Cyber crime 2011

INTRODUCTION Ever since the invention of computers, enhancement of technology and growth of cybercrimes have gone hand in hand. Cybercrime is a criminal activity committed on the internet. This is a broad term that describes everything from electronic cracking to denial of service attacks that cause electronic commerce sites to lose money. Computer crime encompasses a broad range of activities. Generally, however, it may be divided into two categories crimes that target computers and directly like Computer viruses ,Denial-of-service attacks Malware (malicious code) and crimes facilitated by computer networks or devices the primary target of which is independent of the computer network or device like cyber stalking, fraud and identity thefts, information warfare and phishing scams. This report intends to analyze the various aspects of cybercrimes and how privacy is damaged because of them. With reference to various cybercrime incidents that have occurred in the past, this report throws light on the origin of these crimes, their effects and confidentiality and security issues arising from them. The report concludes by listing out the purposes behind these crimes and ways to curtail the malevolence of cybercrime. It also suggests some recommendations for the same. This report has been authorized by Ms.Manisha Dixit. This report was prepared after a wide-ranging survey whose participants included the students of BITS Pilani K.K. Birla, Goa Campus and also some teachers whom we interviewed. The survey was based on a questionnaire which consisted of numerous questions suitably covering all the aspects exploited in this report. The questionnaire has been included at the end of the report. The report consists of parts. The second last part provides the conclusions based on the facts presented in this report. Finally, the last part proposes some recommendations that can be implemented for the control of cybercrimes and maintenance of privacy in the future.

Cyber crime 2011

A BRIEF HISTORY In the early decades of modern information technology (IT), computer crimes were largely committed by individual disgruntled and dishonest employees .Criminals often used authorized access to subvert security systems as they modified data for financial gain or destroyed data for revenge .Early attacks on telecommunications systems in the 1960s led to subversion of the longdistance phone systems for amusement and for theft of services. As telecommunications technology spread throughout the IT world, hobbyists with criminal tendencies learned to penetrate systems and networks. Programmers in the 1980s began writing malicious software, including selfreplicating programs, to interfere with personal computers. As the Internet increased access to increasing numbers of systems worldwide, criminals used unauthorized access to poorly protected systems for vandalism, political action and financial gain. As the 1990s progressed, financial crime using penetration and subversion of computer systems increased. The types of malware shifted during the 1990s, taking advantage of new vulnerabilities and dying out as operating systems were strengthened, only to succumb to new attack vectors. Illegitimate applications of e-mail grew rapidly from the mid-1990s onward, generating torrents of unsolicited commercial and fraudulent e-mail. Time bombs are a subclass of logic bombs which explode at a certain time.According to a National Security Council employee, the United States government authorized insertion of a time bomb in control software that they knew would be stolen from US sources by the Soviet government to control the Trans-Siberian natural gas pipeline. The result was the most monumental non-nuclear explosion and fire ever seen from space, said Thomas C. Reed(p.35). The infamous Jerusalem virus (also known as the Friday the 13th virus) of 1988 was a time bomb. It duplicated itself every Friday and on the 13th of the month, causing system slowdown; however, on every Friday the 13th after May 13, 1988, it also corrupted all available disks on the infected systems. The most significant malware development of the 1990s was the release in July 1995 of the worlds first widely-distributed macro-language virus. The macro.conceptvirus made its appearance in MS-WORD for Windows documents. It demonstrated how to use the macro programming language common to many Microsoft products to generate self-reproducing macros that spread from document to document. Within a few months, clearly destructive versions of this demonstration virus appeared.
2

