Upload
clubhack
View
182
Download
3
Tags:
Embed Size (px)
DESCRIPTION
Presentation by Mr. Pavan Duggal as given on 8th Aug 2014 at Infosec keynote event by ClubHack at Bangalore http://infoseckeynote.com
Citation preview
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
RETHINKING CORPORATE SECURITY –
POST SNOWDEN© of images belongs to the respective
copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
A PRESENTATION BY
PAVAN DUGGALADVOCATE, SUPREME
COURT OF INDIAPRESIDENT,
CYBERLAWS.NETPRESIDENT, CYBERLAW
ASIAHEAD, PAVAN DUGGAL
ASSOCIATES
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
SNOWDEN REVELATIONS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4SNOWDEN REVELATIONS ON BHARATIYA JANTA
PARTY (BJP)
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4CENTRAL MONITORING SYSTEM (CMS) & NETRA
PROJECT
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
ONLINE MONITORING, INTERCEPTION, BLOCKING
& SURVEILLANCE
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
BLADABINDI VIRUS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
SUPERMAN
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
STUXNET VIRUS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
I LOVE YOU VIRUS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4VODAFONE INTERCEPTION DISCLOSURE REPORT
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
PMO INDIA TWITTER HANDLE – REPRESENTING
A NEW KIND OF CYBER THREAT
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
HEARTBLEED
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
LINKEDIN HACKING
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4INDIA’S NATIONAL CYBER SECURITY POLICY 2013
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
BRING YOUR OWN DEVICE (BYOD)
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
INTERNET OF THINGS AND CYBERLAW- JAN 2014
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4ONLINE FAKE RECRUITMENT SCAMS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4IMPORTANT CASES
Agricultural equipment manufacturing company data theft case
Offensive emails to company matter
Phone defects blog caseTwitter rumour defamation
caseArif Azim Case
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4IMPORTANT CASES
Twitter fake handles used against company case
True Caller and CEO phone number compromise case
Calls for fake interviews on social media case
Gurgaon call centre spy camera girl termination case
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBER BULLYING GALORE
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4GURUJI.COM SEARCH ENGINE – CRIMINAL
ACTION
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
NIRMALJIT SINGH NARULA
Vs. INDIJOBS AT HUBPAGES.COM & ORS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4MUZAFFARNAGAR COMMUNAL RIOTS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
15TH AUGUST, 2012- BANGALORE MASS
MIGRATIONS
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4DR. L. PRAKASH- INDIA’S FIRST LIFE TIMER CYBER
CRIMINAL
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
BAAZEE.COM CASE
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4MOBILE APPS– TODAY’S REALITY
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIME AS A SERVICE
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4PRIVACY
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
DATA PRIVACY AND CORPORATES- WAKE UP
TIME
Data privacy concerns are already sky rocketing that is why data privacy will continue to be an important issue.
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4MALWARE & CYBER SECURITY
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CONCLUSION
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4SOCIAL MEDIA & SECURITY CHALLENGES
well-known Socialbot malware, called the “Koobface” virus, is specifically created to target social network platforms.© of images belongs to the respective
copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4SOCIAL MEDIA & SECURITY CHALLENGES
Social media and smartphones exposing 'millions' to cybercrime, says study : AAP September 06, 2012 1:02PM LinkedIn was recently hacked, and users’ passwords stolen and leaked on the Internet. The company, through its blog, confirmed the event, declaring that more than six million passwords were compromised.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
SOCIAL MEDIA & CYBER CRIMES
Social media is today becoming the fulcrum focus point for cyber criminals and cyber terrorists. More and more cyber criminal tendencies are continuing to emerge in social media.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4SOCIAL MEDIA & SECURITY CHALLENGES
Social media and smartphones exposing 'millions' to cybercrime, says study : AAP September 06, 2012 1:02PM LinkedIn was recently hacked, and users’ passwords stolen and leaked on the Internet. The company, through its blog, confirmed the event, declaring that more than six million passwords were compromised.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBER LAW IN INDIA
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIMES DEFINED UNDER THE IT ACT, 2000
Section 65- Tampering with computer source documents
Section 66- Computer related offences
Section 66A- Punishment for sending offensive messages through communication service, etc.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIMES DEFINED UNDER THE IT ACT, 2000
Section 66B- Punishment for dishonestly receiving stolen computer resource or communication device.
Section 66C- Punishment for identity theft
Section 66D- Punishment for cheating by personation by using
computer resource
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIMES DEFINED UNDER THE IT ACT, 2000
Section 66E- Punishment for violation of privacy
Section 66F- Punishment for cyber terrorism
Section 67- Punishment for publishing or transmitting obscene material in
electronic form
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIMES DEFINED UNDER THE IT ACT, 2000
Section 67A- Punishment for publishing or transmitting of material containing sexually explicit act, etc., in electronic form
Section 67B- Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc., in electronic form
Section 67C- Preservation and retention of information by intermediaries
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIMES DEFINED UNDER THE IT ACT, 2000
Section 68- Power of the Controller to give directions
Section 69- Power to issue directions for interception or monitoring or decryption of any
information through any computer resource
Section 69A- Power to issue directions for blocking for public access of any information through any computer resource
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIMES DEFINED UNDER THE IT ACT, 2000
Section 69B- Power to authorise to monitor and collect traffic data or information through any computer resource for cyber security
Section 70- Protected system
Section 70A- National nodal agency
Section 70B- Indian Computer Emergency Response Team to serve as a national agency for incident response
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CYBERCRIMES DEFINED UNDER THE IT ACT, 2000
Section 71- Penalty for misrepresentation
Section 72- Breach of confidentiality and privacy
Section 72A- Punishment for disclosure of information in breach of lawful
contract
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
INTERMEDIARY
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
INTERMEDIARY
"Intermediary" with respect to any particular electronic records, means any person who on behalf of another person receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web hosting service providers, search engines, online payment sites, online-auction sites, online market places and cyber cafes.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4INTERMEDIARIES AND DUE DILIGENCE UNDER THE IT ACT,
2000 Intermediaries are required to do
due diligence under the terms of the amended Information Technology Act, 2000.
