CYBER CRIME & CYBER LAWS

Group:-5 Ashish Anand Md. Shamshad Ansari Sneha Anand Vineet Shashidharan Vishakha Suri

CONTENTS
WHY LEARN ABOUT CYBER CRIME?
DEFINING CYBER CRIME TYPES OF CYBER CRIME

PREVENTIVE MEASURES
CYBER LAWS

WHAT IS CYBER CRIME ?

"unlawful acts wherein the computer is either a tool or a target or both".

WHY LEARN ABOUT CYBER CRIME?

Because:

Everybody is using COMPUTERS. From white collar criminals to terrorist organizations and from

teenagers to adults.

Conventional crimes like Forgery, extortion, kidnapping etc. are being committed with the help of computers.

New generation is growing up with computers.

MOST IMPORTANT - Monetary transactions are moving on to the INTERNET.

SO HOW ARE CRIMINALS COMMITTING THE CRIMES?

Tools of the Trade

Wireless networking technology

Password Crackers Network Scanning software Illegitimate Websites (fake URLs), SPAM

REASONS FOR HACKING

Gathering Trophies (quest to become famous) General Mischief Financial Gain Revenge Protest Criminal activity Identity Theft Forging Documents and Messages

PROFILE OF CYBER CRIMINAL

Disgruntled employees. Teenagers. Political Hacktivist. Professional Hackers.

Business Rival.
Ex-Boy Friend. Divorced Husband. etc

The World's Most Famous Hackers & Crackers

Black Hat Crackers

White Hat Hackers

Jonathan James
Adrian Lamo Kevin Mitnick Robert Morris

Stephen Wozniak Tim Berners- Lee Linus Torvalds

Richard Stallman

TYPES OF CYBER CRIME

HACKING DENIAL OF SERVICE VIRUS DISSEMINATION SOFTWARE PIRACY

PHISHING

SPOOFING
CYBER STALKING CYBER DEFAMATION THREATENING SALAMI ATTACK

IRC CRIME
CREDIT CARD FRAUD NET EXTORTION

HACKING

Hacking in simple terms means illegal intrusion into a computer

system without the permission of the computer owner/user.

WHO IS A HACKER?
A

hacker is someone who breaks into computers

sometimes to read private e-mails and other files.

According

to The New Hacker's Dictionary, a hacker can be

defined as:
One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.

DENIAL OF SERVICE ATTACK

This

is an attempt to make a computer or network resource unavailable

to its intended users.

Preventing

an Internet site or service from functioning efficiently or at

all, temporarily or indefinitely

Generally

done by saturating the target machine with external

communication requests (Spam mails).

VIRUS DISSEMINATION
Malicious software that attaches itself to other software. (virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and Bacterium are the malicious software's)

SOFTWARE PIRACY

Theft of software through the illegal copying of genuine programs or

the counterfeiting and distribution of products intended to pass for the original.

Retail revenue losses worldwide are ever increasing due to this crime.

Can be done in various ways

End user copying Hard disk loading, Counterfeiting, Illegal downloads from the internet etc.

IRC CRIME

Internet Relay Chat (IRC) servers have chat rooms in which people

from anywhere the world can come together and chat with each
other

Criminals use it for meeting conspirators. Hackers use it for discussing their exploits / sharing the techniques Pedophiles use chat rooms to allure small children

NET EXTORTION

Copying the companys confidential data in order to extort said company for

huge amount.
For e.g. : Crypto virology :

Its a virus that ciphers or encrypts the data in a computer

PHISHING

It is technique of pulling out confidential information from the bank/financial institutional account holders by deceptive means

Phishing methods :

E-mails that redirects to a deceptive website Deceptive website resembles the victims financial institutional website

PHISHING WEBSITE

Original Login in page

Deceptive Login in page

SPOOFING
Getting one computer on a network to pretend to have the identity off another computer, usually one with special access privileges , so as to obtain access to the other computers on the network. OR It is a situation in which one person or program successfully impersonate as another by falsifying data and thereby gaining an illicit advantage.

E-MAIL SPOOFING

A spoofed email is one that appears to originate from one source but actually has been sent from another source

Its also known as E-Mail Forging

CYBER STALKING

Is the use of the Internet or other electronic means to Stalk or harass

an individual, a group of individuals, or an organization. It may

include false accusations, monitoring, making threats, identity theft, damage to data or equipment, the solicitation of minors for sex, or

gathering information in order to harass.

CYBER DEFAMATION

Criminal publishing defamatory matter about victim on a websites OR

Sending e-mail
friends

containing defamatory information to all of that victims

E.g. :

displeased employee may do this against boss, ex-boys friend against girl,
divorced husband against wife etc

SALAMI ATTACK

In such crime criminal makes insignificant changes in such a manner that it would go unnoticed

Such attacks occur during the deduction of commissions in financial institutions

For e.g. : Criminal makes such program that deducts small amount like Rs. 2.50
per month from the account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for

such small amount but criminal gains huge amount.

CREDIT CARD FRAUD

This

is done by duplicating the credit card of the victim.

Credit Card Skimmer

Credit Card Writer

CARD SKIMMER OVER THE ORIGINAL CARD SLOT REPLICATES THE CARD

PAMPHLET HOLDER ATTACHED WITH CAMERA GETS THE VICTIMS PIN CODE

Hidden Camera

PREVENTIVE MEASURES
Preventive steps for children:

Should not give information such as Name, Home Address, School Name or Telephone number in a chat room.