Cyber crime 2011

TYPES OF CYBERCRIMES SPAM Spam is the use of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately.Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender. For most of internet users a spammer is a villain who is at least flooding people's e-mail boxes with unwanted, annoying and absolutely useless advertisements. Apart from that, recently spam has become very dangerous for the computer also. As a matter of fact, a file attached to an e-mail message can be simply opened from the mail client program leading to unforeseen threats. CYBER WARFARE Cyber warfare is Internet-based conflict involving politically motivated attacks on information and information systems. Government security expert Richard A. Clarke,(2008,27) in his book Cyber War, defines "cyber warfare" as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing disruption. Cyber warfare refers to politically motivated hacking to conduct sabotage and espionage. Cyber espionage is the act of obtaining secrets from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers. Sabotage refers to military activities that use computers and satellites for coordination are at risk of equipment disruption. Examples:In 1998, the United States hacked into Serbia's air defence system to compromise air traffic control and facilitate the bombing of Serbian targets. In 2009, a cyber spy network called "GhostNet" accessed confidential information belonging to both governmental and private organizations in over 100 countries around the world. GhostNet was reported to originate in China, although that country denied responsibility. OBSCENE AND OFFENSIVE CONTENT An obscenity is any statement, act or object which strongly offends the prevalent morality of the time, is a profanity, or is otherwise taboo, indecent,
3

Cyber crime 2011

abhorrent, or disgusting, or is especially inauspicious. In a legal context, the term obscenity is most often used to describe expressions of an explicitly sexual nature. The content of websites and other electronic communications may be distasteful, obscene or offensive for a variety of reasons. In some instances these communications may be illegal.One area of Internet pornography that has been the target of the strongest efforts at curtailment is child pornography. SPOOFING In simple terms spoofing is pretending to be something that you are not? It is used to gain the information like credit card numbers, passwords, personal information or the ability to carry out actions using someone else's identity. Today we have different types of spoofing like IP, Email, URL, caller Id, web and MAC spoofing. Various types are: IP (internet protocol) spoofing is an act of manipulating the headers in the transmitted messages to mask the hackers true identity so that the message could appear as though it is from a trusted source. Email spoofing is altering the header of email so that email appears to be sent from someone else. It is commonly used by spammers to hide the origin of emails and leads to problems such as misdirected bounces. URL spoofing occurs when one website appears as if it is another. Web spoofing is the act of creating a website with the intervention of misleading the readers that the website has been created by different person or organisation. MAC spoofing is a technique for changing a factory assigned MAC (Media Access Control) address of a network device on a networked device. PIRATED SOFTWARES The software privacy is the unauthorized copying of software. Most of the retail programs are licensed for use at just one computer site. By busying the software you will become licensed user rather than owner. You are allowed to make copies of the program for the backup process but if those copies have been used by any other person then that software is said to be pirated. Initially software companies tried to protect by copyrighting their softwares but it is failed due to inconvenient to the users. Some common types of software privacy include counterfeit software, OEM unbounding, soft lifting, hard disk loading, corporate software privacy and internet software privacy.
4

Cyber crime 2011

We will be surprised to know that the top most pirated softwares include antivirus programs, AutoCAD, adobe photoshop, Microsoft office etc. Due to this pirated softwares there is a loss of billions of dollars to the owners so it became a serious problem now a days. GOOGLE STALKING Initially stalking is the term commonly used to refer unwanted and obsessive attention by an individual or group to another person. Stalking behaviours are related to harassment intimidation and may include the following victim in person and/or monitoring them via internet. Google stalking comes under monitoring a person via internet .It is searching for the facts /information about someone by looking at their name ,address and other facts on the popular search website google. It can also been defined that searching for the google maps and google earth for no reason at all. Sometimes employees googled stalked their future employees in order to achieve their achievements and presence in the community. Some call it as a research and they fell that all stalkers are researches. There are some books on the google stalking called the psychology of stalking. Although it is a age phenomenon it is only recently receiving due attention. All fifty states have passed anti stalking legislation. This book Stalking crimes and victim protection, prevention, threat assessment and case management bring together in source all the researches done in this field. HACKING Network hacking is general means of gathering information about domain by using tools like Telnet, NslookUp, Ping, Tracer, Net stat etc. it also includes OS Fingerprint ,Port scanning, and Port surfing using various tools. For examplePing-it is a part of Internet Control Message Protocol which is used to Troubleshoot TCP/IP networks. So, ping is a command which allows you to check whether the host is alive or not. Password hacking is the process or recovering secret passwords from data that has been stored in or transmitted by a computer system. The common approachesareguessingofa password and hashing