This due diligence must be done to ensure compliance with the relevant parameters of the amended Information Technology Act, 2000.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
11TH APRIL, 2011 – A HISTORICAL DAY FOR THE INFORMATION
TECHNOLOGY ACT, 2000 The Government of India using its wide powers
given under the Information Technology Act, 2000, has notified the Information Technology Rules, 2011 including the following: The Information Technology (Electronic
Service Delivery) Rules, 2011 The Information Technology (Reasonable
Security Practices And Procedures And Sensitive Personal Data Or Information) Rules, 2011
The Information Technology (Intermediaries Guidelines) Rules, 2011
The Information Technology (Guidelines for Cyber Cafe) Rules, 2011
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4SENSITIVE PERSONAL DATA OR INFORMATION
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4LIABILITIES OF INTERMEDIARIES AND THE INDIAN CYBERLAW
Liability of intermediaries has been specifically now provided under Section 79 of the amended Information Technology Act, 2000.
“Google v/s Vishakha” case before the Hon'ble Supreme Court of India.
The emphasis on exercise of due diligence by intermediaries is an important aspect. However, enforceability and implementation of the Information Technology Act, 2000 has always been a challenge.
Most of the companies in India comply with the Information Technology Act, 2000 in breach rather than in observance.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
LIABILITIES OF INTERMEDIARIES AND THE
INDIAN CYBERLAWThere could have exposure to legal consequences, both civil and criminal, for the company and its top management.Civil liability-damages by way of compensation upto 50 million INR per contraventionCriminal Consequences - The top management could also be exposed to criminal consequences ranging from imprisonment of 3 years to life imprisonment and fine from 1 Lakh INR to 10 Lakhs INR.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4LIABILITIES OF INTERMEDIARIES AND THE
INDIAN CYBERLAW – CRIMINAL CONSEQUENCES
© of images belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
NEED FOR DUE DILIGENCE
Every legal entity is thus required to do due diligence under the terms of the amended Information Technology Act, 2000.
This due diligence must be done to ensure compliance with the relevant parameters of the amended Information Technology Act, 2000.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4NEED FOR DUE DILIGENCE
Reasonable Prudence ensues compliance with the requirements of law, that being Indian Cyberlaws, IT Act, IT Rules, notifications, bye-laws and circulars made thereunder.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4COMPLIANCES AND THE INDIAN CYBERLAW
© belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4COMPLIANCES BY PAVAN DUGGAL
ASSOCIATES Pavan Duggal Associates -role
in helping companies ensure compliances with the Indian Cyberlaw and rules thereunder.
Pavan Duggal Associates assist all intermediaries to ensure documented due diligence under the Information Technology Act, 2000.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
PAVAN DUGGAL ASSOCIATES, ADVOCATES, SUPREME COURT
OF INDIA
© belongs to the respective copyright holders
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
PAVAN DUGGAL ASSOCIATES COMPLIANCE FRAMEWORK – FOR COMPLIANCE, EVALUATION AND
CERTIFICATION Asia Pacific Legal 500 says about Pavan Duggal
Associates
“Cyberlaw specialist Pavan Duggal Associates Advocates is the first port of call for many in terms of cases involving data theft, usually companies that have experienced theft of confidential or commercially sensitive information by former employees.”
“Pavan Duggal Associates Advocates provides niche expertise in cyber law.”
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4INDIAN CYBERL AWIndian Cyberlaw has created the appropriate legal framework for promoting e-commerce in the country as was giving legality to electronic format. The said lead framework has provided for various enabling provisions that provide for electronic authentication and cyber security related issues. All legal entities have a duty to ensure that its business operations needs to comply with the parameters of Information Technology Act, 2000 as also rules and regulations made thereunder.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4CONCLUSION All in all, Cyberlaw and Cybercrime today represent important fascinating aspects of our lives. Cyberlaw and cybercrime jurisprudence is not just limited to lawyers; it is of relevance to every user of the electronic and digital ecosystem as also mobile ecosystem. Ignorance of law is no excuse in the eyes of law
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
CONCLUSIONOnly in compliance, compliance and compliance with the Indian Cyberlaw lies the way for Nirvana for any entity dealing with the digital and mobile ecosystem.
Pre
sent
ed a
t Clu
bH
ack
Inf
osec
Key
note
eve
nt in
Ban
galo
re o
n 8th
Aug
201
4
A PRESENTATION BY
PAVAN DUGGALADVOCATE, SUPREME COURT OF
INDIAPRESIDENT, CYBERLAWS.NETPRESIDENT, CYBERLAW ASIA
HEAD, PAVAN DUGGAL [email protected]