CYBER CRIMES

&
CYBER LAWS

…
 CONTENTS
§WHY LEARN ABOUT CYBER CRIME?
§DEFINING CYBER CRIME
§TYPES OF CYBER CRIMES
§PREVENTIVE MEASURES
§CYBERLAWS
§

§ 2

§
§
WHAT IS CYBER CRIME ?


"unlawful acts wherein the



computer is either a tool or a

target or both".


3
WHY LEARN ABOUT CYBER CRIME?
Because: –


 – Everybody is using COMPUTERS.

 – From white collar criminals to terrorist
organizations and from teenagers to adults.
 – Conventional crimes like Forgery, extortion,
kidnapping etc. are being committed with the
help of computers.
 – New generation is growing up with computers.
 – MOST IMPORTANT - Monetary transactions are
moving on to the IINTERNET.
4

WHAT IS COMPUTER CRIME?

Defining Cyber Crime



Defined, as "acts that are punishable by the

Information Technology Act" would be
unsuitable as the Indian Penal Code also
covers many cyber crimes, such as email
spoofing and cyber defamation, sending
threatening emails etc. A simple yet sturdy
definition of cyber crime would be "unlawful
acts wherein the computer is either a tool
or a target or both".

5
COMPUTER CRIME is any crime where –
• Computer is a target.

• Computer is a tool of crime

• Computer is incidental to crime

6
SO HOW ARE CRIMINALS
COMMITTING THE CRIMES?
Tools of the Trade


§ Wireless networking technology

§ Password Crackers
§ Network Scanning software
§ Illegitimate Websites (fake URLs),
§ SPAM


7
WHAT ARE GENERAL REASONS, FOR
HACKING, BY CYBER-CRIMINALS?
§ Gathering Trophies (quest to become famous)
§ General Mischief
§ Financial Gain
§ Revenge
§ Protest
§ Criminal activity
§ Identity Theft
§ Forging Documents and Messages


8
PROFILE OF CYBER CRIMINAL

§ Disgruntled employees.
§ Teenagers.
§ Political Hacktivist.
§ Professional Hackers.
§ Business Rival.
§ Ex-Boy Friend.
§ Divorced Husband. etc


9
The World's Most Famous
Hackers
 Vladimir Levin

 Johan Helsingius

 Kevin Mitnick

 Robert Morris

 Dennis Ritchie and Ken Thompson

10
 WHAT ARE GENERAL REASONS,
FOR HACKING, BY CYBER-
CRIMINALS?
 Gathering Trophies (quest to become
famous)
 General Mischief
 Financial Gain
 Revenge
 Protest
 Criminal activity
 Identity Theft
 Forging Documents and Messages
11
PROFILE OF CYBER CRIMINAL
 Disgruntled employees..

 Teenagers..

 Political Hacktivist.

 Professional Hackers..

 Business Rival..

 Ex-Boy Friend..

 Divorced Husband.. etc



12
 TYPES OF CYBER CRIME

 HACKING
 DENIAL OF SERVICE
 NET EXTORTION
 PHISHING
ATTACK
 SPOOFING
 VIRUS DISSEMINATION
 CYBER STALKING
 SOFTWARE PIRACY
 CYBER
 IRC CRIME
 DEFAMATION
 CREDIT CARD FRAUD
 THREATENING

13
 SALAMI ATTACK


HACKING

 Hacking in simple terms means illegal

intrusion into a computer system without
the permission of the computer
owner/user.


14
 WHO IS A HACKER?

A hacker is someone who breaks into computers



sometimes to read private e-mails and other files.



15
DENIAL OF SERVICE ATTACK

This is an act by the criminal, who floods the



bandwidth of the victim's network or fill's his e-

mail box with spam mail depriving him of the
services he is entitled to access or provide


16
VIRUS DISSEMINATION

Malicious software that attaches itself to other

software.


(virus, worms, Trojan Horse, Time bomb,

Logic Bomb, Rabbit and Bacterium are the
malicious software's)

17
SOFTWARE PIRACY
ØTheft of software through the illegal
copying of genuine programs or the
counterfeiting and distribution of products
intended to pass for the original.
ØRetail revenue losses worldwide are ever
increasing due to this crime.
Can be done in various ways-

 End user copying, Hard disk loading,

Counterfeiting,
 Illegal downloads from the internet etc.

