Evaluation Of Cybercrime Growth And Its Challenges As Per ... · The website was hosted on a different server which comparatively had lesser security. 4. Growth of Cybercrime in India

3120

www.ijifr.com Copyright © IJIFR 2015

Survey Paper

International Journal of Informative & Futuristic Research ISSN (Online): 2347-1697

Volume 2 Issue 9 May 2015

Abstract

Cybercrime refers to any crime that involves a computer, network or any public or

private systems. It can generally defined as a criminal activity in which information

technology systems are the means used for the commission of the crime .The use of

computers, mobiles and Internet in routine activities such as shopping, banking and

social media has developed a rapid growth in cybercrime and Kerala is in 5th

position in cybercrime in India. This paper reviews details of growth of cybercrime

and mode of crime, which would be an eye-opener for computer users, stakeholders

and policy makers for better Cyber security tools and also updating the IT policies of

State and national level.

1. Introduction

Information Technology has grown tremendously during the last two decades and became the main

source of knowledge and as a result, cyber-crime in India are on the rise .The major attacks are on

ICT infrastructure, online fraud, child pornography, hacking and Cracking and intellectual property

rights violation etc. Cybercrimes also poses a great threat to the national security of all countries,

and sometimes leads to a great loss in financial stability. Norton’s Cyber Crime Report 2011 reveals

that India loses approximately INR 34110 corers annually due to cyber related crimes [3]. India's

prominent role in the IT global market has become one of the compelling priorities for the country to

provide secure computing environment, adequate trust and confidence in electronic transactions by

creation of suitable cyber security policy in the country. The IT policies of India requires constant

updation and also provide awareness about various types of cyber-attack and its consequences in

individual, organizations, Industry and nationwide.

Evaluation Of Cybercrime Growth And

Its Challenges As Per Indian Scenario Paper ID IJIFR/ V2/ E9/ 024 Page No. 3120-3128 Research Area Cybercrime

Key Words Cybercrime, Internet Technologies, Cyber Security Tools, Hackers, India’s

Cybercrime Statistics, Kerala Figures, Threats & Challenges

Shaji. N. Raj

Assistant Professor & Research Scholar

Department of Computer Science

Sahodaran Ayyappan Smaraka S N D P Yogam College,

Konni-Kerala

3121

ISSN (Online): 2347-1697 International Journal of Informative & Futuristic Research (IJIFR)

Volume - 2, Issue - 9, May 2015 21st Edition, Page No: 3120-3128

Shaji. N. Raj :: Evaluation Of Cybercrime Growth And Its Challenges As Per Indian Scenario

2. Types Of Cyber Crime

i. Cyber Stalking/Online harassment: When a victim is repeatedly and persistently followed

and pursued online by e-mail or other electronic communication by offenders that may

negatively impact a victim's livelihood, well-being, and mental or emotional state.

ii. Cyber Bullying: Acts of harassment, embarrassment, taunting, insulting or threatening

behavior towards a victim by using internet, e-mail or other electronic communication

device.

iii. Hacking: It is an electronic intrusion, or gaining access to resources like computer, e-mail or

social networking accounts such as Face book, Gmail, and Hotmail etc. via a computer or

network resource without permission.

iv. Identity Theft: When someone appropriates personal information without his or her

knowledge to commit theft or fraud.

v. Computer Fraud: Computer or Internet fraud is any type of fraud scheme that uses one or

more components of the Internet-such as chat rooms, e-mail, message boards, or Web sites

to present fraudulent transactions or to transmit the proceeds of fraud to financial institutions

or to others.

vi. Credit/Debit Card Fraud: It is the unauthorized use of a credit/debit card to fraudulently

obtain money or property. Credit/debit card numbers can be stolen from unsecured web

sites, or can be obtained in an identity theft scheme.

vii. Spoofing: It is a technique whereby a fraudster pretends to be someone else email or web

site. This is typically done by copying the web content of a legitimate web site to the

fraudsters newly created fraudulent web site.

