Friday, May 7, 2010

Conclusion

As someone rightly said that “bytes are replacing bullets in the crime world”. The growth of cyber crime in India, as all over the world, is on the rise and to curb its scope and complexity is the pertinent need today. Cyber space offers a plethora of opportunities for cyber criminals either to cause harm to innocent people, or to make a fast buck at the expense of unsuspecting citizens. India’s profile and wealth have risen enormously in the world due to the constructive use of information technology. At the same time, India ranks fifth in the world for cyber crime, according to a report last year by the U.S.-based Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center. Even under the IT Act, investigations in India are not easy. This is mainly due to the lack of what is called “cyber forensics.” We know that forensic evidence is important in normal criminal investigations. But the collection and presentation of electronic evidence to prove cyber crimes have posed a challenge to investigation and prosecution agencies and the judiciary.
To sum up, India needs a good combination of laws and technology, in harmony with the laws of other countries and keeping in mind common security standards. In the era of e-governance and e-commerce, a lack of common security standards can create havoc for global trade as well as military matters.

For Home PC Users:

Protect Your Personal Computer.
If you think that your home computer was safe from outside attacks, think again. Home computers are as susceptible as office computers to online attacks. Here are some extremely important guidelines for home computer owners.
Use the latest version of a good anti-virus software package that allows updating from the Internet.
Use the latest version of the operating system, web browsers and e-mail programs.
Don't open e-mail attachments unless you know the source. Attachments, especially executables (those having .exe extension) can be dangerous.
Confirm the site you are doing business with. Secure yourself against "Web-Spoofing". Do not go to websites from email links.
Create passwords containing at least 8 digits. They should not be dictionary words. They should combine upper and lower case characters.
Use different passwords for different websites.
Send credit card information only to secure sites.
Use a security program that gives you control over "Cookies" that send information back to websites. Letting all cookies in without monitoring them could be risky.
Consult your system support personnel if you work from home.
If you use your broadband access to connect to your employer's network via a Virtual Private Network (VPN) or other means, your employer may have policies or procedures relating to the security of your home network. Be sure to consult with your employer's support personnel, as appropriate.
Use a firewall.
Don't open unknown email attachments.
Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs.
Be sure your virus definitions are up-to-date.
Save the file to your hard disk.
Scan the file using your antivirus software.
For additional protection, you can disconnect your computer's network connection before opening the file. Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.
Don't run programs of unknown origin.
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing - they might contain a harmful program.
Turn off your computer or disconnect from the network when not in use.
Turn off your computer or disconnect its Ethernet interface when you are not using it. An intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network.
Disable Java, JavaScript, and ActiveX if possible.
Be aware of the risks involved in the use of "mobile code" such as ActiveX, Java, and JavaScript. A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.
The most significant impact of this vulnerability can be avoided by disabling all scripting languages. Turning off these options will keep you from being vulnerable to malicious scripts. However, it will limit the interaction you can have with some web sites.
Many legitimate sites use scripts running within the browser to add useful features. Disabling scripting may degrade the functionality of these sites.
Make regular backups of critical data.
Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CD-RW disks). Use software backup tools if available, and store the backup disks somewhere away from the computer.
Make a boot disk in case your computer is damaged or compromised.
To aid in recovering from a security breach or hard disk failure, create a boot disk on a floppy disk, which will help when recovering a computer after such an event has occurred. Remember, however, you must create this disk before you have a security event.

Prevention of Cyber Crime

General Guidelines on Cyber Safety:
Do not give out identifying information such as your name, home address, or telephone number in a chat room. Even vital details like age, gender should never be divulged to anyone.
Do not send your photograph to any one on the net unless you know the person well enough.
Do not respond to messages or bulletin board items that are obscene, belligerent or threatening.
Take a test before opening an e-mail attachment
Is the e-mail from someone that you know?
Have you received e-mails from this sender before?
Were you expecting an e-mail with an attachment from this sender?
Does the e-mail from the sender with the contents as described in the subject line and the name of the attachment(s) make sense?
Does this e-mail contain a virus? To determine this, you need to install and use an anti-virus program.