18
IRC CRIME
 Internet Relay Chat (IRC) servers have chat
rooms in which people from anywhere the
world can come together and chat with
each other
 Criminals use it for meeting coconspirators.
 Hackers use it for discussing their exploits /
sharing the techniques
 Pedophiles use chat rooms to allure small
children
 Cyber Stalking - In order to harass a woman
her telephone number is given to others
as if she wants to befriend males

19
CREDIT CARD FRAUD
 Thisis done by duplicating the credit
card of the victim.

Credit Card Skimmer Credit Card Writer

20
Card Skimmer over the original
card slot – Replicates the card

21
Pamphlet holder attached with
camera – Gets the victims pin
code

22
Hidden Camera
 NET EXTORTION
 Copying the company’s confidential data in order
to extort said company for huge amount.
 For e.g. :
 Crypto virology :
 It’sa virus that ciphers or encrypts the data in a
computer

23
 PHISHING
 It is technique of pulling out confidential
information from the bank/financial institutional
account holders by deceptive means
 Phishing methods :
 E-mails that redirects to a deceptive website
 Deceptive website resembles the victims
financial institutional website

24
Phishing website Original Login in page

Deceptive Login in page

25
SPOOFING
Getting one computer on a network to pretend


to have the identity off another computer,

usually one with special access privileges , so as
to obtain access to the other computers on the
network.


OR


It is a situation in which one person or program



successfully impersonate as another by

falsifying data and thereby gaining an illicit
advantage.
 26


E-MAIL SPOOFING


 A spoofed email is one that appears to

originate from one source but actually has
been sent from another source


 Its also known as “E-Mail Forging”

27
CYBER STALKING
 Is the use of the Internet or other electronic
means to Stalk or harass an individual, a group
of individuals, or an organization. It may include
false accusations, monitoring, making threats,
identity theft, damage to data or equipment, the
solicitation of minors for sex, or gathering
information in order to harass.

28
CYBER DEFAMATION
 Criminal publishing defamatory matter about
victim on a websites
 OR
 Sending e-mail containing defamatory
information to all of that victim’s friends


 E.g. :
displeased employee may do this against


boss, ex-boys friend against girl, divorced

husband against wife etc
29
 SALAMI ATTACK

 In such crime criminal makes insignificant

changes are made in such a manner that
it would go unnoticed
 Such attacks occur during the deduction of
commissions in financial institutions
 For e.g. : Criminal makes such program
that deducts small amount like Rs. 2.50
per month from the account of all the
customer of the Bank and deposit the
same in his account. In this case no
account holder will approach the bank for 30
such small amount but criminal gains
huge amount.
 SALE OF ILLEGAL ARTICLES


 Sale of narcotics, weapons and wildlife with

the help of internet


 Posting information on websites, bulletin

boards or simply by using e-mail
communications

31
 PREVENTIVE MEASURES
Preventive steps for children:-
 Should not give information such as Name, Home

Address, School Name or Telephone number in

a chat room.
 Should not give photographs to anyone on the
net.
 Should not respond to messages, which are
suggestive, obscene, belligerent or threatening
 Should not arrange a face-to –face meeting
32
without telling parents or guardians
 PREVENTIVE MEASURES
Preventive steps for Parents:-
 should use content filtering software on PC to

protect children from pornography,

gambling, hate speech, drugs and alcohol.
 Install software to establish time controls for
use of limpets
 allowing parents to see which site item
children have visited
33
 General Information:-
 Dont delete harmful communications (emails,
chats etc.). They will provide vital information
about system and address of the person
behind these.
 If you feel any immediate physical danger,
contact your local police.
 Avoid getting into huge arguments online
during chat and discussions with other users.
 Be extremely careful about how you share
personal information about yourself online
 Be extremely cautious about meeting online
introduced person. If you choose to meet, do
so in a public place along with a friend.
 Save all communications for evidence. Do not
34
edit it in any way. Also, keep a record of your
contacts and inform Law Enforcement
Preventive Steps For Organizations and Governments:-
 Physical Security