Cyber crime 2011

FINDINGS
DATA ANALYSIS QUESTIONNAIRE It is seen that 60% of the people spend more than 3 hours per day on internet. This simply implies that cyber space is an important part of human life. So cyber security should be the prior concern of todays society. Range of time spend on internet
3% 17% <= 1 hour >1 and <=2 hours 60% 20% >2 and <=3 hours >3 hours

Moreover the main concern of 71% of the users is fun. While 16% of them are involved in serious business and rest 13% have academic reasons for accessing internet. Reason for accessing Internet
13% 16% 71% Fun Academics Business Aware 90%

Awareness about cybercrime

Unaware 10%

Among these 10% are unaware of cybercrimes. This shows that there is an utmost need to spread awareness about the various cyber crimes in the society. Moving on to the intensity with which each crime is committed. It is found that 85.71% of the users are victims of hacking. Besides, 68.57% of them receive spams daily. In addition to this 40% of the people come across fraud on cyber space and identity of 22.5% people is stolen. This data simply tells that cyber
6

Cyber crime 2011

crime is at its peak.

Percentage of different cyber crimes

90 80 70 60 50 40 30 20 10 0 Identity Crime Fraud Stalking Hacking Spamming

Since spamming contributes to about 68%, a detailed study was done to the response of victims. As per the survey 77% of the internet users receive spam per day. Receiving spam per day Advertisement calls per day
Once No 23% Never More than once

16%

7%

Yes 77%

77%

Besides 77% of the people receive advertising sms and call more than once. This clearly demonstrates that precious time of the service users is either spent deleting messages or avoiding such calls. Only 7% of the users are left with undisturbed daily routine. From the survey, only 54% of the people feel that hacking done by intelligence agencies like CBI, FBI, etc are justified. From there comments, it is important for such agencies to do these things in order to find the guilty. One of the persons even mentioned that Criminals dont deserve privacy. On the contrast, there are only 4% victims of bank account hacking known. This clearly

Cyber crime 2011

indicates that the protection methods used by banks are up-to-date.

Awareness about following:

Modification of videos Hacking by Intelligence Bank Account Hacking 0 10 20 30 Percentage 40 50 60

The study shows that 40.62% people commit cyber crime just to make money. This clearly shows their vicious intentions. Besides, 35.37% commit crime for fun. These are people who are bored with their lifestyle. So while giving penalties intention of the criminal should be kept in mind. Reasons for committing cybercrime
50 Percentage 40 30 20 10 0 to make money to prove Im to have fun the best to hurt people to help people to socialize

Only 10% of the cyber space users make an effort to report cyber crime and 40% of them do not feel secure while using the internet. So, only 49.5% properly know how to operate the internet. This demands spreading knowledge about cyber space. Sense of security
100 Percentage 80 60 40 20 0 Yes No Report a cyber crime Security on internet

Cyber crime 2011

INTERVIEW Ms.Manisha Dixit in her interview mentioned that young people require some counseling so that they can access internet in proper way. She even said that a line should be drawn in the way Intelligence Companies uses cyber crimes as a tool to find criminals. Besides, she pointed out the lacunas in government. Since young people are more prone to cyber crime a small interview session with some students during Waves brought forward following points: Most of the people dont use facebook and youtube with proxies so things are under control. Its very well justified for intelligence companies to use illegal methods to catch criminals as long as it is not misused. In addition to this, media should not use illegal ways for making news. There should not be invasion of privacy.

