Cyber Crime In India

The advancement of technology has made man dependent on the Internet for all his needs. The Internet has given easy access to everything while sitting in one place. Social networking, online shopping, storing data, gaming, online studying, online jobs, every possible thing that man can think of can be done through the medium of the internet. The Internet is used in almost every sphere. The development of the internet and its related benefits also developed the concept of cyber crimes. Cyber crimes are committed in different forms. A few years back, there was a lack of awareness about the crimes that could be committed through the Internet. In the matters of cyber crimes, India is also not far behind the other countries where the rate of incidence of cyber crimes is also increasing day by day.

In a report published by the National Crime Records Bureau report (NCRB 2011), the incidence of cyber crimes under the IT Act increased by 85.4% in the year 2011 as compared to 2010 in India, whereas the increase in the incidence of the crime under IPC is by 18.5% as compared to the year 2010. Visakhapatnam records the maximum number of incidences of cases. Maharashtra has emerged as the center of cybercrime with a maximum number of incidences of registered cases under cyber crimes. Hacking with computer systems and obscene publications were the main cases under IT Act for cyber crimes. Maximum offenders arrested for cyber crimes were in the age group 18-30 years. 563 people in the age group 18-30 years were arrested in the year 2010 which had increased to 883 in the year 2011.

WHAT ARE CYBER CRIMES

Cyber crimes can be defined as unlawful acts where the computer is used either as a tool or a target or both.  The term is a general term that covers crimes like phishing, credit card fraud, bank robbery, illegal downloading, industrial espionage, child pornography, kidnapping children via chat rooms, scams, cyber terrorism, creation and/or distribution of viruses, Spam, and so on.

Cybercrime is a broad term that is used to define criminal activity in which computers or computer networks are a tool, a target, or a place of criminal activity and include everything from electronic cracking to denial of service attacks. It also covers the traditional crimes in which computers or networks are used to enable illicit activity.

DIFFERENT TYPES OF CYBER CRIMES

Cyber Crimes can be categorized in two ways:

1. The crimes in which the computer is the target. Examples of such crimes are hacking, virus attacks, DOS attacks, etc.

2. The crime in which the computer is used as a weapon. These types of crimes include cyber terrorism, IPR violations, credit card fraud, EFT fraud, pornography, etc.

DIFFERENT KINDS OF CYBER CRIMES

The different kinds of cyber crimes are:

1. Unauthorized Access and Hacking:
Unauthorized access means any kind of access without the permission of either the rightful person in charge of the computer, computer system, or computer network. Hacking means an illegal intrusion into a computer system and/or network. Every act committed to breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as stealing credit card information, and transferring money from various bank accounts to their own accounts followed by the withdrawal of money. Government websites are the most targeted sites for hackers.

2. Web Hijacking:
Web hijacking means taking forceful control of another person’s website. In this case, the owner of the website loses control over his website and its content.

3. Pornography:
Pornography means showing sexual acts in order to cause sexual excitement. The definition of pornography also includes pornographic websites, pornographic magazines produced using computers,s and internet pornography delivered over mobile phones.

4. Child Pornography:
The Internet is being highly used as a medium to sexually abuse children. The children are viable victims of cybercrime. Computers and the Internet have become a necessity of every household, the children have got easy access to the internet. There is easy access to the pornographic content on the internet. Pedophiles lure the children by distributing pornographic material and then they try to meet them for sex or to take their nude photographs including their engagement in sexual positions. Sometimes Pedophiles contact children in the chat rooms posing as teenagers or a child of similar age and then they start becoming friendlier with them and win their confidence. Then slowly pedophiles start sexual chat to help children shed their inhibitions about sex and then call them out for personal interaction. Then starts actual exploitation of the children by offering them some money or falsely promising them good opportunities in life. The pedophiles then sexually exploit the children either by using them as sexual objects or by taking their pornographic pictures in order to sell those over the internet.

How do they operate?

1. Pedophiles use false identities to trap children/teenagers
2. Pedophiles contact children/teens in various chat rooms which are used by children/teens to interact with other children/teens.
3. Befriend the child/teen.
4. Extract personal information from the child/teen by winning his confidence.
5. Gets the e-mail address of the child/teen and starts making contact with the victim’s e-mail address.
6. Starts sending pornographic images/text to the victim including child pornographic images in order to help the child/teen shed his inhibitions so that a feeling is created in the mind of the victim that what is being fed to him is normal and that everybody does it.
7. Extract personal information from child/teen
8. At the end of it, the pedophiles set up a meeting with the child/teen out of the house and then drag him into the net to further sexually assault him or to use him as a sex object.

5. Cyber Stalking:
In general terms, stalking can be termed as repeated acts of harassment targeting the victim such as following the victim, making harassing phone calls, killing the victim’s pet, vandalizing the victim’s property, and leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harm to the victim. Cyber Stalking means repeated acts of harassment or threatening behavior of the cyber criminal towards the victim by using internet services. Both kinds of Stalkers i.e., Online & Offline – have the desire to control the victim’s life.