Use strong password
For each computer and service you use (for example, e-mail, chatting, online purchasing), you should have a password.
You shouldn’t write them down not should you share them with anyone, even your best friends.
Computer intruders use trial-and-error, or brute-force techniques, to discover passwords.
Use alphanumeric characters and special characters in your password.
The length of password should be as long as possible (more than eight characters).
Do not write it on some place where it is visible to someone else.
Protect your Website
Stay informed and be in touch with security related news.
Watch traffic to your site. Put host-based intrusion detection devices on your Web servers and monitor activity looking for any irregularities.
Put in firewall.
Configure your firewall correctly.
Develop your Web content off-line.
Make sure that the Web servers running your public Website are physically separate and individually protected from your internal corporate network.
Protect your databases. If your Website serves up dynamic content from database, consider putting that database behind a second interface on your firewall, with tighter access rules than the interface to your Web server.
Back up your Website after every update.
For Corporate Companies:
Setup an e-security program for your business.
Ensure your security program facilitates confidentiality, integrity and availability.
Identify the sources of threats to your data from both internal and external sources. Examples: disgruntled employees - leaving bugs behind in your system, hackers looking to steal confidential information.
The security program that you create for your business must have provisions to maintenance and upgrades of your systems.
Administrators have access to all files and data. Therefore, one must be mindful of who is guarding the guards.
Roles for security should be defined, documented, and implemented for both your company and external contractors.
Establish a security awareness program for all users. Content should be communicated in non-technical terms. This could include briefings, posters, clauses in employee contracts, security awareness days etc.
Implement security training for technical staff that is focused on the security controls for their particular technical areas.
Maintain logs of all possible activities that may occur on your system. System records must note who was using the system, when, for how long, deletions etc.
User accounts should not be shared. User authorization should be mandatory. Employees should only be able to see information that they are authorized to see.
Employee user accounts must be disabled or removed when no longer needed. Example: in case an employee leaves the company.
Ensure network security from external sources by installing firewalls and intrusion detection systems.
Allow remote access to employees only through secure communication channels like SSL or VPN.
Install antivirus software on all desktops and servers. Buy Anti-Virus software solutions that allow real time upgrading of systems with anti-virus patches.
Create a data backup and disaster recovery plan in case of unforeseen natural calamities.
Ensure back-up procedures are in place and tested.
Ensure back-up procedures include all your critical as well as back office data such as finance, payroll etc.
Incident response is the ability to identify, evaluate, raise and address negative computer related security events.
In case of an incident, do not panic, and continue to save logs.
Incident response - Take a backup of the affected system and notify the authorities.

Cyber Criminals can also be classified as follows

Children and adolescents between the age group of 6 – 18 years:-
The simple reason for this type of delinquent behavior pattern in children is seen mostly due to the inquisitiveness to know and explore the things. Other cognate reason may be to prove themselves to be outstanding amongst other children in their group. Further the reasons may be psychological even.



Organized hackers:-
These kinds of hackers are mostly organized together to fulfill certain objective. The reason may be to fulfill their political bias, fundamentalism, etc. The NASA as well as the Microsoft sites is always under attack by the hackers.
Professional hackers / crackers:-
Their work is motivated by the color of money. These kinds of hackers are mostly employed to hack the site of the rivals and get credible, reliable and valuable information. Further they are even employed to crack the system of the employer basically as a measure to make it safer by detecting the loopholes.
Discontented employees:-
This group includes those people who have been either sacked by their employer or are dissatisfied with their employer. To avenge they normally hack the system of their employee.

Who can be typically expected to indulge in a Cyber Crime

Insiders: Disgruntled employees and ex-employees, spouses, lovers.
Hackers: Crack into networks with malicious intent.
Virus Writers: Pose serious threats to networks and systems worldwide.
Foreign Intelligence: Use cyber tools as part of their Services
For espionage activities.
Can pose the biggest threat to the security of another country.
Terrorists: Use to formulate plans, to raise funds.