viii. Phishing: It refers to the scheme whereby the perpetrators use the spoofed web sites in an

attempt to dope the victim into divulging sensitive information, such as passwords, credit

card and bank account numbers. The victim, usually via email is provided with a hyperlink

that directs hi/her to a fraudster's web site. This fraudulent web site's name closely resembles

the true name of the legitimate business.

ix. Denial of Service: A denial of service attack is a targeted effort to disrupt a legitimate user

of a Service from having access to the service. Offenders can limit or prevent access to

services by overloading the available resources, changing the configuration of the service's

data, or physically destroying the available connections to the information

x. Spam: It is the distribution of bulk e-mail that offers recipients deals on products or services.

xi. Malicious Programs/Viruses: Viruses and malicious programs can potentially impact a

massive amount of individuals and resources. These programs are intended to cause

electronic resources to function abnormally and may impact legitimate users access to

computer resources.

xii. Cyber terrorism: It is the adaptation of terrorism to computer resources, whose purpose is to

cause fear in its victims by attacking electronic resources.

xiii. Online Child Pornography: Online child pornography is defined by paedophiles using

computer resources to distribute illegal media of and to minors, as well as engaging in

actions to sexually exploit children. Unwanted exposure to sexually explicit material: When

a criminal sends pictures, videos, sound clips cartoons or animations depicting sexual

contents by e-mail or any other electronic means. This would include audio or video chat

using web camera etc.

3122




3. Recent Cyber Crimes in India

In January 2013, two residents of Chandigarh received credit card bills for shopping done in

Mumbai and Hyderabad. The money was deducted from their accounts before they could even

approach the bank. People are losing money by making payments at petrol pumps in Chandigarh

city. Nearly 55cases of skimming have been reported from petrol pumps in Chandigarh over the last

six months. In these cases, miscreants cloned the cards and shopped at faraway places such as

Mumbai and Hyderabad. The scam is worth lakhs [8].

In April, 2012, a gang of fraudsters were arrested in Hyderabad for skimming and cloning credit and

debit cards using a complex modus operandi of hacking international IP addresses, internet

hawala,and spying and electronic data theft. The racket came to light in May 2011 when people who

visited two malls complained that huge amounts were withdrawn from their accounts. The gang

succeeded in skimming off 4 to 5 core INR from unsuspecting credit and debit card holders across

the country— from Hyderabad to Delhi, Kolkata to Bangalore. They used 15 point of sale

(electronic draft capture) skimming machines, one ATM data skimming machine, ATM dome

cameras, electronic magnetic writers, card printers and ATM pin pad skimmer machines and even

placed spy cameras at ATMs which picked up the PINs of users.[4]

In 2013, the customer data of a reputed private insurance company was stolen by three people and

used for negative publicity of the company, its policies and schemes. These individuals were owners

of a rival company and indulged in corporate espionage. They breached the Information and

Technology Act and section 379 of the Indian Penal Code for omitting theft of customer data. [3]

Cyber Crime Investigation Cell, C.B.,C.I.D., Mumbai had detected a racket wherein

educated cyber criminals have adopted the innovative way of E-Cheating by using the details of

stolen Credit Cards. One financial Institute registered a crime stating that some persons

(“perpetrators”) have perpetrated certain acts through misleading emails ostensibly emanating from

ICICI Bank’s email ID. Such acts have been perpetrated with intent to defraud the Customers.The

Investigation was carried out with help of those emails received by the customers of that financial

Institute and arrested the accused, the place of offence at Vijayawada was searched for the

evidence. The arrested accused had used open source code email application software for sending

spam emails. He has down loaded the same software from net and then used it as it is. He used

only VSNL emails to spam the email to customers of financial Institute because VSNL email service

provider do not have spam box to block the unsolicited emails. The financial Institute customers

those who have received his email felt that the email was originated from the financial Institute

bank. When they filled the confidential information and submitted that time said information was

directed to accused. This was possible because the dynamic link was given in the Home page of the

fake web site. The dynamic link means when people click on the link provided in spamming email

that time only the link will be activated. The dynamic link was coded by handling the Internet

Explorer Onclick () event and the information of the form will be submitted to the web server

(Where the fake web site is hosted). Then server will send he data to configured email address and in

this case email configured was to the accused email .So on submission of the confidential

information the information was directed to email ID accused email .The all the information after

phishing (user name, password, Transaction password, Debit card Number and PIN, mother’s

3123




maiden name which he had received through Wi-Fi internet connectivity of Reliance.com which was

available on his Acer Lap Top.

