What constitutes a cybercrime in the country ?

Expanation Harmful acts committed from or against a computer or

network Illegal computer-mediated activities that can be conducted

through global electronic networks Unlawful acts wherein the computer is either a tool or target or

both Online or Internet-based illegal acts

History The first recorded cybercrime took place in the year 1820 In 1820, Joseph-Marie Jacquard, a textile manufacturer in

France, produced the loom This device allowed the repetition of a series of steps in the

weaving of special fabrics This resulted in a fear amongst Jacquard's employees that

their traditional employment and livelihood were being threatened

Cont… The employees committed acts of sabotage to discourage

Jacquard from further use of the new technology.This is the first recorded cyber crime!

The first spam email took place in 1978 when it was sent over the Arpanet

The first VIRUS was installed on an Apple computer in 1982

Type of Cyber Crime HACKING VIRUS DISSEMINATION CYBER THEFT SOFTWARE PIRACY

E-MAIL BOMBS LOGIC BOMBS

INTERNET FRAUD CYBER TERRORISM PASSWORD TRAFFICKING IDENTITY THEFT CRADIT CARD FRAUD

HACKING Activity is commonly referred as unauthorized access to

computer systems or network without the permission of the computer owner/user

Hackers write or use ready-made computer programs to attack the target computer

Computer hacking includes breaking into a computer with the intent to steal, damage, modify or monitor data or settings within the system

VIRUS ATTACKS Malicious software that attaches itself to other software Circulate themselves to other files and to other computers on

a network Affect the data on a computer, either by altering or deleting it

CYBER THEFT In such crime criminal makes insignificant changes in such a

manner that such changes would go unnoticed Criminals makes such program thatdeducts small amount

like Rs. 2.50 per month from the account of all the customer of the bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount

SOFTWARE PIRACY

Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original

Copying and using computer programs in violation of copyrights and trade secret laws

Retail revenue losses worldwide are ever increasing due to this crime

E-MAIL BOMBS It refers to sending large numbers of mail to the victim, which

may be an individual or a company by ultimately resulting into crashing.

E-mail "bombing" is characterized by abusers repeatedly sending an identical email message to a particular address

LOGIC BOMBS Programs are created to do something only when a certain

event (known as a trigger event) occurs Secretly attaches another program to a company’s computer

system Even some viruses may be termed logic bombs because they

lie dormant all through the year and become active only on a particular date.

INTERNET FRAUD Any type of fraud scheme that uses one or more components

of the internet such as chat rooms, e-mail, message boards, or Web sites - to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to other connected with the scheme

CYBER TERRORISM It is the actual use of computers and Internet technology to

cause intimidation and destruction

uses the Internet or network to destroy or damage computers for political reasons

Cyber terrorist could hack into a pharmaceutical company’s computers, changing the formula of some essential medication and causing thousands to die

PASSWORD TRAFFICKING Misuse and illegal selling of other people’s passwords Break a company’s password and misuse the password or

sale that password to another company or an individual

IDENTITY THEFT Identity theft occurs when somebody steals a personal name

and other personal information for fraudulent purposes Identity theft is a form of identity crime where somebody uses

a false identity to commit a crime It involves stealing victims’ personal information and

credentials, often to make purchasesCREDIT CARD FRAUD

You simply have to type credit card number into www page of the vendor for online transaction

If electronic transaction are not secured the credit card numbers can be stolen by the hackers who can misuse this card by impersonating the credit card owner

Characteristics of Computer Crime Silent in Nature Global in character Nonexistence of Physical Evidence Creates high Impact Gain Benefit

Silent in Nature Computer crime could be committed in privacy without

reaching to scene of crime physically i.e. no eye witnesses. There is no signs of physical violence or struggle

Global in character

No national borders. By sitting comfortably far away from the country the entire economy of the country could be destroyed. As digital evidences are fragile in nature one has to respond quickly

Nonexistence of Physical Evidence No physical evidence to indicate that crime has been

committed. Only on a closer look the trained person could find out the evidences which are not in the traditional format but are in digital format

Creates high Impact Impact is severe and may be long term. It can damage the

victim system permanently. Loss of good willGain Benefit

A software developer who did not get enough money or good job would turn to criminal world for their survival. Therefore, the computer crimes have a potential to increase. Hence organized mafia may enter into this sector

CLASSIFICATION OF CYBER CRIME Computer as Target Computer as Tool Computer as incidental to Offence

Computer as Target Crimes which compromise the confidentiality of a system,

resulting in theft of services or the release of viruses A computer virus is a self-replicating computer program

written to alter the way a computer operates, without the permission or knowledge of the user

Example: Hacking/cracking, computer trespass

Computer as Tool Crimes migrated from the physical world into cyberspace such

as child pornography, fraud, illegal online sales This category include such crimes were either computers or

their contents bare used in furtherance of crime or those offences which are committed by manipulating contents of

computer systems Example: sending e-mails, credit card frauds

telecommunication frauds, identity theft

Computer as incidental to Offence Computer used to facilitate or execute a crime such as the

storing of child pornography or illicit drug records This category includes conventional crimes, and with the

advent of computer the criminal have started using the technology as an aid for its perpetuation

Example: Aid for drug trafficking, money laundering, child pornography etc.

