

• In such crime criminal makes insignificant changes in such a manner In such crime criminal makes insignificant changes in such a manner

that such changes would go unnoticed. that such changes would go unnoticed.

• Criminal makes such program that deducts small amount like $ 2.50 Criminal makes such program that deducts small amount like $ 2.50

per month from the account of all the customer of the Bank and per month from the account of all the customer of the Bank and

deposit the same in his account. deposit the same in his account.

• In this case no account holder will approach the bank for such small In this case no account holder will approach the bank for such small

amount but criminal gains huge amount.amount but criminal gains huge amount.

SpamSpam

• Spam, or the unsolicited sending of bulk email for commercial Spam, or the unsolicited sending of bulk email for commercial

purposes, is unlawful to varying degrees. purposes, is unlawful to varying degrees.

• As applied to email, specific anti-spam laws are relatively new, As applied to email, specific anti-spam laws are relatively new,

however limits on unsolicited electronic communications have however limits on unsolicited electronic communications have

existed in some forms for some time.existed in some forms for some time.

FraudFraud

• Computer fraud is any dishonest misrepresentation of fact intended Computer fraud is any dishonest misrepresentation of fact intended

to let another to do or refrain from doing something which causes to let another to do or refrain from doing something which causes

loss.loss.

Drug traffickingDrug trafficking

• Drug traffickers are increasingly taking advantage of the Internet to Drug traffickers are increasingly taking advantage of the Internet to

sell their illegal substances through encrypted e-mail and other sell their illegal substances through encrypted e-mail and other

Internet Technology. Internet Technology.

• Some drug traffickers arrange deals at internet cafes, use courier Web Some drug traffickers arrange deals at internet cafes, use courier Web

sites to track illegal packages of pills, and swap recipes for sites to track illegal packages of pills, and swap recipes for

amphetamines in restricted-access chat rooms.amphetamines in restricted-access chat rooms.

Cyber terrorismCyber terrorism

• Cyber terrorism in general, can be defined as an act of terrorism Cyber terrorism in general, can be defined as an act of terrorism

committed through the use of cyberspace or computer resources committed through the use of cyberspace or computer resources

(Parker 1983).(Parker 1983).

• As such, a simple propaganda in the Internet, that there will be bomb As such, a simple propaganda in the Internet, that there will be bomb

attacks during the holidays can be considered cyber terrorism. attacks during the holidays can be considered cyber terrorism.

• As well there are also hacking activities directed towards individuals, As well there are also hacking activities directed towards individuals,

families, organized by groups within networks, tending to cause fear families, organized by groups within networks, tending to cause fear

among people, demonstrate power, collecting information relevant for among people, demonstrate power, collecting information relevant for

ruining peoples' lives, robberies, blackmailing etc.ruining peoples' lives, robberies, blackmailing etc.

Cyber warfareCyber warfare

• The U.S. Department of Defence (DoD) notes that cyberspace has The U.S. Department of Defence (DoD) notes that cyberspace has

emerged as a national-level concern through several recent events of emerged as a national-level concern through several recent events of

geo-strategic significance. geo-strategic significance.

• Among those are included the attack on Estonia's infrastructure in Among those are included the attack on Estonia's infrastructure in

2007, allegedly by Russian hackers. 2007, allegedly by Russian hackers.

• CyberwarfareCyberwarfare has been defined by government security expert has been defined by government security expert

Richard A. Clarke, in his book Richard A. Clarke, in his book Cyber WarCyber War (May 2010), as "actions by a (May 2010), as "actions by a

nation-state to penetrate another nation's computers or networks for nation-state to penetrate another nation's computers or networks for

the purposes of causing damage or disruption."the purposes of causing damage or disruption."

ForgeryForgery

• Counterfeit currency notes, postage and revenue stamps, mark sheets Counterfeit currency notes, postage and revenue stamps, mark sheets

etc., can be forged using sophisticated computers, printers and etc., can be forged using sophisticated computers, printers and

scanners. scanners.

Preventive Measures For IndividualsPreventive Measures For Individuals

• Preventive measures should be adopted by both children as well as Preventive measures should be adopted by both children as well as

parents.parents.

• For instance children should not reveal any kind of identity while For instance children should not reveal any kind of identity while

chatting etc.chatting etc.

• Parents should use content filter software on PC.Parents should use content filter software on PC.

• For any individual, he/she should share any personal information For any individual, he/she should share any personal information

online to whomsoever it might be.online to whomsoever it might be.

