Transcription
A Case Study on Cyber Crime In India K.Sridharan et.al.,International Journal of Power Control Signal and Computation (IJPCSC)Vol. 4 No. 2,2013-Pp:123-129 gopalax journals,singaporeISSN:0976-268X availableat : http://ijcns.comA CASE STUDY ON CYBER CRIME IN INDIAK.Sridharan*1Assistant Professor,Department of CS & ApplicationsSri Vidya Mandir Arts & Science College,Katteri, UthangaraiSridhar svm@rediffmail.comSaktheeswariAssistant ProfessorDepartment of CS & ApplicationsSri Vidya Mandir Arts & Science College,Katteri, ber-crime,” which refers to any criminal activity committed with the aid of or in the arena of the Internet and similartelecommunications, is both a new incarnation of old crimes through a new medium, and a unique entity all its own. Itdiffers from physical or “terrestrial” crime in four main ways: being easy to commit, requiring minimal resources forgreat potential damage, being committable in a jurisdiction in which the perpetrator is not physically present, and often,not being entirely clearly illegal. Virtually any crime, from vandalism to theft, extortion to copyright infringement, canbecome a cyber-crime. As new technology often does, cyber-crime also empowers criminals in new ways, such as allowingindividuals like this Massachusetts teen to wreak havoc on entities like the telephone company which would previouslyhave been considered far out of their league, but which now are just as vulnerable as anyone to an attacker with the rightspecial abilities and motivation. At the same time, the increased digitalization of all aspects of modern life, from art togovernment to business, has led to vastly increased stakes and thus increased incentives for cyber-crime. This paper willexamine cyber-crime from a variety of perspectives, starting with a brief history of cyber-crime attacks and correspondingdefenses.include:Keywords: Crime, Digitalization, copyright Computer viruses1. INTRODUCTION TO CYBER CRIME Denial-of-service attacks Malware (malicious code)Computer crime, or Cybercrime, refers to any crime thatCrimes that use computer networks or devices to advanceinvolves a computer and a network. Net crime is criminalother ends include:exploitation of the Internet. Issues surrounding these types Cyber stalkingof crimes have become high-profile, particularly those Fraud and identity theftsurrounding cracking, copyrightinfringement, child Information warfarepornography, and child grooming. There are also problems Phishing scamsof privacy when confidential information is lost or Spamintercepted, lawfully or otherwise. An Australiannationwide survey conducted in 2006 found that two in1.2 The changing nature of cybercrimethree convicted cyber-criminals were between the ages of15 and 26.New trends in cybercrime are emerging all the time, withcosts to the global economy running to billions of dollars.1.1 Classification of Computer CrimeIn the past, cybercrime was committed mainly byindividuals or small groups. Today, we are seeing criminalComputer crime encompasses a broad range of activities.organizations working with criminally minded technologyGenerally, however, it may be divided into two categories:professionals to commit cybercrime, often to fund other(1) crimes that target computers directly; (2) crimesillegal activities. Highly complex, these cybercriminalfacilitated by computer networks or devices, the primarynetworks bring together individuals from across the globetarget of which is independent of the computer network orin real time to commit crimes on an unprecedented scale.device.Criminal organizations turning increasingly to the InternetCrimes that primarily target computer networks or devicesto facilitate their activities and maximize their profit in thePage 123
A Case Study on Cyber Crime In India K.Sridharan et.al.,shortest time. The crimes themselves are not necessarilynew – such as theft, fraud, illegal gambling, sale of fakemedicines – but they are evolving in line with theopportunities presented online and therefore becomingmore widespread and damaging.1.4 Goals of the forensic investigationof those are: Internet usage exceeds norm Using email inappropriately Using of internet, e-mail or PC in a non-workrelated manner Theft of information Violation of security policies or procedures Intellectual property infractions Electronic tampering like fraud, mimickingsomeone or something, masking or masqueradingas someone. Network Intrusion which potentially leads tocompromising networked computers.Some incidents regardless of their impact (financial orotherwise) would need to be investigated. Some items thatcyber-forensics experts keep in mind when they determinethe impact are: Benefits to pursuing such an investigation Liabilities for not pursuing an investigation Obligations to pursue or not to pursue (goodwilltoward public, partners and other contracts) Resources available (time, people, finances, tools,etc)Steps and ProceduresDuring an investigation, forensic investigators shouldbe focused on the goal of