Introduction to Cyber Crime:
In simplest words, Cyber Crime is the unauthorized access and damage to the human beings or the nation in any form by means of computer and other electronic devices. This definition has been further extended and updated by the laws enforcement body and agency of every nation in different ways. The amendment on the existing Laws are made depending upon the depth of understandings on possibilities of cyber crimes plus other computer related crimes and advancements in technology by the concerned agency keeping interests and political system of the nations in mind.
In today’s world almost every one is using Computer and the usage varies from user to user and from nation to nation. It is used in almost every public and commercial establishment; some of these users are from school and colleges, some of them belong to office and other public establishments. They belong to white color criminals to terrorist organizations, teenagers to adults and old group of people. There are globally 2 billion active Internet users and out of these more than 200 million are only India. There is threat of wrong use of computer and other electronics devices in committing any sort of harm to human being and society. They have potential of being used on conventional crime like kidnapping, forgery and extortion and illegal monetary transaction with Internet enabled computers. This illegal and unauthorized access of money from any financial institutes, individuals, military and public establishments causes a great economical loss not only to an individual but to the nation too.
Analysis of past records says these criminals belong to different user profiles. Some of them are Revenge Teenagers, Political Hacktivist, Professional Hackers, Business Rivals, Divorced Husband/Wife, Ex-Boy/Girl Friends and anti-national groups. Technically, any form of Cyber Crime is a flaw in security system and protocols embedded inside the system, software, integrated hardware and other devices. These flaws are always taken as the loophole by these users to crack into the system before making the different types of the damages and losses.
Different Types of Cyber Crime:
The digitized information are accessed, modified and updated in multiple ways by different business, search and other e-commerce sites to fulfill different business needs in cyber space and the way in which each of the system works varies from one to another. Some of application encrypts data using standard encryption or sometimes using self-derived encryption but some of them may not use be using this mechanism at all to adapt it the general ecosystem of cyberspace. The nature of cyber crime will keep on increasing with the advancements and improvements on technologies and each innovation adds multiple possibilities for cyber crimes. The cyber crimes identified and notified as of now can be categorically clubbed into the headers below: –
1. Social Engineering: –
The is the latest and most vulnerable form of cyber crime where the security of private network are by passed and some harmful mails or virus are intruded into the system to make great loss of data and economy.
2. Cyber Stalking: –
The act of following the victim with distracting mails, chat and other computer/smart devices originated communication frequently, entering the chats room and sending the unnecessary messages including recorded audio and video clips and contents.
3. Electronic/Computer Espionage: –
It is an act of putting an unauthorized electronic surveillance to get the personal or business information for someone other than Law enforcement and the few legally authorized bodies. It also includes getting the information in the form of photocopy, written paper, memorized information, re-construction of similar information of copyrighted information.
4. Hacking: –
It is generic form of Cyber crime. It is an illegal intrusion into a computer system without the permission from computer owner or user.
5. Service Denial(DOS): –
Here an intruder fills the mail-box of the targeted person with spams, virus or any other self replicated programs or blocks the bandwidth of the network using some tools or programming the code to lock or block the all communication ports like http port, ftp port etc.
6. Virus Dissemination: –
The software programs those are harmful to the computer and have the power of replicating them self either on computer memory of storage devices. Virus, Worms, Trojans are example of these types of programs.
7. Pornography: –
Every nation has different type of Laws to categorize the physical exposure or level of nudity and physical activities as porn or adult rated recordings. Some nations does not treat the nudity and physical exposure as the porn at all even then there are always the chances of wrong use of internet for pornography related crimes like black bailing with recorded audio and video clips. In India, any nudity crime on cyber space and pornography is covered under the Section-67 of IT Act-2000.
8. Cyber Defamation: –
This is biggest and most happening type of Cyber Crime where personal images, reputations and respects of a person, organizations or an agency are damaged using computer, computer software and related electronic devices in any form.
This technique is used to get the user credentials and other confidentially valuable information from the banks and any other financial institutes. A false page with similar look & feel, contents and interactivity are designed to get this valuable information. ICICI Bank was one the victim of this type of Cyber Crime in past.
10. SQL Injection:-
This is an electronic injection from the web portal to an application database system to update or delete or insert the data that are supposed to be done on standard business practices and scenarios.
Taking a control of unauthorized computers from another network or another virtual private network on the network or computer on public or private clouds bypassing the all security and firewall protocols in unauthorized way. It allows doing anything on the remote computer once the access is granted illegally.
12. IRC Crime:-
IRC is easiest from of synchronous way of communication available from different social networking sites and other companies. There are great possibilities of wrong use of this communication room to discuss any form of crimes either on connected computes or outside the computers.
Cyber Crime and Economical Loss:
The loss and damage from cyber crime is huge and it is alarming threat not only to an individual but also to the organization and finally to the national economy. The global loss of revenue due to Cyber Crime is multiples of billion of dollars.