Preventive measures for Government & other Preventive measures for Government & other organizationsorganizations

• Physical security Physical security 

• Access controlAccess control

• Password Password 

• Finding the holes in network Finding the holes in network 

• Using network scanning programs Using network scanning programs 

• Using intrusion alert programsUsing intrusion alert programs  

• FirewallsFirewalls

• Frequent password changing Frequent password changing 

• Safe surfing Safe surfing 

• Frequent virus checksFrequent virus checks

• Email filtersEmail filters

• Using encryptionUsing encryption

Cyber lawCyber law

• India has enacted the first I.T.Act,2000 based on the UNCITRAL India has enacted the first I.T.Act,2000 based on the UNCITRAL

model. model.

• Chapter XI of this Act deals with offence/crimes along with certain Chapter XI of this Act deals with offence/crimes along with certain

other provisions scattered in this Acts.other provisions scattered in this Acts.

Offence Section Under IT ActOffence Section Under IT Act

OFFENCEOFFENCE SECTION

Tampering with computer source documentsTampering with computer source documents Sec.65Sec.65

Hacking with computer systems , Data alterationHacking with computer systems , Data alteration Sec.66Sec.66

Publishing obscene informationPublishing obscene information Sec.67Sec.67

Un- authorized access to protected SystemUn- authorized access to protected System Sec.70Sec.70

Breach of Confidentiality & PrivacyBreach of Confidentiality & Privacy Sec.72Sec.72

Publishing false digital signature certificatesPublishing false digital signature certificates Sec.73Sec.73

Computers Related Crimes Covered Under Computers Related Crimes Covered Under IPC & Special LawsIPC & Special Laws

OFFENCEOFFENCE SECTIONSSECTIONS

Sending threatening messages by e-mailSending threatening messages by e-mail Sec 503 IPCSec 503 IPC

Sending defamatory messages by e-mailSending defamatory messages by e-mail Sec 499 IPCSec 499 IPC

Forgery of electronic recordsForgery of electronic records Sec 463 IPCSec 463 IPC

Bogus websites , cyber fraudsBogus websites , cyber frauds Sec 420 IPCSec 420 IPC

E-mail spoofingE-mail spoofing Sec 463 IPCSec 463 IPC

Web-JackingWeb-Jacking Sec.383 IPCSec.383 IPC

E-mail AbuseE-mail Abuse Sec.500 IPC Sec.500 IPC

Online sale of DrugsOnline sale of Drugs NDPS ActNDPS Act

Cyber security Cyber security

• Cyber security involves protection of sensitive personal and business Cyber security involves protection of sensitive personal and business

information through prevention, detection and response to different information through prevention, detection and response to different

online attack. online attack.

• Cyber security standards are security standards which enable Cyber security standards are security standards which enable

organizations to practice safe security techniques to minimize the organizations to practice safe security techniques to minimize the

number of successful cyber security attacks. number of successful cyber security attacks.

• ISO/IEC 27002ISO/IEC 27002

• BS7799 part I & BS 7799 part IIBS7799 part I & BS 7799 part II

• NIST has also released several publications addressing cyber security.NIST has also released several publications addressing cyber security.

Advantages of cyber securityAdvantages of cyber security

• It defends us from critical attacks.It defends us from critical attacks.

• It helps us browse safe websites.It helps us browse safe websites.

• It defends us from hacks and virus.It defends us from hacks and virus.

• Security developers update their database every week hence new Security developers update their database every week hence new

virus also gets deleted.virus also gets deleted.

• Internet security process all the incoming and outgoing data on our Internet security process all the incoming and outgoing data on our

computercomputer..

Case studiesCase studies

• Pune Citibank emphasis Call Center FraudPune Citibank emphasis Call Center Fraud

• Baazee.com caseBaazee.com case

• Andhra Pradesh Tax CaseAndhra Pradesh Tax Case

ConclusionConclusion

The modern thief can steal more with a computer The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be able than with a gun. Tomorrow's terrorist may be able to do more damage with a keyboard than with a to do more damage with a keyboard than with a bomb.bomb.

Bibliography & WebliographyBibliography & Webliography

• ‘‘Information Technology for ManagementInformation Technology for Management’ book ’ book

By E Fraim TurbanBy E Fraim Turban

Dorothy LeinerDorothy Leiner

Ephraim McleanEphraim Mclean

James WetherbeJames Wetherbe

• www.cyberlawsindia.netwww.cyberlawsindia.net

• www.iprfirm.comwww.iprfirm.com

• www.cybercellmumbai.comwww.cybercellmumbai.com

• www.cybercrime.planetindia.netwww.cybercrime.planetindia.net

• www.indiacyberlab.inwww.indiacyberlab.in

• www.virtualpune.comwww.virtualpune.com

• www.brighthub.comwww.brighthub.com

• www.cyberlawclinic.orgwww.cyberlawclinic.org

Thank you Thank you