How do Cyber Stalkers operate?

1. They collect all personal information about the victim such as name, family background, Telephone Numbers of residence and workplace, the daily routine of the victim, address of residence and place of work, date of birth, etc. If the stalker is one of the acquaintances of the victim he can easily get this information. If the stalker is a stranger to the victim, he collects the information from the internet resources such as various profiles, the victim may have filled in while opening the chat or e-mail account or while signing an account with some website.
2. The stalker may post this information on any website related to sex services or dating services, posing as if the victim is posting this information and inviting people to call the victim on her telephone numbers to have sexual services. Stalker even uses very filthy and obscene language to invite interested persons.
3. People of all kinds from nooks and corners of the World, who come across this information, start calling the victim at her residence and/or workplace, asking for sexual services or relationships.
4. Some stalkers subscribe the e-mail account of the victim to innumerable pornographic and sex sites, because of which the victim starts receiving such kinds of unsolicited e-mails.
5. Some stalkers keep on sending repeated e-mails asking for various kinds of favors or threatening the victim.
6. In online stalking the stalker can make a third party harass the victim.
7. Follow their victim from board to board. They “hang out” on the same BBs as their victim, many times posting notes to the victim, making sure the victim is aware that he/she is being followed. Many times they will “flame” their victim (becoming argumentative, and insulting) to get their attention.
8. Stalkers will almost always make contact with their victims through email. The letters may be loving, threatening, or sexually explicit. He will many times use multiple names when contacting the victim.
9. Contact the victim via telephone. If the stalker is able to access the victim’s telephone, he will many times make calls to the victim to threaten, harass, or intimidate them.
10. Track the victim to his/her home.

6. Denial of Service Attack:
This is an attack in which the criminal floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide. This kind of attack is designed to bring the network to crash by flooding it with useless traffic. Another variation to a typical denial of service attack is known as a Distributed Denial of Service (DDoS) attack wherein the perpetrators are many and are geographically widespread. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like Viruses, new DoS attacks are constantly being dreamed up by hackers.

7. Virus attacks:
Viruses are programs that have the capability to infect other programs and make copies of themselves and spread into other programs. Programs that multiply like viruses but spread from computer to computer are called worms. These are malicious software that attach themselves to other software. Viruses, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit, and Bacterium are the malicious. Viruses usually affect the data on a computer, either by altering or deleting it. On the other hand, worms merely make functional copies of themselves and do this repeatedly till they eat up all the available.
Trojan Horse is a program that acts like something useful but does things that are quite damp. Trojans come in two parts, a Client part, and a Server part. When the victim (unknowingly) runs the server on its machine, the attacker will then use the Client to connect to the Server and start using the Trojan. TCP/IP protocol is the usual protocol type used for communications, but some functions of the Trojans use the UDP protocol as well.

8. Software Piracy:
Software piracy refers to the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original. These kinds of crimes also include copyright infringement, trademark violations, theft of computer source code, patent violations, etc.
Domain names are also trademarks and protected by ICANN’s domain dispute resolution policy and also under trademark laws. Cyber squatters register domain names identical to popular service providers’ names so as to attract their users and get benefits from them.

9. Salami attacks :
These attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case, it would go completely unnoticed. E.g. a bank employee inserts a program, into the bank’s servers, that deducts a small amount of money (say Rs. 5 a month) from the account of every customer. No account holder will probably notice this unauthorized debit, but the bank employee will make a sizable amount of money every month.

10. Phishing:
Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit cards, social security, and bank account numbers that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. By spamming large groups of people, the phisher counted on the e-mail being read by a percentage of people who actually had listed credit card numbers legitimately.

11. Sale of illegal articles:
This category of cyber crimes includes the sale of narcotics, weapons, wildlife, etc., by posting information on websites, auction websites, and bulletin boards or simply by using email communication.

12. Online gambling :
There are millions of websites; all hosted on servers abroad, that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering. Cases of hawala transactions and money laundering over the Internet have been reported.

13. Email spoofing :
Email spoofing refers to an email that appears to originate from one source but actually has been sent from another source. Email spoofing can also cause monetary damage.

14. Cyber Defamation:
When a person publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person’s friends, it is termed as cyber defamation.

15. Forgery:
Computers, printers, and scanners are used to forge counterfeit currency notes, postage, and revenue stamps, mark sheets, etc. These are made using computers, and high-quality scanners and printers.

16. Theft of information contained in electronic form :
This includes theft of information stored in computer hard disks, removable storage media, etc.

17. Email bombing :
Email bombing refers to sending a large number of emails to the victim resulting in the victim’s email account (in case of an individual) or mail servers (in case of a company or an email service provider) crashing.

18. Data diddling :
This kind of attack involves altering raw data just before it is processed by a computer and then changing it back after the processing is completed.

19. Internet time theft :
Internet time refers to usage by an unauthorized person of the Internet hours paid for by another person.