gathering evidence forprosecution. They should become familiar with federalrules of evidence as well as local and state laws pertainingto the admissibility of evidence and what is required toprovide “expert witness” testimony, should that becomenecessary. Investigators usually work on isolation of equipment, isolation of files, tracking of web sites visited, tracking of log-on , durations and times and Tracking of illicit software installation andusage.They then work on correlating all that evidence found.Isolation of equipment - Investigators gains approval frommanagement to access the equipment. Once they have thePC or device in their possession they need to preserve thechain of evidence by making sure that neither they noranyone else is left alone with the equipment. Logs are keptabout the whereabouts of and actions taking place on suchequipment. It is also important to backup any data underinvestigation and that the programs used to perform thebackup should be independent and have integrity. Onegood program for such backup is SafeBack, whichperforms a bit-stream backup that helps in making exactpartition backups.It is important in cyber-forensics to review the reasons whyan investigation is needed and the plan of thatinvestigation. It is important to determine the impact andfeasibility of conducting an investigation. In some cases, ifthe cost of the investigations outweighs the benefits, theremight not be a reason to conduct the investigation at all.There are many things (especially in a corporateenvironment) that might trigger an investigation and someIsolation of files - In order to prevent the suspects fromtampering with any files, investigators need to disable theiruser IDs and not delete it. Once IDs are disabled all filesthey had access to should be copied to a backup media.Tracking of web sites visited - This happens throughreviewing the following items on the isolated equipment(or in other words on the backup of the data on thatisolated equipment:1.3 Cyber-Forensics and Legal ProceduresThe ubiquitous use of computers and other electronicdevices is creating a rapidly rising wave of new and storeddigital information. About 90% of corporate informationcurrently exists in digital form. Companies generate about17.5 trillion electronic documents a year. There isalso more to this explosive growth than electronicdocuments. Additional forms of electronic data originatefrom Internet-based electronic commerce, onlinebanking, and stock trading. Corporate use and storage of phone mail messagesand electronic logs. Personal organizers like the palm pilot and pocketPC that sells about 40 million devices a year. Digital cameras. Corporate use and storage of graphic images, audioand video.The information risks associated with these data are many.For corporations, the free flow of digital informationmeans that the backdoor is potentially always open to loss.There are several factors as we have seen previously thatincrease the risk of litigation and loss of confidentialcorporate data and with this the importance of cyberforensics grew.In this information age the physical crimes are somewhatalso associated with technology. Some traditional crimesespecially those concerning finance and commercecontinue to be upgraded technologically. Crimes associatedwith the theft and manipulation of data is detected daily. Aserious and costly terrorist act could come from theinternet instead of from a truck bomb. The diary of a serialkiller may be recorded on a floppy disk or a hard driverather than on a piece of paper or a notebook. So as we cansee, criminal activity has to some extent converted from aphysical dimension in which evidence and investigationsare described in tangible terms to a cyber-dimension inwhich evidence exists only electronically andinvestigations are conducted online.Page 124
A Case Study on Cyber Crime In India K.Sridharan et.al., Cookies, as those take the investigator(s) to the websites to which the user was visiting. Bookmarks where most of the favorite URLs arestored History Buffer - these have more information on thetiming on which individuals were accessing the websitesand could give insights on unapproved or unauthorizedweb sites. Cache from which the investigators can get the lastset of instructions or data that was saved to the cache. Thisrequires special programs because it tends to be tricky inmany cases. Temporary Internet files - This has the advantageover any other items in that it should contain the address ofthe site, when was it last modified, last accessed, and lastchecked, and it helps a lot in cases of too much internetaccess or in appropriate internet access. Tracking of illicitsoftware installation and use - This is a comparisonbetween the list of programs that currently reside on the PCor device (discovered through inspecting the registry or thefiles on disk) and the list of what can be on any given PCthat follows the corporate policy.These techniques are usually known as System Review. Inthis the examiner has also to