Filed Under: Media & Tech | Posted: 04/16/2009 at 6:50AM
Comments | Region: Bangladesh
WHAT IS CYBER CRIME?
Being by far the latest puzzler amongst law-enforcement agencies, Cyber crime is perhaps the most complicated problem in the cyber world. “Cyber crime may be said to be those species, of which, genus is the conventional crime, and where either the computer is an object or subject of the conduct constituting crime”. “Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime” (Duggan Pawan).
A generalized definition of cyber crime may be “unlawful acts wherein the computer is either a tool or target or both” (Nagpal R. – What is Cyber Crime?). The following activities use computers as a tool – financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail spoofing, forgery, cyber defamation, cyber stalking.
Unlawful acts such as – unauthorized access to computer/ computer system/ computer networks, theft of information contained in the electronic form, e-mail bombing, data didling, salami attacks, logic bombs, Trojan attacks, internet time thefts, web jacking, theft of computer system, physically damaging the computer system use computers as a common target.
DISTINCTION BETWEEN CONVENTIONAL AND CYBER CRIME
Allowing for no apparent border line, a scrutinizing glance shows that a thin line of demarcation does exist between conventional crimes and cyber crimes. The sine qua non for cyber crime is that, at any stage or point of the act, there should be an involvement of the virtual cyber medium.
REASONS FOR CYBER OFFENCE
“The Concept of Law” by Hart states that ‘human beings are vulnerable so rule of law is required to protect them’. Taking this in the context of cyberspace we see that computers are susceptible so rule of law is required to protect and safeguard them. The reasons for this vulnerability maybe:
Capacity to store data in comparatively small space
Easy to access
Complexity of the system
Negligence on the part of the users/developers
Loss of evidence
TYPES OF CYBER OFFENCES:
Unauthorized control/access over computer system
Commonly acknowledged as hacking, the Indian law perceives it differently. Thus, in the Act of 2000 states that the term "unauthorized access" be used as it has wider acceptability instead of the term "hacking".
This includes information stored in computer hard disks, removable storage media, etc. Theft may be either by tampering with the data physically or by altering them through a virtual medium. Take the CD Universe Credit Card Breach (January 2000) where hacker Maxim posted of over 300,000 credit card numbers under the title "The Maxus Credit Card Pipeline" by breaching CDUniverse.com.. He later demanded $100,000 from the Web site in exchange for destroying the data (http://www.pcmag.com/ article2/0,2817,2331225,00.asp)..
Since the year 2000 450 MNCs and Transnational Corporations have been at work, operating 80% of the world’s capital. A good example of this is seen in Microsoft, whose annual budget is higher than ten countries of South East Asian countries. Industrial espionage practice is that of hacking into a company’s computer system in order to obtain private information. Large corporations hire hackers to get these. According to The Daily Star Weekend Magazine (article: Cyber Terrorism, published on 17th Oct, 2003), it has been found that 90% of computer hackers are amateurs, 9.9% are Potential Professional Hackers for Hire (PPHH), and 0.1% are world class cyber criminals.
These corporate spy acts are conducted to receive information about market strategies, profit profiles, audit reports, price rates, development planning, agent lists, product formulae, and financial secrets.
This refers to sending large numbers of mail to victims, which may be to an individual or to a company or even to mail servers, thereby ultimately resulting in crashing of the system. In 2000, 20th December, 4500 emails from one individual resulted in the loss of GrameenPhone information; most of the information had gotten rearranged (The Daily Star Weekend Magazine, Cyber Terrorism, published on 17th Oct, 2003).
These attacks involve altering raw data just before a computer processes it and then changing it back after the processing is completed. The Electric Board of Dhaka, Bangladesh, faced similar problems whilst the department was being computerized.
This kind of crime is normally prevalent in financial institutions or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. For e.g., take the Ziegler case, wherein a logic bomb was introduced in the bank’s system, which automatically deducted 10 cents from every account in the bank and deposited it in a particular account (http://cybercrime. planetindia.net/frequently_used.htm).
Denial of Service Attack
This is where the victim’s computer is flooded with excessive requests, ultimately resulting in its crash. Distributed Denial of Service (DDoS) attack is also a type of denial of service attack, in which the offenders are wide in number and widespread. For E.g. Amazon (1999), Yahoo (http://abhisays. com/sofware-companies/denial-of-service-attack-on-amazon.html).
Virus / Worm Attacks
Viruses are programs which attach themselves to a computer or a file and then circulate themselves to other files and to other computers in a network. These usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional replicas of themselves and do this repeatedly till they eat up all the available space on a computer’s memory. E.g. love bug virus, which affected at least 5% of computers worldwide. The losses were accounted to be $ 10 million (http://www.wsws.org/articles/2000/ may2000/bug-m10.shtml). The world’s most famous worm was the Internet worm let loose on the Internet by Robert Morris sometime in 1988. Almost brought development of Internet to a complete halt. Again, The WANK (Worms Against Nuclear Killers) Worm (October 1989) hit NASA offices in Greenbelt, Maryland. It ran a protest banner (pictured) across system computers to cease launch of the plutonium-fueled, Jupiter-bound Galileo probe. NASA has been said to have spent up to a half of a million dollars in time and resources in cleaning up after it. The attackers are still anonymous (http://www.pcmag.com/article2/0,2817,2331225,00.asp).