Mumbai police have arrested a hacker for hacking into a financial website. Although the hacker

couldn’t break into the main server of the financial institution, which was well secured by the

financial institution. The accused person could make some addition to the home page of the financial

website and has added a string of text to the news module of the home page of the website. Police

were able to crack the case by following the trace left by the hacker on the web server of the

financial institution. The financial institution has maintained a separate server for financial online

transactions, for which utmost security has been taken by the financial institution. The website was

hosted on a different server which comparatively had lesser security.

4. Growth of Cybercrime in India

As per the information reported to and tracked by Indian Computer Response Team (CERT-In), a

total number of 308, 371 and 78 government websites were hacked during the years 2011, 2012 and

2013 respectively a written reply to the Lok Sabha. It has been observed that attackers are

compromising computer systems located in different parts of the world and use masquerading

techniques and hidden servers to hide the identity of actual system from which the attacks are being

launched. It is difficult to attribute the origin of cyber-attacks.

4.1: Recent Years Cyber Crime statistics as per Indian Scenario

Table 1: The statistics on cybercrimes in India (National Crime record Bureau) in year wise[11]

S.No. Type of crime 2010 2011 2012 2013

1. Tampering computer source documents 64 94 161 137

2.

Hacking with computer system

i) Loss/damage to computer resource/utility

ii) ii)Hacking

346 826 1,440 1,966

164 157 435 550

3. Obscene publication/transmission in electronic form 328 496 589 1203

4.

a.

b.

Failure

i) Of compliance/orders of certifying authority

ii) To assist in decrypting the information intercepted

by govt. agency Un-authorized access/attempt to

2

0

6

3

6

3

13

6

5. Access to protected computer system 3 5 3 27

6.

Obtaining license or digital signature certificate by

misrepresentation/suppression of fact

9

6

6

12

7. Publishing false digital signature Certificate 2 3 1 4

8. Fraud digital signature certificate 3 12 10 71

9. Breach of confidentiality/privacy 15 26 46 93

10. Others 30 157 176 274

Total 966 1,791 2,876 4,356

According to National crime Bureau the total case registered under IT act 2000 was 966 in 2010 and

1791 in 2011, 2876 in 2012 and 4356 in 2013. A total of 4,356 cases were registered under IT Act

3124




Maharashtra Andrapradesh Karanadaka Uttarpradesh kerala

2012(Total 2876) 471 429 412 205 269

2013(Total 4356) 681 635 513 372 349

471 429 412

205 269

681 635

513

372 349

0

100

200

300

400

500

600

700

800

2012(Total 2876),

Maharashtra, 471

2012(Total 2876),

Andrapradesh, 429

2012(Total 2876),

Karanadaka, 412

2012(Total 2876),

Uttarpradesh, 205

2012(Total 2876), kerala,

269

2013(Total 4356),

Maharashtra, 681

2013(Total 4356),

Andrapradesh, 635

2013(Total 4356),

Karanadaka, 513 2013(Total

4356), Uttarpradesh,

372

2013(Total 4356), kerala,

349 2012(Total 2876)

2013(Total 4356)

Series1, 2010, 966

Series1, 2011, 1791

Series1, 2012, 2876

Series1, 2013, 4356

Series1, 2010, 966

Series1, 2011, 1791

Series1, 2012, 2876

Series1, 2013, 4356

during the year 2013 as compared to 2,876 cases during the previous year (2012), thus showing an

increase of 51.5% in 2013 over 2012.