Cyber crime 2011

CASE STUDIES Crime branch cracks student password hacking case With the arrest of chairman of a private technical institute, Orissa police claimed to have made a breakthrough in the case in which the institute allegedly hacked the passwords of some candidates and changed their college preferences during e-counselling last year. It was revealed that the institute along with an internet cafe of the same locality had illegally changed the institute-preferences of six diploma candidates after hacking their passwords. The motive of the institute was to ensure that more and more students are admitted in its roll as seats of the institute were left vacant in previous years. Since most of the admissions in the state are now going to be held through ecounselling, a student should keep the password protected. Such a scam is certainly a game played with the career of the students. Such kinds of illegal tricks reflect the morals of administrative department of the institute. If they, themselves are so prone to crimes, then it clearly indicates the etiquettes of the products of the college.

10

Cyber crime 2011

CONCLUSION In the analysis of the survey it was found that about ninety percent people are aware about the cybercrimes. Particularly they are aware about the manipulation of videos and hacking by intelligence, but they lack awareness regarding bank account hacking. Besides, spamming is quite common and most of the people have faced this problem. A majority of people have also been stolen of their identity on the internet at some point of time or the other. Besides, most people believe that the major reason for committing a cybercrime is to make money illegally. Other major reasons could be to have fun, to prove oneself to be the best, to help people, to hurt people and to socialize. Constantly receiving sms or call for advertisements is another unpopular feature among most of the people. Rapid growth, change and intense competition denes the industry. As the world encounters new technology scenarios for development, the crime rates go up simultaneously. The same is the case with cybercrimes. Development and production of new softwares and internet facilities will further expose the privacy of people. Because of this, choosing the right technical foundation is critical to success. The right foundation enables software developers to produce safe and efficient softwares, while the wrong ones impede innovation. In an internet dominant world, prevention of cybercrimes is of utmost importance. Failure to do so will result in impairment of the entire system. Cybercrime has spread its wings too wide, encompassing all internet aspects ranging from spamming to theft of personal identity. This malpractice needs to be checked and this can be achieved by making people aware of the prevention techniques.

11

Cyber crime 2011

RECOMMENDATIONS Laws regarding cyber crime should be properly implemented. Lacunas in the administrative systems should be dealt with heavy penalties like suspensions, detection of salaries, etc. Education is a most vital weapon, as inculcating the right culture will create a high level of awareness among all stakeholders, seminars and workshop should be organized from time to time with emphasis on cyber safety so that the individuals will learn to keep their personal information safe and flee cybercrime. Cyber crime is information and intelligence based. Unfortunately, the criminals have the technological advantage which the fighters lack. So the countrys security intelligence agencies should be equally well equipped with information technology skills to tackle the crime. Since 35% of people commit cyber crime just for fun, so instead of taking extremely strict actions against such criminals, their energy should be utilized in positive manners like by inviting them in intelligence companies for internships. This would help them to realize that how their method of having fun is hurting others.

12

Cyber crime 2011

APPENDIX I QUESTIONNAIRE
1. How much time do you spend on internet per day? a) <= 1 hour b) >1 and <=2 hours c) >2 and <=3 hours d) >3 hours 2. What is usual reason for using internet? a) Academics b) Fun c) Business d) Other: ________ 3. Are you aware of cybercrimes? a) Yes b) No 4. Have you ever got an e-mail that you were certain of being spam? a) Yes b) No 5. Have your identity ever been stolen? a) Yes b) No 6. Have you accessed obscene content unknowingly? a) Yes b) No 7. Have you accessed obscene content willingly? a) Yes b) No 8. Do you think it is justified for intelligence companies to hack for information? a) Yes b) No 9. Comment: 10. Have you or someone you know a victim of bank account hacking? a) Yes b) No 11. How often do you receive sms or call for advertisements per day? a) Once b) More than once c) Never 12. Are you aware that youtube modifies videos for publicity? a) Yes b) No
13