These are event dependent programs. This implies that these programs are
created to do something only when a certain event (known as a trigger event) occurs. E.g. even some viruses may be termed logic bombs because they lie dormant all through the year and become active only on a particular date (like the Chernobyl virus – http://searchsecurity.techtarget.com/sDefinition/ 0,,sid14_gci511195,00.html).
Deriving from the term the ‘Trojan horse’, it stands for an unauthorized program, which passively gains control over another’s system by representing itself as an authorized program. The most common form of installing a Trojan is through e-mail. E.g. a Trojan was installed in the computer of a female film director in the U.S. whilst chatting. The cyber criminal installed it in the computer via web cam and obtained nude photographs of her with which he further harassed her (http://www.articlesbase.com/cyber-law-articles/cyber-crimes-539363.html).
Brother to the word ‘hijacking’, in these sorts of offences, the hacker gains access and control over web sites. Any form of mutilation and alteration is up to him from that point onwards. This may be done for fulfilling political objectives or for money. E.g. recently the site of MIT (Ministry of Information Technology) was hacked by the Pakistani hackers and some obscene matter was placed therein. Bombay’s crime branch’s site was also web jacked. Another case of web jacking is that of the ‘gold fish’ case. In this case the site was hacked and the information pertaining to gold fish was changed. A request for a ransom of US $ 1 million was demanded. Again, take the Ministry of Defense Satellite Hacked (February 1999) where a small group of hackers gained control of a MoD Skynet military satellite and signaled a security intrusion characterized by officials as "information warfare," in which an enemy attacks by disrupting military communications. The hackers managed to reprogram the control system before being discovered.
Done via emails, this is similar to harassment through letters.
Cyber stalking involves following a person’s movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc.
Most networks have `broadcast” technology, meaning every message that a
computer on the network transmits can be read by any other computer on that network. However, many computers can be programmed to looked at every message. Hackers use this technology to scan and traverse a network looking for passwords (http://cng.seas.rochester.edu/CNG/docs/Security/ node8.html).
Dissemination of Obscene Material/ Indecent Exposure/ Pornography (of children) / Polluting through Indecent Exposure
Pornography Time Statistics
Every sec – $3,075.64 is being spent on pornography
Every sec – 28,258 Internet users are viewing pornography
Every sec – 372 Internet users type adult search terms into search engines
Every 39 mins: a new pornographic video is being created in the U.S.
Taking a variety of forms, pornography over the internet can range from the hosting of web sites containing these prohibited materials to the use of computers for producing these obscene materials, along with downloading obscene materials through the Internet. These may cause harm to the mind of the adolescent and tend to deprave or corrupt their minds. In Susan Sridhar’s article ‘Protecting Children in Cyberspace’ published in Media Asia, AMIC Journal, Vol. 28, No. 3, 2001, she states that in 2003 there were 260 million porn sites, and 20% to 25% cyber offenders use 10-18 yrs old girls’ pictures.
It is an abusive attack on a person’s character or good name. Cyber defamation is not different from conventional defamation except the involvement of a virtual medium.
A spoofed e-mail is one which misrepresents its origin; it shows a different origin. Recently spoofed mails were sent on the name of Mr. Na.Vijayashankar (naavi.org), which contained viruses. Rajesh Maniar, a graduate student at Purdue University in Indiana, was arrested for threatening to detonate a nuclear device in the college campus (http://www.highbeam.com/doc/1P1-72543412.html).
Intellectual Property Crimes / Distribution of Pirated Software
Any unlawful act by which the owner is deprived, completely or partially of his rights, is known as an offence. The common form of IPR violation may be said to be software piracy, copyright infringement, trademark and service mark violation, theft of computer source code, etc.
Cyber Terrorism against Government Organizations
Cyber terrorism is a global concern which has domestic as well as international consequences. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate emails, attacks on sensitive computer networks, etc. Technology savvy terrorists are using 512-bit encryption, which is next to impossible to decrypt.
Fraud & Cheating
Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. It may assume different forms. Some of the cases of online fraud and cheating that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc.
The Penal Code, 1860 (Act No. XLV of 1860)
The Information and Communication Technology Act, 2006
Boham and Haley (2002)
Kumar Vinod – Winning the Battle against Cyber Crime
Kapoor G.V. – Byte by Byte
Mehta Dewang- Role of Police In Tackling Internet Crimes
Duggal Pawan – The Internet: Legal Dimensions
Monjur Kader: Criminology (Cyber Crime)
Sponsored Link: It is important to use the proper web security practices to ensure protection of private information.