20. Theft of computer system :
This type of offense involves the theft of a computer, some part(s) of a computer, or a peripheral attached to the computer.

21. Physically damaging a computer system :
This crime is committed by physically damaging a computer or its peripherals.

22. Breach of Privacy and Confidentiality :
Privacy refers to the right of an individual/s to determine when, how and to what extent his or her personal data will be shared with others. Breach of privacy means unauthorized use or distribution or disclosure of personal information.
Confidentiality means nondisclosure of information to unauthorized or unwanted persons. In addition to Personal information some other type of information which useful for business and leakage of such information to other persons may cause damage to the business or person, such information should be protected.
Generally for protecting the secrecy of such information, parties while sharing information forms an agreement about the procedure of handling information and to not disclose such information to third parties or use it in such a way that it will be disclosed to third parties. Many times party or their employees leak such valuable information for monetary gains and causes a breach of contract of confidentiality. Special techniques such as Social Engineering are commonly used to obtain confidential information.

23. Data diddling:
Data diddling involves changing data prior to or during input into a computer. The information is changed from the way it should be entered by a person typing in the data, a virus that changes data, the programmer of the database or application, or anyone else involved in the process of having information stored in a computer file. It also includes automatically changing the financial information for some time before processing and then restoring the original information.

24. E-commerce/ Investment Frauds:
An offering that uses false or fraudulent claims to solicit investments or loans, or that provides for the purchase, use, or trade of forged or counterfeit securities. Merchandise or services that were purchased or contracted by individuals online are never delivered. The fraud is attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site. Investors are enticed to invest in this fraudulent scheme by the promises of abnormally high profits.

25. Cyber Terrorism:
Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic control, and telecommunication networks are the most likely targets. Others like police, medical, fire and rescue systems, etc.
Cyberterrorism is an attractive option for modern terrorists for several reasons.

1. It is cheaper than traditional terrorist methods.
2. Cyberterrorism is more anonymous than traditional terrorist methods.
3. The variety and number of targets are enormous.
4. Cyberterrorism can be conducted remotely, a feature that is especially appealing to terrorists.
5. Cyberterrorism has the potential to affect directly a larger number of people.

The list of offenses given above is not exhaustive and would also include any other types of offenses that would be committed through a computer or against a computer in the future.

CYBER LAWS

Cyber crimes are a new class of crimes that are increasing day by day due to the extensive use of the internet these days. To combat the crimes related to Internet The Information Technology Act, of 2000 was enacted with the prime objective to create an enabling environment for the commercial use of I.T.  The IT Act specifies the acts which have been made punishable. The Indian Penal Code, of 1860 has also been amended to take into its purview cyber crimes.

The various offenses related to the internet which have been made punishable under the IT Act and the IPC are enumerated below:

1. Cybercrimes under the IT Act :

• Tampering with Computer source documents – Sec.65
• Hacking with Computer systems, Data alteration – Sec.66
• Publishing obscene information – Sec.67
• Unauthorised access to protected system Sec.70 Breach of Confidentiality and Privacy – Sec.72
• Publishing false digital signature certificates – Sec.73

2. Cyber Crimes under IPC and Special Laws :

• Sending threatening messages by email – Sec 503 IPC
• Sending defamatory messages by email – Sec 499 IPC
• Forgery of electronic records – Sec 463 IPC
• Bogus websites, cyber frauds – Sec 420 IPC
• Email spoofing – Sec 463 IPC
• Web-Jacking – Sec. 383 IPC
• E-Mail Abuse – Sec.500 IPC

3. Cyber Crimes under the Special Acts:

• Online sale of Drugs under the Narcotic Drugs and Psychotropic Substances Act
• Online sale of Arms Arms Act

 

HOW TO FILE A COMPLAINT

The complaint regarding the commission of cybercrime can be made to the in charge of the cybercrime cells which are present almost in every city. To file a complaint alleging the commission of a cybercrime the following documents must be provided:

1. In case of hacking the following information should be provided:

1. Server Logs
2. Copy of defaced web page in soft copy as well as hard copy format, if your website is defaced
3. If data is compromised on your server or computer or any other network equipment, a soft copy of the original data and a soft copy of compromised data.
4. Access control mechanism details i.e.- who had what kind of access to the compromised system
5. List of suspects – if the victim is having any suspicion about anyone.
6. All relevant information leading to the answers to the following questions –
   • what? (what is compromised)
   • who? (who might have compromised the system)
   • when?(when the system was compromised)
   • why?(why the system might have been compromised)
   • where?(where is the impact of attack-identifying the target system from the network)
   • How many? (How many systems have been compromised by the attack)

2. In case of e-mail abuse, vulgar e-mail, etc. the following information should be provided:

1. Extract the extended headers of the offending e-mail and bring a soft copy as well a hard copy of the offending e-mail.
2. Please do not delete the offending e-mail from your e-mail box.
3. Please save the copy of the offending e-mail on your computer’s hard drive.