As someone rightly said that “bytes are replacing bullets in the crime world”. The growth of cyber crime in India, as all over the world, is on the rise and to curb its scope and complexity is the pertinent need today. Cyber space offers a plethora of opportunities for cyber criminals either to cause harm to innocent people, or to make a fast buck at the expense of unsuspecting citizens. India’s profile and wealth have risen enormously in the world due to the constructive use of information technology. At the same time, India ranks fifth in the world for cyber crime, according to a report last year by the U.S.-based Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center. Even under the IT Act, investigations in India are not easy. This is mainly due to the lack of what is called “cyber forensics.” We know that forensic evidence is important in normal criminal investigations. But the collection and presentation of electronic evidence to prove cyber crimes have posed a challenge to investigation and prosecution agencies and the judiciary.
To sum up, India needs a good combination of laws and technology, in harmony with the laws of other countries and keeping in mind common security standards. In the era of e-governance and e-commerce, a lack of common security standards can create havoc for global trade as well as military matters.
Friday, May 7, 2010
For Home PC Users:
Protect Your Personal Computer.
If you think that your home computer was safe from outside attacks, think again. Home computers are as susceptible as office computers to online attacks. Here are some extremely important guidelines for home computer owners.
Use the latest version of a good anti-virus software package that allows updating from the Internet.
Use the latest version of the operating system, web browsers and e-mail programs.
Don't open e-mail attachments unless you know the source. Attachments, especially executables (those having .exe extension) can be dangerous.
Confirm the site you are doing business with. Secure yourself against "Web-Spoofing". Do not go to websites from email links.
Create passwords containing at least 8 digits. They should not be dictionary words. They should combine upper and lower case characters.
Use different passwords for different websites.
Send credit card information only to secure sites.
Use a security program that gives you control over "Cookies" that send information back to websites. Letting all cookies in without monitoring them could be risky.
Consult your system support personnel if you work from home.
If you use your broadband access to connect to your employer's network via a Virtual Private Network (VPN) or other means, your employer may have policies or procedures relating to the security of your home network. Be sure to consult with your employer's support personnel, as appropriate.
Use a firewall.
Don't open unknown email attachments.
Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs.
Be sure your virus definitions are up-to-date.
Save the file to your hard disk.
Scan the file using your antivirus software.
For additional protection, you can disconnect your computer's network connection before opening the file. Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.
Don't run programs of unknown origin.
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing - they might contain a harmful program.
Turn off your computer or disconnect from the network when not in use.
Turn off your computer or disconnect its Ethernet interface when you are not using it. An intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network.
Disable Java, JavaScript, and ActiveX if possible.
Be aware of the risks involved in the use of "mobile code" such as ActiveX, Java, and JavaScript. A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.
The most significant impact of this vulnerability can be avoided by disabling all scripting languages. Turning off these options will keep you from being vulnerable to malicious scripts. However, it will limit the interaction you can have with some web sites.
Many legitimate sites use scripts running within the browser to add useful features. Disabling scripting may degrade the functionality of these sites.
Make regular backups of critical data.
Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CD-RW disks). Use software backup tools if available, and store the backup disks somewhere away from the computer.
Make a boot disk in case your computer is damaged or compromised.
To aid in recovering from a security breach or hard disk failure, create a boot disk on a floppy disk, which will help when recovering a computer after such an event has occurred. Remember, however, you must create this disk before you have a security event.
If you think that your home computer was safe from outside attacks, think again. Home computers are as susceptible as office computers to online attacks. Here are some extremely important guidelines for home computer owners.
Use the latest version of a good anti-virus software package that allows updating from the Internet.
Use the latest version of the operating system, web browsers and e-mail programs.
Don't open e-mail attachments unless you know the source. Attachments, especially executables (those having .exe extension) can be dangerous.
Confirm the site you are doing business with. Secure yourself against "Web-Spoofing". Do not go to websites from email links.
Create passwords containing at least 8 digits. They should not be dictionary words. They should combine upper and lower case characters.
Use different passwords for different websites.
Send credit card information only to secure sites.
Use a security program that gives you control over "Cookies" that send information back to websites. Letting all cookies in without monitoring them could be risky.
Consult your system support personnel if you work from home.
If you use your broadband access to connect to your employer's network via a Virtual Private Network (VPN) or other means, your employer may have policies or procedures relating to the security of your home network. Be sure to consult with your employer's support personnel, as appropriate.
Use a firewall.
Don't open unknown email attachments.
Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs.
Be sure your virus definitions are up-to-date.
Save the file to your hard disk.
Scan the file using your antivirus software.
For additional protection, you can disconnect your computer's network connection before opening the file. Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.
Don't run programs of unknown origin.
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing - they might contain a harmful program.
Turn off your computer or disconnect from the network when not in use.
Turn off your computer or disconnect its Ethernet interface when you are not using it. An intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network.
Disable Java, JavaScript, and ActiveX if possible.
Be aware of the risks involved in the use of "mobile code" such as ActiveX, Java, and JavaScript. A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.
The most significant impact of this vulnerability can be avoided by disabling all scripting languages. Turning off these options will keep you from being vulnerable to malicious scripts. However, it will limit the interaction you can have with some web sites.
Many legitimate sites use scripts running within the browser to add useful features. Disabling scripting may degrade the functionality of these sites.
Make regular backups of critical data.
Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CD-RW disks). Use software backup tools if available, and store the backup disks somewhere away from the computer.
Make a boot disk in case your computer is damaged or compromised.
To aid in recovering from a security breach or hard disk failure, create a boot disk on a floppy disk, which will help when recovering a computer after such an event has occurred. Remember, however, you must create this disk before you have a security event.
Subscribe to:
Posts (Atom)