take care of discoveringhidden files if any exists. Intrusion profiling for networkintrusion - For network intrusion, it is a bit different thanthe above. The hacker could be from outside the company.The concept of criminal profiling with a few twists canalso be applied for profiling computer / network intrusions.The process of creating the profile involves seeing theintrusion in context, relating the activities to the threat tobusiness functions, and making educated guesses based onprobability, experience, and clues. The profile can assist intracking the intruder, in identifying future targets,signatures of the attack and possible past intrusionlocations, and in assessing the risk or threat of the hacker.The profiling can also reveal possible motives, technicalabilities and geographic locations of the hacker.In order to create a good profile, investigators have togather information about the time of the intrusion, sourceof the attack, list of systems penetrated, method ofpenetration, and list of all files accessed including allwritten/read and created files. Organizing and compilingsuch information helps in creating the proper profile thatwould bring the information together and create anorganized picture of who the intruder might be. .Correlating the evidence - Computer evidence as seenfrom the various listed procedures almost never exists inisolation. It is a product of the data stored, the applicationused to create and store it, and the computer system thatdirected these activities. To a lesser extent it is also theproduct of the software tools used in the laboratory toextract it.After capturing the file evidence and the data, the examinercan graph an access pattern or list the illegal software orwhen it was loaded. Next they need to check the access andPage 125download dates and times against the time sheets,surveillance and other witness accounts to ensure that thesuspect under investigation had the opportunity to engagein unauthorized acts using the equipment in question.Investigators in reviewing such evidence have to showonly the facts and nothing else. They can’t make any leapin their logic to connect point A to point B as this onlyshow that they lack enough evidence. They also need to beable to adequately explain how the person under reviewwas able to commit the offense, illegal act or unauthorizedaction and present evidence and proof of how it was done.The figure points out to a three-level hierarchicalmodel consisting of the following: An overarching concept of the principles ofexamination. Policies and practices Procedures and techniques1.5 Internet CrimeInternet crime is crime committed on the Internet, using theInternet and by means of the Internet. Computer crime is ageneral term that embraces such crimes as phishing, creditcard frauds, bank robbery, illegal downloading, industrialespionage, child pornography, kidnapping children via chatrooms, scams, cyber terrorism, creation and/or distributionof viruses, Spam and so on. All such crimes are computerrelated and facilitated crimes.With the evolution of the Internet, along came anotherrevolution of crime where the perpetrators commit acts ofcrime and wrongdoing on the World Wide Web. Internetcrime takes many faces and is committed in diversefashions. The number of users and their diversity in theirmakeup has exposed the Internet to everyone. Somecriminals in the Internet have grown up understanding thissuperhighway of information, unlike the older generationof users. This is why Internet crime has now become agrowing problem in the United States. Some crimescommitted on the Internet have been exposed to the worldand some remain a mystery up until they are perpetratedagainst someone or some company.The different types of Internet crime vary in their designand how easily they are able to be committed. Internetcrimes can be separated into two different categories.There are crimes that are only committed while being onthe Internet and are created exclusively because of theWorld Wide Web. The typical crimes in criminal historyare now being brought to a whole different level ofinnovation and ingenuity. Such new crimes devoted to theInternet are email “phishing”, hijacking domain names,virus immistion, and cyber vandalism. A couple of thesecrimes are activities that have been exposed and introducedinto the world. People have been trying to solve virusproblems by installing virus protection software and othersoftware that can protect their computers. Other crimes