Cyber crime 2011

13. Comment: 14. Why do you think people commit cyber crime? a) to have fun b) to make money c) to hurt people d) to help people e) to prove Im the best f) to socialize 15. Have you ever come across online fraud? a) Yes b) No 16. Why do you think people use pirated software? a) lack of money b) for fun c) to bring other company down d) Other: _______ 17. Have you ever come across a cyber stalker? a) Yes b) No 18. Have you ever committed a cybercrime, if yes which one? a) No b) Hacking c) Spamming d) Stealing identity e) Spoofing f) Making pirated software g) Other: 19. Have you ever reported a cybercrime? a) Yes b) No 20. Do you feel secure while operating internet? a) Yes b) No

14

Cyber crime 2011

APPENDIX II THE INTERVIEW Manisha Dixit -By Vatika and Geetanjli

Q)

Tell us something about the presentation you gave on cybercrime.

R) I gave my presentation long time back and in my presentation I talked about various kinds of cybercrime. Q) You are the IC of journalism. How far do think it is justified that intelligence companies are using hacking and all to lock into private lives of people. R) Its not at all justified but people should evolve in mechanism to do away with cyber crimes. Rules are there but have not been properly implemented. So implantation of rules should be there. Even if you take companies crimes are happening in our country. You read in news paper that MMS are made and they circulated to many people. So for that rules are there but proper implementations is still lacking. Q) Recently the oldest newspaper in England The People was banned because they tried to hack telephone lines and e-mails of the victims of some tragedy, but now-a-days all newspaper companies do that. So you think it was rightly done. R) See it all depends upon the purpose. If you r trying to uncover truth, if you are trying to find truth, then that is justified. Like children employed in factories and if I do investigative reporting and I bring the truth to the people that are alright. But if you say its like into private lives of person, there are so many reality shows were people are coming and cameras are installed for twenty four hours. And what we get to see is footage for say one hour. So people have also become exhibitionist. So you cant just blame the media,

15

Cyber crime 2011

people also want some kind of But I would say that one would draw the line between invasion of privacy and public right. Q) We are not allowed to access social network in our rooms but still it is accessible using some proxy servers. What do you think about this? R) I was not aware that you people are not allowed to use social networking sites. Is it like that? I have a question for you that why is that the administration has taken this step for banning? it is so because people are so addicted that the spoil the whole band width and the whole network setup They are totally addicted and it spoils there studies. I mean technology has lot of advantages and the way you use technology that matters. And I feel some kind of counseling should be given to you as you all are very young, some kind of counseling should be given so that you use technology in a proper way. Q) You have some measures for a common man to use the freedom of speech against cyber crime. R) What can a common man do? The common man can only approach the police. That all he or she can do. Q) But even government is a part of this system.

R) Lacuna, yeah! There is some lacuna in the laws also. So as I mentioned earlier, whatever laws are there related to cyber crime should be properly implemented and someone should take a call. Thank you.

16

Cyber crime 2011

APPENDIX III GROUP INTERVIEW 1. We are not allowed to access social network in our rooms but still it is accessible using some proxy servers. What do you think about this? 2. How far do think it is justified that intelligence companies (like FBI CBI) are using hacking and all to lock into private lives of people? 3. Do you think it is justified for media to hack telephone line for news?

17

Cyber crime 2011

REFERENCES M. E. Kabay, A Brief History of Computer Crime: An Introduction for Students, England, Norwich University Publications, 2008 Richard A. Clarke, Cyber War, TMH Publications, New Delhi, 2002

18

Cyber crime 2011

BIBLIOGRAPY Banks, M. A. Web Psychos, Stalkers and Pranksters: How to Protect Yourself in Cyberspace. Scottsdale, AZ: Coriolis Group Books. 1997 Bequai, A. Technocrimes: The Computerization of Crime and Terrorism. Lexington, MA: Lexington Book.1987 Balkin, J. et.al. Cybercrime: Digital Cops in a Networked Environment. New York: New York University Press. 2006 Ronnald,A. (2007). A Guide ToComputer Crime.An Introduction To Computer Crime and Internet Fraud. retrieved November 6, 2011, from <http://legal.practitioner.com/computer-crime/>

19