 Implement Access Control Systems

 Use Of Password

 Finding the Holes in Network

 Using Network Scanning Program ( E.g. UNIX,

COPS-computer oracle and password system)

 Using Intrusion Alert Program

 Using Encryption 35
 Remember: People such as computer

hackers and pirates who hurt others

through computer technology are not

"cool." They are breaking the law

36
Cyber Laws

37
Hierarchy
Law

04/24/11 Cyber Law

Cr.P.C:
Criminal I.P.C.: Indian Evidence
Penal Act
Procedure Code
Court

I.T. Act 2000

38
 CYBERLAW INDIA

04/24/11 Cyber Law

 Laws relating to computer,internet and
 e-commerce


 Mr.Pavan Duggal,President CYBER LAW-India




39
IT Amendment Acts

04/24/11 Cyber Law



 The Information Technology Act, 2000 is the

Mother Legislation that deals with issues
related to use of computers, computer
systems , computer networks and the
Internet.
 Information Technology Amendment Bill, 2006

 Information technology amendment act, 2008



40
Contd…

04/24/11 Cyber Law

Ø The new amendments have added “identity
theft”and “phishing” as cybercrimes .


Ø Have also covered “breach of privacy”,

 “ child pornography” as specific offences

41
Offences
 Offence under IT Acts

04/24/11 Cyber Law

 Tampering with Computer source
documents
 Hacking with Computer systems, Data
alteration
 Publishing obscene information
 Un-authorised access to protected system
 Breach of Confidentiality and Privacy
 Publishing false digital signature
certificates



42
Sections in Law & Penalties
Section 43 : of the act reads: “If any person without

04/24/11 Cyber Law



permission of the owner ”

a) ACCESS to such computer
b) DOWNLOAD, COPIES, or EXTRACTS any data from such computer
c) Introduces COMPUTER VIRUS so as to contaminate the system
d) DAMAGES such computer network
e) CAUSES DISRUPTION to such computer system
f) DENY the user to access
g) CHANGES ACCOUNT SETTINGS


Punishment:
 He shall be liable to pay damages by the way of compensation
 not exceeding One crore to person so affected….
 43
 Section 66
Hacking with Computer System

04/24/11 Cyber Law

 (1) If Information residing in a computer
resources get :
Ø Destroyed
Ø Deleted
Ø Altered
Ø Diminished in value or utility
Ø Affected Injuriously


Punishment:
Punishment
 3 yrs. Or Fine up to 2 lac for hacking.


Ø 44
 Section 67

04/24/11 Cyber Law

 Section 67 of the Act reads: “Whoever
publishes or transmitted in the electronic
form any material which contains sexually
explicit acts or conduct :
 Fine of ten lakhrupees as punishment on first
conviction
 In the event of second or subsequent
conviction
 Imprisonment of either description for a term
which may extend to seven years and also
with fine which may extend to ten lakh
rupees.”

45
 If the same thing is repeated imprisonment of
10 yrs.
 Section 65

04/24/11 Cyber Law

Tampering with computer source
document:


 Punishment:
Offences are punishable with
imprisonment up to 3 yrs. And / or fine
up to Rs. 2 lakh

46
 Section 69

04/24/11 Cyber Law

 Deals with the Interception, monitoring
or decryption of any information in the
interest of the sovereignty, integrity,
Security or defense of India, friendly
relations with the foreign states etc.
 Punishment:
2 lakh and /or jail not exceeding 5 yrs.

47
Some other Sections…
 Section 72: “Violation of the privacy policy”---Fine
up to 5 lakh, jail not extending 2 yrs.

04/24/11 Cyber Law


 Section 502A: “Publishing, Transmitting images of
the private area of a person without his or her
consent”---2yrs./2 lakh.

 Section 419A: “Cheating by any communication
device or computer resource” --- 5yrs.

 Section 417A: “Identity Theft”--- 2yrs.

48
Conclusions

04/24/11 Cyber Law

Ø The new amendments have strengthened the
hands of the nation by increasing the reach
of the powers of interception of the
Government.
Ø Generate awareness & orientation about the
compliance requirements of Indian Cyber
Law


Sensitize people about :



vThe level of compliances of their

respective organizations pertaining to
Indian Cyber Law. 49
Ø