A Case Study on Cyber Crime In India K.Sridharan et.al.,such as email “phishing” are not as known to the publicuntil an individual receives one of these fraudulent emails.These emails are cover faced by the illusion that the emailis from your bank or another bank. When a person readsthe email he/she is informed of a problem with he/shepersonal account or another individual wants to send theperson some of their money and deposit it directly intotheir account. The email asks for your personal accountinformation and when a person gives this informationaway, they are financing the work of a criminalStatistics: The statistics that have been obtained andreported about demonstrate the seriousness Internet crimesin the world. Just the "phishing" emails mentioned in aprevious paragraph produce one billion dollars for theirperpetrators (Dalton 1). In a FBI survey in early 2004, 90percent of the 500 companies surveyed reported a securitybreach and 80 percent of those suffered a financial loss(Fisher 22). A national statistic in 2003 stated that fourbillion dollars in credit card fraud are lost each year. Onlytwo percent of credit card transactions take place over theInternet but fifty percent of the four billion, mentionedbefore, are from the transaction online (Burden and Palmer5). All these finding are just an illustration of the misuse ofthe Internet and a reason why Internet crime has to beslowed down.Stopping the problemThe question about how to police these crimes has alreadybeen constructed, but this task is turning out to be an uphillbattle. Since the first computer crime law, the CounterfeitAccess Device and Computer Fraud and Abuse Act of1984, the government has been trying to track down andstop online criminals. The FBI has tried many programsand investigations in order to deter Internet crime, likecreating an online crime registry for employers (Metchik29). The reality is that Internet criminals are rarely caught.One reason is that hackers will use one computer in onecountry to hack another computer in another country.Another eluding technique used is the changing of theemails, which are involved in virus attacks and “phishing”emails so that a pattern cannot be recognized. Anindividual can do their best to protect themselves simplyby being cautious and careful. Internet users need to watchsuspicious emails, use unique passwords, and run antivirus and anti-spyware software. Do not open any email orrun programs from unknown sources.further misuse using the existing accounts like changingthe address so that bill does not reach to victim's place andcriminal can enjoy shopping and purchases online throughthe credit cards the thief runs up.True Name Theft, the thief by using the personalinformation of the victim opens new accounts. In this thethief can open new credit card, cellular phones number,check books of the existing account and may misuse all.Online facilities of banking and credit cards called netbaking has made things very easy for these sort of thefts,where only passwords or codes are the keys to do anythingand real verification has no role to play as such.1.5 Advantages of Cyber LawsThe IT Act 2000 attempts to change outdated laws andprovides ways to deal with cyber crimes. We need suchlaws so that people can perform purchase transactions overthe Net through credit cards without fear of misuse. TheAct offers the much-needed legal framework so thatinformation is not denied legal effect, validity orenforceability, solely on the ground that it is in the form ofelectronic records.In view of the growth in transactions and communicationscarried out through electronic records, the Act seeks toempower government departments to accept filing,creating and retention of official documents in the digitalformat. The Act has also proposed a legal framework forthe authentication and origin of electronic records /communications through digital signature.* From the perspective of e-commerce in India, the IT Act2000 and its provisions contain many positive aspects.Firstly, the implications of these provisions for the ebusinesses would be that email would now be a valid andlegal form of communication in our country that can beduly produced and approved in a court of law.The most serious consequence is that crime is often doneby identity theft experts who perform their task verymeticulously and thus the charge of crime comes onvictim, whose identity has been theft. There are two broadtypes to Identity Theft* Companies shall now be able to carry out electroniccommerce using the legal infrastructure provided by theAct.* Digital signatures have been given legal validity andsanction in the Act.* The Act throws open the doors for the entry of corporatecompanies in the business of being Certifying Authoritiesfor issuing Digital Signatures Certificates.* The Act now allows Government to issue notification onthe web thus heralding e-governance.* The Act enables the companies to file any form,application or any other document with any office,authority, body or agency owned or controlled by theappropriate Government in electronic form by means ofsuch electronic form as may be prescribed by theappropriate Government. Account Takeover True Name TheftAccount Takeover is a kind of situation where the criminaluses the information which he has stolen in order to havethe access of victim's existing accounts. Then there may be* The IT Act also addresses the important issues ofsecurity, which are so critical to the success of electronictransactions. The Act has given a legal definition to theconcept of secure digital signatures that would be requiredto have been passed through a system of a securityPage 126