Preventive Measures and Laws:
To controls Cyber Crime there are need of two kind of measures, the first one is to prevent the Crime before they occur just like in the movie ‘The Minority Report ‘ and another one to postulate the strong framework of Laws to cover all modern and latest possibilities on wrong happening in Cyberspace.
i. User Awareness Programs:
Some of damage to the computer system can be prevented through user awareness programs. The spamware, virus or Trojans are the biggest threats to computers running on windows operating system, especially earlier versions of the O/S. It is a better practice not to open the suspicious attachment or suspicious links from unknown person or organization, which may be virus or harmful program to the computer. It is necessary to educate the teach 100 % of Internet users about this kind of simple but preventive measure through different campaigns and other possible means.
ii. Suggestions from Ethical Hackers:
The preventive measures for Cyber Crime are not simple and they are always the combination of Laws and technicality. The framework of the laws should be strong enough to support any sort of illegal or criminal activities through the mirror of the flaws in the system. The trend analysis of past crime on cyberspace says that every system is prone to cyber crimes. It is necessary to get the enough technical inputs in the time of framing the Cyber Laws to make a very strong Legal System in battling against any sort of cyberspace related crimes. These inputs can be taken from different categories peoples like Subject Mater Experts, Technical Security Expert and Solution Experts who can provide the details on security systems and futuristic suggestion, Ethical Hacker who can provide the all possible flaws that could occur in the systems and same should be taken into consideration while the framing the Cyber Laws.
Secondly, these Ethical Hackers can be placed to verify and check the any flaws in the system to make system less vulnerable to the external hackers. These flaws can be identified and corrected before hand with the help of these experts. It helps ensuring that the system is ready to take any challenge to known flaws on the system in coming days.
Strong Legal Framework:
Cyber Crime may occur anywhere in the cyberspace and the complexity keeps on increasing as the number of search engines, sites, advertisement and sales tools etc. grows along with business or economical growth. In my personal opinion, the areas or fields given below are in need of having strong Legal Framework and Legal clauses for control and curve the crimes: –
i. Social Networking Sites:
Social Networking Sites, Enterprise Social Site Educational Networking Sites are the great communication option available in cyberspace and they are used for personal, education, healthcare, services and management, banking and finance, NGO, police, public and civil authorities. They are the great revolutions and innovations in technologies and business concepts. There are needs of having a strong framework of Laws to safeguard the genuine users and it can be made possible through the latest amendment on IT acts and Laws. The IT Acts/Laws postulated in early 2000 may not enough not cover today’s crimes and illegal activities carried out using the latest technology and computer related aids.
At global level, a hot discussion is going on whether an employer should ask for the users credentials of as employee at any circumstance or not. Social Networking is the personal and social part of a user and his asset owned by the user on cyberspace; everything inside a SNS becomes the proprietary assets of user under any social framework. It has to be analyzed and considered with serious note about the post –delivery of credentials to the employer to meet the some of the security interest. When the user credentials are handed over to any third party person including an employer, 100 % ownership of everything related to the credentials gets transferred to him including the any criminal and unauthorized activities like Cyber Stalking, Terror Plot, extortion and any other form of misuse. It does not look wrong on following or viewing the social contents by employer at any point of time as he, either as a person or as an organization, is the part of the social community. Asking for the user credentials of any social and private sites is not only illegal but is inhuman in certain way and creates a great security threats too, at personal, organization and national level.
To cover this situation, it necessary to have a really updated amendments of laws to safe guard the interest of an individual and to
give the legal support for building a cyber-crime safe or free nation.
ii. Artificial Intelligence and robotics:
Every great innovation always has two aspects, one is humanitarian utilization and another one is wrong to disturb the harmony of the society and community. Robots are one of the great innovations made by human being. It is being used on business, home, healthcare and medicine, education and research, agriculture and horticulture for betternes of human life and lifestyle. In coming, they will be used everywhere like Fashion and Jewelry, Retail shop, Pubs and Bars, self-intelligent blending mechanism (Perfumes, Cocktails etc) etc. It is already being used to share the emotion with human being and to create the virtual feeling of love, romance, togetherness and other emotion related feeling like touch.
These widespread usage of automated devices with ability of getting connected private and public networks of computers or grid of computers requires a Legal Framework to prosecute any crime and crimes.
iii. Cloud Security:
When something is thrown on open space, there is risk of having security concern and similar is the case with cloud computing. No doubt, every cloud vendors has provided the enough security model or mechanism for Private, Public and Hybrid Cloud but it is necessary to know what flaws may occur in security areas and availability of Laws and Legal Framework enough to control or prosecute the crimes and unauthorized usage of any private of business information on or from the cloud platforms.
The data security on mobile has become the greatest concern for an individual and any laws enforcement agency and its (mobile operations) involvement on cyber crime can be very high due to its portable nature and similar is the case with any other hand held devices like iPad and Tablets. There is a need of strong and flexible laws to safeguard the mobile vendors, users and the security interest of the nation. From analytical point of view the crime made through different categories of devices are different not only in nature but also in the ways of execution. Satellite works on different protocol and mechanism than commercialized standard phones or other hand held devices. Interception and wrong usage of satellite-based communication is more complex than the same thing through other massively commercialized communication devices like phone, pager, tablets, and iPad.
iv. VOIP Protocol:
VOIP is the next generation voice communication protocol and it has great advantages while using communication tool in business, personal and private life, education and research etc. and it is nothing wrong on legalizing 100% usage of VOIP(Voice Over Internet Protocol) to any sort of legally authorized usages. But, still there is a great need of very complex system and legal framework to control the misuse by anti-social elements and other group of users. The communication could be encrypted one and non-encrypted one depending on its implementation by different VOIP service vendors and action-takers.
- CCIC, Crime Branch, Mumbai
- Cyber Crimes , Charles Doyle