Who Commits a Cyber Crime

There is a growing convergence of technically savvy computer crackers with financially motivated criminals. Historically, most computer crime on the Internet has not been financially motivated: it was the result of either curious or malicious technical attackers, called crackers. This changed as the Internet became more commercialized. Financially motivated actors, spammers and fraudsters, soon joined crackers to exploit this new potential goldmine. Cyber Criminals have fully adopted the techniques of crackers and malicious code authors. These are financially motivated people, who pursue their goals considerably more aggressively than an average cracker. They have the monetary means to buy the required expertise to develop very sophisticated tools to accomplish their goals of spamming and scamming the public.
The perpetrators of these attacks vary considerably. At the low end are script kiddies, who are usually unsophisticated users that download malicious software from hacker web sites and follow the posted instructions to execute an attack on some target. These attacks are often only annoyance attacks, but they can be more severe. At the next level are hackers who are trying to prove to their peers or to the world that they can compromise a specific system, such as a government web site. Next are insiders, who are legitimate users of a system that either access information that they should not have access to or damage the system or data because they are disgruntled. Insiders are often less knowledgeable then hackers, but they are often more dangerous because they have legal access to resources that the hackers need to access illegally.
Next are organizational level attacks. In this case, the organization’s resources are used to get information illegally or to cause damage or deny access to other organizations to further the attacking organization’s gain. These can be legitimate organizations, such as two companies bidding on the same contract where one wants to know the other’s bid in order to make a better offer. They could also be criminal organizations that are committing fraud or some other illegal activity. At the highest level is the nation state that is trying to spy on or cause damage to another state. This level used to be called “national lab” attackers, because the attackers have a substantial amount of resources at their disposal, comparable to those that are available to researchers at a national lab, such as Los Alamos Laboratory or Lawrence Livermore Laboratory. After the September 11, 2001 terrorist attacks on the World Trade Center, the idea of nation state level cyber attacks being carried out by terrorists became a big concern.

Cyber defamation

Cyber defamation:
Any derogatory statement, which is designed to injure a person's business or reputation, constitutes cyber defamation. Defamation can be accomplished as libel or slander. Cyber defamation occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person's friends.

Threatening:
The Criminal sends threatening email or comes in contact in chat rooms with victim. (Any one disgruntled may do this against boss, friend or official).
Salami Attacks:
This is basically related to finance and therefore the main victims of this crime are the financial institutions. This attack has a unique quality that the alteration is so insignificant that in a single case it would go completely unnoticed. E.g. a bank employee inserts a program whereby a meager sum of Rs 3 is deducted from random customer’s account periodically and transferred to a specific account for personal gains. Such a small amount will not be noticeable at all.
Sale of Narcotics:
Sale & Purchase of narcotics through net. There are web site which offers sale and shipment off contrabands drugs. They may use the techniques of stenography for hiding the messages.

Cyber Stalking

Cyber stalking is a crime in which the attacker harasses a victim using electronic communication, such as e-mail or instant messaging (IM), or messages posted to a Web site or a discussion group. A cyber stalker relies upon the anonymity afforded by the Internet to allow them to stalk their victim without being detected. Cyber stalking messages differ from ordinary spam in that a cyber stalker targets a specific victim with often threatening messages, while the spammer targets a multitude of recipients with simply annoying messages.
Corporate cyber stalking, an organization stalks an individual. Corporate cyber stalking (which is not the same thing as corporate monitoring of e-mail) is usually initiated by a high-ranking company official with a grudge, but may be conducted by any number of employees within the organization. Less frequently, corporate cyber stalking involves an individual stalking a corporation.

SPOOFING

In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.
An old method of spoofing used links containing the '@' symbol, originally intended as a way to include a username and password (contrary to the standard).[23] For example, the link http://www.somebank.com@members.tripod.com/ might deceive a casual observer into believing that it will open a page on www.somebank.com, whereas it actually directs the browser to a page on members.tripod.com, using a username of www.somebank.com: the page opens normally, regardless of the username supplied
Not all phishing attacks require a fake website. Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts.[38] Once the phone number (owned by the phisher, and provided by a Voice over IP service) was dialed, prompts told users to enter their account numbers and PIN. Vishing (voice phishing) sometimes uses fake caller-ID data to give the appearance that calls come from a trusted organization.
2.10 SPOOFING:
The word "spoof" means to hoax, trick, or deceive. Therefore, in the IT world, spoofing refers tricking or deceiving computer systems or other computer users. This is typically done by hiding one's identity or faking the identity of another user on the Internet.
Spoofing can take place on the Internet in several different ways. One common method is through e-mail. E-mail spoofing involves sending messages from a bogus e-mail address or faking the e-mail address of another user. Fortunately, most e-mail servers have security features that prevent unauthorized users from sending messages. However, spammers often send spam messages from their own SMTP, which allows them to use fake e-mail addresses. Therefore, it is possible to receive e-mail from an address that is not the actual address of the person sending the message.
Another way spoofing takes place on the Internet is via IP spoofing. This involves masking the IP address of a certain computer system. By hiding or faking a computer's IP address, it is difficult for other systems to determine where the computer is transmitting data from. Because IP spoofing makes it difficult to track the source of a transmission, it is often used in denial-of-service attacks that overload a server. This may cause the server to either crash or become unresponsive to legitimate requests. Fortunately, software security systems have been developed that can identify denial-of-service attacks and block their transmissions.
Finally, spoofing can be done by simply faking an identity, such as an online username. For example, when posting on an Web discussion board, a user may pretend he is the representative for a certain company, when he actually has no association with the organization. In online chat rooms, users may fake their age, gender, and location.
While the Internet is a great place to communicate with others, it can also be an easy place to fake an identity. Therefore, always make sure you know who you are communicating with before giving out private information.