A Case Study on Cyber Crime In India K.Sridharan et.al.,procedure, as stipulated by the Government at a later date.* Under the IT Act, 2000, it shall now be possible forcorporate to have a statutory remedy in case if anyonebreaks into their computer systems or network and causeloss.2. Cyber Crime in IndiaCyber crimes are increasing in India and we do not have arobust cyber law and cyber crime investigationinfrastructure in India. Incidences like e-mail cracking,abuse at facebook, misuse of G-mail id, intellectualproperty thefts, etc have significantly increased in Indiadue to absence of a techno legal framework.So far Indian government had failed to ensure both themodernization of police force of India and formulation ofregulations and guidelines for effective investigation ofcyber crimes in India. Further, Indian government has yetto formulate a cyber crimes prevention strategy of India.Although the National Cyber Security Policy 2013 of Indiahas been formulated yet it has not been implemented inIndia so far. As a result the cyber security in India is still inan abysmal state.2.1 Cyber Crimes Investigation Training In IndiaCyber crimes have significantly increased in India. Thetrends in this regard are not very promising. For instance,the cyber law, cyber security and cyber forensics trends inthe year 2013 have showed poor performance of Indiangovernment in these fields. This position has not changedin 2014 as well. For instance, the cyber forensics trends ofIndia 2014 still show inability of India to deal with cyberforensics related issues. India is also clinging to outdatedlaws like cyber law and telegraphs law and is not investingeffectively in the field of intelligence agencies and lawenforcement technology for India.In the absence of scientific approach towards digitalevidence and cyber crime investigation, there are very fewcyber crimes convictions in India. In fact, the SupremeCourt of India is hearing many Public Interest Litigations(PILs) in this regard. In one such PIL the Supreme Court ofIndia has issued notice to centre to seek its views in thisregard. The Supreme Court has sought response from thecentre on a PIL seeking its direction to the government toframe regulations and guidelines for effective investigationof cyber crimes in India.Realizing the seriousness of the situation, Indiangovernment has announced to formulate a cyber crimesprevention strategy of India. Cyber crimes investigation,however, requires sound techno legal expertise. Skillsdevelopment through online training and skillsdevelopment courses in urgently required for Indian lawenforcement agencies. Cyber crimes investigation trainingin India is one such skills development activity that mustbe imparted to make law enforcement agencies of Indiamodern and upto date.Page 127Modernization of police force of India requires not onlybasic knowledge of information and communicationtechnology (ICT) but also practical trainings in the areaslike cyber law, cyber crimes investigation, cyber forensics,etc. Cyber crimes investigation capabilities in India are notup to the standards. Presently, most of the police stationsand police officers find it difficult to deal with cyber lawand cyber crimes related cases. Another area where Indianeeds to work is to strengthen the cyber forensicsinvestigation capabilities. There is a dire need to developcyber forensics best practices in India as soon as possible.Police must also ensure cyber law skills development.Similarly, police in India also need to undertake cyberfrauds detection trainings so that cyber frauds can beanticipated even before they are committed.2.2 Intelligence Agencies and Law EnforcementTechnology Forums in IndiaTechnologies regarding intelligence and law enforcementagencies are not very frequently discussed. Thus, theyremain outside the mainstream media and very few worksare available that inform about these technologies.We have been discussing intelligence and law enforcementrelated technologies and projects like National CounterTerrorism Centre (NCTC) of India, Aadhaar Project ofIndia, Crime and Criminal Tracking Network and Systems(CCTNS) Project of India, Central Monitoring System(CMS) Project of India, Internet Spy System Network andTraffic Analysis System (NETRA) of India, NationalIntelligence Grid (Natgrid) Project of India, etc. Whileimplementing the intelligence and e-surveillance relatedprojects, Indian government has failed to cater theconstitutionalrequirementslike Parliamentaryoversight, privacy and civil liberties protections, balancingnational security and civil liberties protection, etc.Similarly, law enforcement and intelligence agencies ofIndia are still not very comfortable with techno legalissues. For instance, cyber forensics is rarely applied bythese agencies and our police are not well versed in cybercrime investigations. Modernization of police force ofIndia is