Should not give photographs to anyone on the net. Should not respond to messages, which are suggestive, obscene, belligerent or threatening

Should not arrange a face-to face meeting without telling parents or

guardians

PREVENTIVE MEASURES
Preventive steps for Parents:

should use content filtering software on PC to protect children from pornography, gambling, hate speech, drugs and alcohol.

Install software to establish time controls for use of limpets allowing parents to see which site item children have visited

General Information:

Dont delete harmful communications (emails, chats etc.). They will provide vital information about system and address of the person behind these.

If you feel any immediate physical danger, contact your local police.

Avoid getting into huge arguments online during chat and discussions with other
users.

Be extremely careful about how you share personal information about yourself

online

Be extremely cautious about meeting online introduced person. If you choose to meet, do so in a public place along with a friend.

Save all communications for evidence. Do not edit it in any way. Also, keep a record of your contacts and inform Law Enforcement Officials.

Preventive Steps For Organization and Government

Physical Security Implement Access Control Systems Use Of Password Finding the Holes in Network

Using Network Scanning Program ( E.g. UNIX, COPS-computer oracle

and password system)

Using Intrusion Alert Program

Using Encryption

CYBER LAWS

Hierarchy
Law

Cr.P.C: Criminal Procedure Court

I.P.C.: Indian Penal Code

Evidence Act

I.T. Act 2000

CYBER LAW INDIA

Laws relating to computer, internet and e-commerce

Mr. Pavan Duggal, President CYBER LAW-India

IT AMENDMENT ACTS

The Information Technology Act, 2000 is the Mother Legislation that

deals with issues related to use of computers, computer systems ,

computer networks and the Internet.

Information Technology Amendment Bill, 2006

Information technology amendment act, 2008

CONTD

The new amendments have added Identity theft and phishing as cybercrimes .

Have also covered breach of privacy , child pornography as specific offences

OFFENCES

Offence under IT Acts

Tampering with Computer source documents Hacking with Computer systems, Data alteration Publishing obscene information Un - authorized access to protected system Breach of Confidentiality and Privacy Publishing false digital signature certificates

SECTIONS IN LAW & PENALTIES

Section 43: of the act reads: If any person without permission of the owner ACCESS to such computer DOWNLOAD, COPIES, or EXTRACTS any data from such computer Introduces COMPUTER VIRUS so as to contaminate the system DAMAGES such computer network CAUSES DISRUPTION to such computer system DENY the user to access CHANGES ACCOUNT SETTINGS Punishment: He shall be liable to pay damages by the way of compensation not exceeding One crore to person so affected.

SECTION 66
Hacking with Computer System (1) If Information residing in a computer resources get :

Destroyed Deleted Altered Diminished in value or utility Affected Injuriously

Punishment: 3 yrs. Or Fine up to 2 lac for hacking.

SECTION 67

Section 67 of the Act reads: Whoever publishes or transmitted in the

electronic form any material which contains sexually explicit acts or

conduct :

Fine of ten lakh rupees as punishment on first conviction In the event of second or subsequent conviction Imprisonment of either description for a term which may extend to seven years and also with fine which may extend to ten lakh rupees.

If the same thing is repeated imprisonment of 10 yrs.

SECTION 65
Tampering with computer source document: Punishment: Offences are punishable with imprisonment up to 3 yrs. And

or fine up to Rs. 2 lakh

SECTION 69

Deals with the Interception, monitoring or decryption of any

information in the interest of the sovereignty, integrity, Security or

defense of India, friendly relations with the foreign states etc. Punishment: 2 lakh and /or jail not exceeding 5 yrs.

SOME OTHER SECTIONS

Section 72: Violation of the privacy policy---Fine up to 5 lakh, jail not

extending 2 yrs.

Section 502A: Publishing, Transmitting images of the private area of a person without his or her consent---2yrs./2 lakh.

Section 419A: Cheating by any communication device or computer resource -- 5yrs.

Section 417A: Identity Theft--- 2yrs.

CASE ON CYBER CRIME

FIRST CONVICTION IN INDIA

A complaint was filed in by Sony India Private Ltd, which runs a website called sony-sambandh.com, targeting Non Resident Indians.

The website enables NRIs to send Sony products to their friends and relatives in India after they pay for it online.

The company undertakes to deliver the products to the concerned recipients.

In May 2002,someone logged onto the website under the identity of Barbara Campa and ordered a Sony Colour Television set and a cordless head phone.

A lady gave her credit card number for payment and requested that the

products be delivered to Arif Azim in Noida.

The payment was duly cleared by the credit card agency and the transaction processed.

After following the relevant procedures of due diligence and checking, the
company delivered the items to Arif Azim.

At the time of delivery, the company took digital photographs showing the delivery being accepted by Arif Azim.

The transaction closed at that, but after one and a half months the credit
card agency informed the company that this was an unauthorized transaction as the real owner had denied having made the purchase.

The company lodged a complaint for online cheating at the Central Bureau of Investigation which registered a case under Section 418, 419 and 420 of the Indian Penal Code.

The matter was investigated into and Arif Azim was arrested. Investigations revealed that Arif Azim, while working at a call centre in Noida gained access to the credit card number of an American national which he misused on the companys site.

The CBI recovered the color television and the cordless head phone. The accused admitted his guilt and the court of Shri Gulshan Kumar Metropolitan Magistrate, New Delhi, convicted Arif Azim under Section 418, 419 and 420 of the Indian Penal Code this being the first time that a cyber crime has been convicted.

The court, however, felt that as the accused was a young boy of 24 years and a first-time convict, a lenient view needed to be taken. The court therefore released the accused on probation for one year.

People such as computer hackers and pirates who hurt others through computer technology are not "cool." They are breaking the Law