Pornography

Pornography is the first consistently successful ecommerce product.
Deceptive marketing tactics and mouse trapping technologies. Pornography encourage customers to access their websites. Anybody including children can log on to the internet and access websites with pornographic contents with a click of a mouse. Publishing, transmitting any material in electronic form which is lascivious or appeals to the prurient interest is an offence under the provisions of section 67 of I.T. Act -2000.
From a definition standpoint, pornography is anything that is created to cause sexual excitement or arousal. Most of us think of: erotic imagery that is considered obscene and offensive sexually explicit pictures, writing, or other material whose primary purpose is to cause sexual arousal.
Verbal or visual material or acts that embody violence, coercion, discrimination, force or brutality on women, men, children, or animals in sexual acts, and represent them in a degrading position. Sexually oriented material that is not considered acceptable to the viewer; the same material when judged subjectively acceptable is often referred to as "erotica."
Pornography or porn is the explicit depiction of sexual subject matter, especially with the sole intention of sexually exciting the viewer. It is to a certain extent similar to erotica, which is the use of sexually-arousing imagery for mainly artistic purposes.

Credit Card Fraud:

Credit Card Fraud:
Credit card fraud is a wide-ranging term for theft and fraud committed using a credit card or any similar payment mechanism as a fraudulent source of funds in a transaction. The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account. Credit card fraud is also an adjunct to identity theft. There are two types of fraud within the identity theft category, application fraud and account takeover.
Application fraud occurs when criminals use stolen or fake documents to open an account in someone else's name. Criminals may try to steal documents such as utility bills and bank statements to build up useful personal information. Alternatively, they may create counterfeit documents.
Account takeover involves a criminal trying to take over another person's account, first by gathering information about the intended victim, then contacting their bank or credit issuer — masquerading as the genuine cardholder — asking for mail to be redirected to a new address. The criminal then reports the card lost and asks for a replacement to be sent. The replacement card is then used fraudulently.
Some merchants added a new practice to protect consumers and self reputation, where they ask the buyer to send a copy of the physical card and statement to ensure the legitimate usage of a card.
Skimming is the theft of credit card information used in an otherwise legitimate transaction. It is typically an "inside job" by a dishonest employee of a legitimate merchant, and can be as simple as photocopying of receipts. Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim's credit card out of their immediate view. The skimmer will typically use a small keypad to unobtrusively transcribe the 3 or 4 digit Card Security Code which is not present on the magnetic strip.

Types of Cyber Crime

Hacking:
The activity of breaking into a computer system to gain an unauthorized access is known as hacking. The act of defeating the security capabilities of a computer system in order to obtain an illegal access to the information stored on the computer system is called hacking. The unauthorized revelation of passwords with intent to gain an unauthorized access to the private communication of an organization of a user is one of the widely known computer crimes. Another highly dangerous computer crime is the hacking of IP addresses in order to transact with a false identity, thus remaining anonymous while carrying out the criminal activities.
Computer hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers. Since the word “hack” has long been used to describe someone who is incompetent at his/her profession, some hackers claim this term is offensive and fails to give appropriate recognition to their skills.

2.2 Denial of Service Attack:
In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer.
The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a "denial of service" because you can't access that site.

An attacker can use spam email messages to launch a similar attack on your email account. Whether you have an email account supplied by your employer or one available through a free service such as Yahoo or Hotmail, you are assigned a specific quota, which limits the amount of data you can have in your account at any given time. By sending many, or large, email messages to the account, an attacker can consume your quota, preventing you from receiving legitimate messages.
A malicious attack on a computer or computer network that can take various forms. The targeted computer network is overwhelmed with massive amounts of useless traffic that can bring the network down. Some forms of attack have special names such as The Ping of Death and Teardrops.
This is an act by the criminal, who floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide.