Figure 1: Year Wise statistics

4.2: The state wise cybercrime of top five Indian states

Table 2: The statistics on cybercrimes in top five states in India

State 2012 (Total 2876) 2013 (Total 4356)

Maharashtra 471 681

Andrapradesh 429 635

Karanadaka 412 513

Uttarpradesh 205 372

Kerala 269 349

When state wise observations was carried out Maharashtra state was on first place where 471 cases

was registered followed by Andhra Pradesh (429), Karnataka(412), Kerala(269) and Uttar

Pradesh(205) cases was registered.[4] in 2012.In 2013 681 out of 4,356 cases were reported from

Maharashtra followed by Andhra Pradesh (635 cases), Karnataka (513 cases), Uttar Pradesh (372

cases) and Kerala (349 cases).

Figure 2: Year wise analysis of cybercrime in top five states

10%

18%

29%

43%

Year wise statistics

2010 2011 2012 2013

3125




Hacking has been one of the most commonly used methods of cyber-attack. According to a National

Crime Records Bureau (NCRB), there has been a tremendous rise in the number of hacking

incidents reported in India. The number of hacking cases registered under the IT Act increased from

510 in 2010 to 983 in 2011. The table below shows the total number of websites defaced/hacked

during the last five years (Source: Standing Committee on information technology (2013-2014)

Fifteenth LokSabha, February 2014).

Table 3: Ttotal number of websites defaced/hacked during the last five years

Attack 2008 2009 2010 2011 2012 2013(Up to June)

Websites

defaced/hacked

6310 12161 20701 21699 27605 12693

Government websites

effaced/hacked

90 201 303 308 371 78

5. Challenges

While analyzing the trends for the top risks that affect Corporate India, it emerges that the risks of

'Corruption, Bribery and Corporate Frauds', 'Strikes, Closures & Unrest', 'Political & Governance

Instability',' Crime' and 'Information & Cyber Insecurity' remain the top five risks. There are

some variations in perception of risks in some industries due to the typical nature of work. The risk

of information insecurity in India has risen with an exponential rise in cyber-attacks/crimes in 2013.

A total number of 308,371 websites, of which 78 belonged to the Indian government, were hacked

between 2011 and 2013 . As per the findings of the Computer Emergency Response Team (CERT),

12,693 websites were defaced and hacked in the second quarter of 2013 [10].

In 2013, India witnessed an 11 per cent increase in ransom ware and identity theft followed by a 9

per cent increase in phishing attacks. While 56 per cent internet users reportedly experienced some

form of online bullying, online stalking, online hate crimes or other forms of online harassment, 63

per cent of Smartphone users in India have experienced some form of mobile cybercrime. Just like

2012, India, in 2013, has been ranked among the world's top five countries for highest number of

cybercrimes. The average cost per cybercrime victim increased from USD 192 in 2012 to 25 USD

207 in 2013.

The year 2013 also saw the emergence of the power of social media and its ill effects in the form of

online rumours. The Muzaffarnagar riots in 2013 and Bangalore cyber terror attack in 2012, which

led to mass exodus and displacement of thousands, have showed that social media can be easily

misused. The trend of online gaming and online trading in virtual currencies like Bitcoins has gained

ground in 2013 without any legislative and regulatory sanctions.

6. Cybercrime in Kerala

Kerala is 5th

position in cybercrime. Kerala among top 5 states with highest

cybercrimes .There has been a discerning rise in the number of cybercrimes that were reported in the

country in 2012 compared with the cases in 2011. "As per the statistics of the National Crime

Records Bureau, 2,876 cybercrimes were registered in 2012, an increase of 60.6%.

While IT has empowered individuals, it has also thrown up new challenges in cyber policing. The

growth of internet usage is probably highest in India and we registered a 50% increase in internet

usage over the last 16 months. By 2017, we would go up from 165 million internet users

to350million.In 2013, the city police received almost 45 complaints of cybercrimes every month.

3126




But surprisingly, only about 10% of them were registered as victims were mostly reluctant to lodge

an FIR.

The chart below shows the year wise details of cyber related crime in Kerala. Mobile related crimes

are very high in every year. But there is a rapid growth in crime related to social media network and

web hacking.

