CYBER CRIME

Cybercrime, also called computer crime, the use of a computer as an instrument to further
illegal ends, such as committing fraud, trafficking in child pornography
and intellectual property, stealing identities, or violating privacy. All those activities existed
before the “cyber” prefix became ubiquitous. Cybercrime, especially through the Internet, has
grown in importance as the computer has become central to commerce, entertainment, and
government. In other words, known as HACKING. Hacking is a term used to describe the
activity of modifying a product or procedure to alter its normal function, or to fix a problem. The
term purportedly originated in the 1960s, when it was used to describe the activities of certain
MIT model train enthusiasts who modified the operation of their model trains. They discovered
ways to change certain functions without re-engineering the entire device. Technically, there is
no appropriate definition for HACKING but according to the experts, ‘Unauthorized Access’ is
the best explanation when it is related to cybercrime.
Because of the early and widespread adoption of computers and the Internet in the United States,
most of the earliest victims and villains of cybercrime were Americans. By the 21st century,
though, hardly a hamlet remained anywhere in the world that had not been touched by
cybercrime of one sort or another.
What distinguishes cybercrime from traditional criminal activity? Obviously, one difference is
the use of the computer. Although the attacks do not take place on a physical body, they do take
place on the personal or corporate virtual body, which is the set of informational attributes that
define people and institutions on the Internet. In other words, in the digital age our virtual
identities are essential elements of everyday life: ‘we are a bundle of numbers and identifiers in
multiple computer databases owned by governments and corporations.’1
Computer crime, or cybercrime in India has been evolving rapidly. The Information
Technology Act, 2000 passed by the Parliament of India in May 2000, had aimed to curb
cybercrimes and to provide a legal framework for e-commerce transactions.[1] [2] In
2001, India and United States had set up an India-US cyber security forum as part of a counter-
terrorism dialogue
Cyber crime is a criminal activity that is done with the criminal intention either (a) using internet
or (b) targeting internet or computer devices or communication devices.

TYPES OF CYBER CRIME

• Cybercrime against person
• Cybercrime against property
• Cyber crime against government / firm / company/ group of individuals
• Cybercrime against society

1. 2 Majid Yar, Cybercrime and society 5-10 (SAGE publications, 2006)

Cyber Attacks-
The malicious association with hacking became evident in the 1970s when early computerized
phone systems became a target. Technologically savvy individuals, called “phreakers”
discovered the correct codes and tones that would result in free long-distance service. They were
hackers in every sense of the word, using their resourcefulness to modify hardware and software
to steal long distance telephone time. One of the very first and effective computer virus was the
MORRIS WORM virus, created by Robert Morris, a Cornell University student. This worm
damaged more than 6,000 computers and resulted in estimated damages of $98 million. More
incidents began to follow in a viable, steady stream.
Types of cyber-attacks: - When a criminal is trying to hack an organization, they won't re-invent
the wheel unless they absolutely have to: They'll draw upon a common arsenal of attacks that are
known to be highly effective. Here’s an overview of some of the most common types of attacks
seen today.2
• Phishing Attacks
• SQL Injection Attacks (SQLi)
• Cross-Site Scripting (XSS)
• Man-in-the-Middle (MITM) Attacks
• Malware Attacks
• Denial-of-Service Attacks

Few of the most notorious cyber-attacks in history: -

1. Mafia Boy- 15-year-old that caused mischief in cyber space was Michael Calce a.k.a.
Mafia Boy. In 2000, Calce, now 25, was just a Canadian high school student when
decided to unleash a DDoS attack on a number of high-profile commercial websites
including Amazon, CNN, eBay and Yahoo!. An industry expert estimated the attacks
resulted in a $US1.2 billion-dollar damage bill.
2. Jonathan James hacks NASA and US Defense Department (1999)-James had managed to
penetrate the computers of a US Department of Defense division and installed a
‘backdoor’ on its servers. This allowed him to intercept thousands of internal emails from
different government organizations including ones containing usernames and passwords
for various military computers. Using the stolen information, James was able to steal a
piece of NASA software which cost the space exploration agency $41,000 as systems
were shut down for three weeks.
According to NASA, “the software [purported to be worth $1.7 million