Virus Dissemination:
Malicious software that attaches itself to other software. (Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and Bacterium are examples of malicious software that destroys the system of the victim.
2.4 Software Piracy:
Unauthorized copying of software. The illegal duplication of software for commercial or personal use. Theft of software through the illegally copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original. End user copying, Hard disk loading,, Counterfeiting, Illegal downloads from the internet.

IRC CRIME:
Internet Relay Chat crime
Internet Relay Chat (IRC) is a form of real-time Internet Online chat or synchronous conferencing. It is mainly designed for group communication in discussion forums called channels, but also allows one-to-one communication via private message, as well as chat and data transfers via Direct Client-to-Client. Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world can come together and chat with each other.
Criminals use it for meeting conspirators.
Hackers use it for discussing their exploits / sharing the techniques.

Types of Cyber Crime

Computer crime is a multi-billion dollar problem. Our Law enforcement must seek ways to keep the drawbacks from overshadowing the great promise of the computer age. Cyber Crime is a menace that has to be tackled effectively not only by the official but also by the users by co-operating with the law. The founding fathers of internet wanted it to be a boon to the whole world and it is upon us to keep this tool of modernization as a boon and not make it a bane to the society. Cyber Crimes can be divided into 3 major categories:
Cyber Crimes against Persons
Also known as Cyber harassment is a distinct Cyber Crime. Various kinds of harassment can and do occur in cyberspace, or through the use of cyberspace. Harassment can be sexual, racial, religious, or other. Persons perpetuating such harassment are also guilty of Cyber Crimes.
Cyber Crimes against Property
Cyber-crimes is that of Cybercrimes against all forms of property. These crimes include computer vandalism (destruction of others' property), transmission of harmful programs.
Cyber Crimes against Government
Also known as Cyber terrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorize the citizens of a country. This crime manifests itself into terrorism when an individual "cracks" into a government or military maintained website.

Introduction

What is Cyber Crime?
A Cyber Crime is an evil having its origin in the growing dependence on computers in modern life. Cyber Crime has been an artifact of computer systems for a number of decades. However, the phenomenon of Cyber Crime did not truly come into being until the advent of the computer network. Information moving from across physical distances was much easier to intercept than that on a standalone system. Moreover, attaching a system to a network provided would-be criminals an access point into other vulnerable systems attached to the same network. But even in the early days of networked computing, Cyber Crime was rare. The relative rarity of computers, combined with the highly specialized knowledge needed to use them prevented widespread abuse. The Cyber Crime problem emerged and grew as computing became easier and less expensive.
Computer crimes are criminal activities, which involve the use of information technology to gain an illegal or an unauthorized access to a computer system with intent of damaging, deleting or altering computer data. Computer crimes also include the activities such as electronic frauds, misuse of devices, identity theft and data as well as system interference. Computer crimes may not necessarily involve damage to physical property. They rather include the manipulation of confidential data and critical information. Computer crimes involve activities of software theft, wherein the privacy of the users is hampered. These criminal activities involve the breach of human and information privacy, as also the theft and illegal alteration of system critical information. The different types of computer crimes have necessitated the introduction and use of newer and more effective security measures.

The internet in India is growing rapidly. It has given rise to new opportunities in every field we can think of – be it entertainment, business, sports or education. There are two sides to a coin. Internet also has its own disadvantages. One of the major disadvantages is Cyber Crime – illegal activity committed on the internet. The internet, along with its advantages, has also exposed us to security risks that come with connecting to a large network. Computers today are being misused for illegal activities like e-mail espionage, credit card fraud, spam’s, software piracy and so on, which invade our privacy and offend our senses. Criminal activities in the cyberspace are on the rise.
A simple yet sturdy definition of Cyber Crime would be “unlawful acts wherein the computer is either a tool or a target or both”. Defining Cyber Crime, as “acts that are punishable by the Information Technology Act 2000” would be unsuitable as the Indian Penal Code also covers many cyber crimes, such as e-mail spoofing, cyber defamation etc.
Although the term Cyber Crime is usually restricted to describing criminal activity in which the computer or network is an essential part of the crime, this term is also used to include traditional crimes in which computers or networks are used to enable the illicit activity.