Table 4: Head wise Statistics of Hi-Tech Crime Enquiry Cell 2007-2013

Sl. No Subject 2007 2008 2009 2010 2011 2012 2013 *

1 Email Abuse 10 22 42 65 71 88 98

2 Email Threatening 13 5 6 4 3 6 8

3 Hacking 8 27 51 107 73 123 145

4 Mobile Phone Loss / Theft 303 976 2281 2574 1857 2004 2234

5 Online Cheating / Scams 13 18 37 28 46 56 70

6 Through social network 25 39 39 39 94 125 167

7 Phone Abuse 105 217 611 1005 936 1200 1234

8 Phone Information / CDR

Analysis

97 545 670 556 532 600 732

9 Website Related 10 33 51 62 86 90 121

Total 584 1882 3788 4440 3698 4292 4809

The chart below shows the types of crime and the percentage in the year 2013.From where phone

related crime are 52% and web hacking only the 1% compare to other types of crime. But the

website related to crime are 2% .At the same time abuse throug social networks are 4% of the total

crime. Most of the cybercrime are mobile phone related and email abuse and web related crime.

Figure 3: Types of crime and the percentage in the year 2013

3127




Figure 5: percentage of crime in 2007-2013

Figure 6 : Growth of cybercrime 2007-2013

The chart given above shows the year wise analysis of growth of cybercrime .The growth of

cybercrime is very high in Kerala. Lowest crime rate is at the year 2007 and highest at year 2013.But

in 2010 the crime rate is 19% and at the same time 2011 is 16%.There is a fall in cybercrime rate in

2011.From the above chart there is a rapid increase in cyber related to crime in Kerala.

7. Conclusion

The growth of cybercrime is very high in India. The proper education about cybercrime and

preventive measures are needed to reduce cybercrime. Here we are representing the cybercrimes

cases occurred during the2010 to 2013 and find out the results which is continuously increase the

cybercrimes cases every year.Web related crimes are in an increasing manner. Most of them use

3128




built in software to do the crime. Similar way 80% of students below 20 not knows about IT Act.

Proper education of IT Act is also needed for decreasing the crime rate in India. It is strongly state

that cybercrime investigation and law enforcement is the largest challenge in the area of

investigation. The main challenge of the cybercrime is the availability of readymade hacking tools

that are used for different types of cyber related to crime.

References

[1] Shrivastav et al., International Journal of Advanced Research in Computer Science and Software

Engineering 3(7),July - 2013, pp. 414-4192013

[2] Rupinder Pal KaurInternational Journal Of Engineering And Computer Science ISSN:2319-

7242Volume2 Issue 8 August, 2013 Page No. 2555-2559

[3] Rajib Singla. 2013. “Cyber crimes against India: Increasing in leaps and bounds”. 21

November.http://blogs.quickheal.com/wp/cyber-crimes-against-india-increasing-in-leaps-and-bounds.

[4] K. Sreedevi. 2013. “India in top five in cyber crimes”. Deccan Chronicle. 23

October.http://www.deccanchronicle.com/131023/news-current-affairs/article/india-top-five-cyber-

crimes.

[5] Ryan Huang. 2013. “India to set up portal with US to check cybercrime”. ZDNet. 23

December.http://www.zdnet.com/in/india-to-set-up-portal-with-us-to-check-cybercrime-7000024593.

[6] http://cybercellmumbai.gov.in/

[7] ]http://www.keralapolice.org/newsite/ccps.html

[8] ]http://timesofindia.indiatimes.com/topic/cyber-crime

[9] “Open Web Application Security Project”, “Top Web application vulnerabilities for 2010”,

http://www.owasp.org/index.php/

[10] http://www.ficci.com/SEdocument/20276/report-India-Risk-Survey-2014.pdf

[11] National crime records bureau.(NCRB).

[12] http://ncrb.gov.in/

Documents

Evaluation Of Cybercrime Growth And Its Challenges As Per ... · The website was hosted on a different server which comparatively had lesser security. 4. Growth of Cybercrime in India