Hacker’s Profile “Hackers” is a term that is currently used to identify individuals

who break into computers Hackers can be any age, creed or nationality Hackers have gained a negative image due to their exploits

in the past few years Hackers may commit their criminal activity for excitement, the

challenge or monetary reasons

Hackers tend to be young males who have extremely high intelligence and curiosity

There has been an increase in the number of females that have acquired the skills to break into computer systems

Cyber Crime Methodology The process is based on their experience acquired through

attempting to break into, and subsequently breaking into computer systems

What this provides law enforcement is a Modus Operandi (MO) with patterns that prosecutors and police can use to

build their case Law enforcement officials should establish databases on the

MO of cyber criminals in their sectors

Cyber criminals will typically need to use a computer network that is difficult if not impossible to identify

This is done to make it difficult for law enforcement to identify the perpetrator of the cyber crime

Cyber criminals will “hack” into a victim computer or will use cyber café’s to commit their illegal activity

Process of Hacking Hackers will initially conduct intelligence gathering during the

first phase of their illegal activity They want to learn network range, extranet connections, etc Hackers next conduct network discovery to identify the

number and operating systems of the target victim’s computer network

Hackers will also conduct host enumeration in order to identify vulnerabilities that exist of the system

The computer’s vulnerabilities will then be exploited by the criminal

Cyber criminals will also install password crackers on the network. These “crackers” will allow them to “break” the passwords of the authorized users

Once the network has been compromised, cyber criminals will usually install “sniffers” that allow them to capture user id/passwords and other sensitive information

Hackers may use steganography in order to hide important data from law enforcement personnel

Steganography is very easy to use with automated software

Computer Forensics Computer forensic is evidence produced by a computer which

is supported, conclusive (convincing), and sufficient to be

accepted by the court Computer forensics is the discipline of acquiring, preserving,

identifying and examining digital media It involves retrieving computer data in order to meet standards

for admissibility as evidence in legal proceedings Computer forensic data recovery is the basis for seizure of

evidence in all computer-based investigationsWhy we use Computer Forensics

Imagine the following You didn’t recognize critical evidence or information You could not locate vital data You could not use any documents or records You accidentally destroyed evidence You now needed to resolve an allegation or an issue

Where is the Evidence? Removable Media: Floppy Disk; Zip Disk Hard Drive: IDE; SCSI CDROM Magnetic Tape Electronic Organizers

Examination of Evidence Reliability of evidence Adherence to accepted protocols and practices Use of proven / accepted software Ability to testify as to methods and results of analysis Trained and certified computer forensics examiners Proper training is crucial for testimonial purposes

Exploitation of Evidence Requires Separating pertinent evidence from non-pertinent

There then must be an evaluation of the evidence for criticality and usability in judicial environment

There must always be a documentation of actions taken by the examiner

Cyber Crime Legal Approaches Governments have passed a variety of laws to address the

increase of computer crimes The first computer crime statutes were passed in 1986 Local and regional areas have also passed laws to address

cyber crime at their level Local and regional laws generally mirror the national laws

Large Nation Response to Cyber Crime One nation created a Computer Crime & Intellectual Property

Section (CCIPS) to formulate policy on computer crime CCIPS is responsible for issuing country-wide guidelines on

the search and seizure of digital data Each individual Attorney General’s Office has a specially

trained prosecutor that is responsible for the prosecution of crimes where a computer is utilized

Computer crime legislation The Computer Misuse Act (1990) The Data Protection Act (1998) Information Technology Act, 2000

Protect your P. C. Use the latest version of anti-virus Use the latest version of the operating system Don’t open e-mail attachments unless you know the source Confirm the site you are doing business with Create passwords containing atleast 8 digits Use different passwords for different websites Send credit card information only to secure sites Use a security program that gives you control over "Cookies"

that send information back to websites

Safety Tips to Cyber Crime Use antivirus software’s insert firewalls uninstall unnecessary software maintain backup check security settings Stay anonymous - choose a genderless screen name Never give your full name or address to strangers Learn ‘inetiquette' - follow it and expect it from others Don't respond to harassing or negative messages (flames) Get out of uncomfortable or hostile situations quickly Save offending messages Learn more about Internet privacy

Prevent Cyber Crime Spam Blocker Anti-Virus Software Firewall Protection Caution in providing personal information Secure shoping Avoidence of Scam

Some Antivirus Softwares Avast Free Antivirus AVG Free Antivirus Avira AntiVir Personal Kaspersky Antivirus Mcafee Antivirus Symantec Norton Antivirus Quick Heal Antivirus

SEMINAR REPORT

ONWhat constitutes a cyber-crime in the country?

By

Jitendra Katara

10EUDCS043

ASEMINAR REPORT

ONWhat constitutes a cyber-crime in the country?

Submitted inPartial Fulfillment for the Award of the

Degree ofBachelor of Technology

INComputer Engineering

Session: 2013-14

Submitted To: Submitted By:Asst.Prof. Shritosh Kumar Jitendra Katara

VIII & CS-A

Department of Computer Science and EngineeringJECRC UDML College of Engineering

Opp. Hotel Shiv Vilas, “Achrol 10 km” Milestone, KukasJaipur-Delhi Road, Jaipur-302028