urgently needed where police personnel must betrained in various techno legal issues. Cyber security issuesare also not managed properly by these agencies.Cyber security in India is not in a good shape as reflectedby the cyber security trends of India 2013 .Criticalinfrastructure protection in India is still not taken seriouslyby Indian government. It has been suggestedthat NTRO should protect the critical ICT infrastructuresof India.The National Cyber Security Policy of India 2013 (NCSP2013) was drafted in the year 2013. However, NCSP 2013itself is suffering from many serious drawbacks. Theseinclude lack of privacy protection, absence of integrationwith the National Security Policy of India, absence of civilliberties protection in cyberspace, absence of balance
A Case Study on Cyber Crime In India K.Sridharan et.al.,between civil liberties and national security requirements,non implementation of the policy, etc.Indian government has also proposed setting upof National Cyber Coordination Centre (NCCC) of India in2012. However, till 2014 it has not been established thoughsome interest in this regard has been shown recently by theNarendra Modi government. This seems to be thecontinuance of Congress government’s commitmentto expedite establishment of NCCC in India.2.3 Cyber crime in TamilnaduIn Tamil Nadu, in the year 2002, two Cyber Crime Cellswere created; one is exclusively for Chennai Police andanother at CB CID, having jurisdiction throughout Stateof Tamil Nadu. The role of this Cell is to detect, preventand investigate Cyber crimes that come under the ambitof Information Technology Act 2000 and assist the otherLaw Enforcement in the investigation of crimes in whichelements of Computer related crime exists.The cases under I.T. Act 2000 have to beinvestigated by not below the rank of Dy. Superintendentof Police. The Cyber Crime Cell is functioning in the Firstfloor, Block-3 Electronic Complex, SIDCO IndustrialEstate, Guindy, Chennai-32.Online Safety Tips What you put online will be there forever. Use a strong password (a combination of upper andlower case letters, symbols and numbers). Don’t post inappropriate or illegal content anywhereon the internet. Don’t open e-mail attachments or instant-messageattachments unless you are completely sure they donot contain viruses. Don’t click on links inside e-mails or instantmessages. Never give out personal information about yourself,your family, or your friends (such as your last name,address, phone numbers, city, the name of yourschool, photos of yourself or your family, PINnumbers for your bank, etc.).Wi- Fi Security Tips Change Default Administrator Passwords (andUsernames) of the WiFi Router. Change Password after regular interval. Position the Router or Access Point Safely. Turn Off the Network / WiFi routers if it is not inuse.Online Banking Tips Never use unprotected PCs at cyber cafes forinternet banking. Never keep your pin and cards together.Page 128 Never leave the PC unattended when using internetbanking in a public place.Register for Mobile SMS, Email Transaction Alerts.Never reply to emails asking for your password orpin.Visit banks website by typing the URL in theaddress bar.Log off and close your browser when you havefinished using internet banking.Memorize your PIN. Never carry your PIN.Report lost or stolen card immediately.10 steps that can protect you from loss Register for transaction alert s via SMS and E- Mail. If you change your mobile number, update with thebank. Reduce the limit on your credit card if you use itsparingly. Use virtul cards for online shopping. Make use of the virtual keyboard wherever possible. Instead of going to the banks website using the linkin E-Mail, type the web address directly. Memorise 3 digits CVV number at the back of thecard and scratch it out. Do not leave unwanted photocopies of essentialdocuments at the photocopier. If you lose your phone, deactivate all bankingservices linked to that number.3. Types of Cyber CrimeWhile the IT Act covers a broad area in Cyber crimes wecan be more specific and list down the types of cybercrimes one encounters. These are:1.Internet Password Thefts2.Threatening e-mails3.Cyber Stalking4.Child Abuse/ Pornography5.Economic Offences6.Credit Card Number Theft7.Denial of service attacks8.Web page Hacking9.Domain name disputes/ IPR disputes3.1 Protection of civil rights wing functionsThe important duties of PCR Cell are as follows:PCR Cell is the nodal, monitoring, coordinating andadvisory agency for the Police department, in so far as theenforcement of these Acts are concerned.1. PCR Cell takes up investigation of sensational andpublic interest cases of atrocities against SCs / STs.2. PCR Cell
1.1 Classification of Computer Crime Computer crime encompasses a broad range of activities. Generally, however, it may be divided into two categories: (1) crimes that target computers directly; (2) crimes facilitated by computer networks or devices, the primary target of which is independent of the computer network or device.