2. Martin Gitlin, Margaret J. Goldstein , Cyber attack 55- 61 ( Lerner publishing group , 2015)
 3. WannaCry Ransomware – This is a kind of Malware Attack, usually launched to gain
some ransom for decrypting data of an organization. The attack was launched on Friday
12 May 2017 and quickly spread to more than 200,000 systems around the
world. Infected machines will see the malware demand a payment of up to $600 to
decrypt the files. But by that time hospitals, doctor’s surgeries and accident and
emergency wards in the UK had been affected by the attack and some were even
reportedly turning patients away.
4. Sony PlayStation (2011)- The Sony PlayStation attack happened when the company’s
PlayStation Network (PSN) was hit with a hack that accessed 77 million accounts. The
data breach forced Sony to shut down the PSN for 23 days. The hack was a distributed
denial-of-service attack and was engineered by hacktivist group Anonymous.
5. Iran’s nuclear program (2007)- The attack on Iranian nuclear facilities was meant to
compromise nuclear material. The sophisticated malware used in the attack was known as
Stuxnet. It was originally created by Israel and the U.S. The program was continued and
carried out by secret orders from President Barack Obama, when Iran was still setting up
its uranium enrichment facility.

Agenda Behind Cybercrime

Exploring the motives behind the recent cyber-attacks is the key to prevention, but ultimately
companies must disable or patch the root cause of this issue to avoid future attacks. Law
enforcement often seeks to answer a common question: What was the motive? This is typically
to point the investigators to the why, which can help to uncover more information or evidence to
support the case and help find the criminals. Similarly, finding the why, or motive, behind your
adversary’s actions can help you better understand what they are after and how to protect those
assets from an attack. Take the following motives as an example:
1. Financial: Can the adversary make money directly (via an attack) or indirectly (by selling
malware or ransomware as a service)? Are there competitors who may want to destabilize
your company?
2. Ideological: Your adversary may want to harm your reputation, deny services to your
customers, or sabotage your systems to further their propaganda or eliminate perceived
threats to the environment, for example, this could also include frustrated ex-employees.
3. Political: Can the adversary benefit from knowing your next move or most intimate
secrets as an organization? Do you claim that you have impenetrable defenses? If so, you
might be motivating an attacker to find a way to break through it.
 4. Prestige and Curiosity: Does the adversary want to say they compromised your
organization just because? Do you have such an interesting technological footprint that it
is enticing to an attacker?
There are many alternatives that make sense – in the world of hacking the most intelligent way to
get away with a crime is distraction, while the real crime happens elsewhere. If this is not a
distraction, then the only remaining motive is terrorism and to put fear into the world of the huge
potential impact that cyber-attacks can have.

Cyber Law
Cyber laws are meant to set the definite pattern, some rules and guidelines that defined certain
business activities going on through internet legal and certain illegal and hence punishable. The
IT Act 2000, the cyber law of India, gives the legal framework so that information is not denied
legal effect, validity or enforceability, solely on the ground that it is in the form of electronic
records.
One cannot regard government as complete failure in shielding numerous e-commerce activities
on the firm basis of which this industry has got to its skies, but then the law cannot be regarded
as free from ambiguities.3

Significance of Cyber Security

Cybersecurity is the body of technologies, processes and practices designed to protect networks,
computers, programs and data from attack, damage or unauthorized access. In a computing
context, security includes both cybersecurity and physical security. One of the most problematic
elements of cybersecurity is the quickly and constantly evolving nature of security risks. The
traditional approach has been to focus most resources on the most crucial system components
and protect against the biggest known threats, which necessitated leaving some less important
system components undefended and some less dangerous risks not protected against. In other
words:
“The threat is advancing quicker than we can keep up with it. The threat changes faster than
our idea of the risk. It's no longer possible to write a large white paper about the risk to a
particular system. You would be rewriting the white paper constantly..."
Even if you’re not an IT security professional, it’s still important that you not only are aware of
the risks and threats you might face in cyberspace, but that you also take steps to protect yourself
and your data. The Department of Homeland Security (DHS) recommends that you take
the following measures to keep yourself safe:
➢ Don’t give out personal information over the phone or via email unless you’re absolutely
sure of whom you’re giving it to

3. 1 Majid yar, Cybercrime and society 10 – 20 (SAGE publication, 2005)

 ➢ Keep your operating system, browser, and anti-virus software updated.
➢ opt for a password that’s difficult to crack, instead of one that’s easy to remember.
➢ Never click on links sent to you via email.
Cyber Criminals are not the only individuals responsible for increasing cyber threats.
Somewhere we are equally responsible because most of the people are aware of the above-
mentioned security measures but failed (or denied) to execute them in the real scenarios.