Professional Documents
Culture Documents
Seminar On Cyber Crime
Seminar On Cyber Crime
agains CONTENTS
o INTRODUCTION
o DISTINCTION BETWEEN CONVENTIONAL
CRIME AND CUBER CERIME
o REASONS FOR CYBER CRIME
o CYBER CRIMINALS
o MODE AND MANNER OF COMMITTING
CYBER CRIME
o CLASSIFICATION
o SATUTORY PROVISIONS
o ANALYSIS OF THE SATUTORY
PROVISION
o PREVENTION OF CYBER CRIME
o CONCLUSION
o REFERENCES
. INTRODUCTION:
The term ‘cyber crime’ is a misnomer. This term
has nowhere been defined in any statute /Act
passed or enacted by the Indian Parliament. The
concept of cyber crime is not radically different
from the concept of conventional crime. Both
include conduct whether act or omission, which
cause breach of rules of law and counterbalanced
by the sanction of the state.
Before evaluating the concept of cyber crime it is
obvious that the concept of conventional crime be
discussed and the points of similarity and
deviance between both these forms may be
discussed.
CONVENTIONAL CRIME-
Crime is a social and economic phenomenon and
is as old as the human society. Crime is a legal
concept and has the sanction of the law. Crime or
an offence is “a legal wrong that can be followed
by criminal proceedings which may result into
punishment.”(1) The hallmark of criminality is
that, it is breach of the criminal law. Per Lord
Atkin “the criminal quality of an act cannot be
discovered by reference to any standard but one: is
the act prohibited with penal consequences”. (2)
A crime may be said to be any conduct
accompanied by act or omission prohibited by
law and consequential breach of which is visited
by penal consequences.
CYBER CRIME
Cyber crime is the latest and perhaps the most
complicated problem in the cyber world. “Cyber
crime may be said to be those species, of which,
genus is the conventional crime, and where either
the computer is an object or subject of the
conduct constituting crime” (13). “Any criminal
activity that uses a computer either as an
instrumentality, target or a means for perpetuating
further crimes comes within the ambit of cyber
crime”(12)
A generalized definition of cyber crime may be “
unlawful acts wherein the computer is either a tool
or target or both”(3) The computer may be used as
a tool in the following kinds of activity- financial
crimes, sale of illegal articles, pornography,
online gambling, intellectual property crime, e-
mail spoofing, forgery, cyber defamation, cyber
stalking. The computer may however be target
for unlawful acts in the following cases-
unauthorized access to computer/ computer
system/ computer networks, theft of information
contained in the electronic form, e-mail bombing,
data didling, salami attacks, logic bombs, Trojan
attacks, internet time thefts, web jacking, theft of
computer system, physically damaging the
computer system.
DISTINCTION BETWEEN CONVENTIONAL
AND CYBER CRIME-
There is apparently no distinction between cyber
and conventional crime. However on a deep
introspection we may say that there exists a fine
line of demarcation between the conventional and
cyber crime, which is appreciable. The
demarcation lies in the involvement of the
medium in cases of cyber crime. The sine qua non
for cyber crime is that there should be an
involvement, at any stage, of the virtual cyber
medium.
REASONS FOR CYBER CRIME:
Hart in his work “ The Concept of Law” has said
‘human beings are vulnerable so rule of law is
required to protect them’. Applying this to the
cyberspace we may say that computers are
vulnerable so rule of law is required to protect
and safeguard them against cyber crime. The
reasons for the vulnerability of computers may be
said to be:
1. Capacity to store data in comparatively small
space-
The computer has unique characteristic of
storing data in a very small space. This affords
to remove or derive information either through
physical or virtual medium makes it much
more easier.
2. Easy to access-
The problem encountered in guarding a
computer system from unauthorised access is
that there is every possibility of breach not due
to human error but due to the complex
technology. By secretly implanted logic bomb,
key loggers that can steal access codes,
advanced voice recorders; retina imagers etc.
that can fool biometric systems and bypass
firewalls can be utilized to get past many a
security system.
3.Complex-
The computers work on operating systems and
these operating systems in turn are composed of
millions of codes. Human mind is fallible and it
is not possible that there might not be a lapse at
any stage. The cyber criminals take advantage
of these lacunas and penetrate into the
computer system.
4.Negligence-
Negligence is very closely connected with
human conduct. It is therefore very probable
that while protecting the computer system there
might be any negligence, which in turn provides
a cyber criminal to gain access and control over
the computer system.
5. Loss of evidence-
Loss of evidence is a very common & obvious
problem as all the data are routinely destroyed.
Further collection of data outside the territorial
extent also paralyses this system of crime
investigation.
CYBER CRIMINALS:
The cyber criminals constitute of various groups/
category. This division may be justified on the
basis of the object that they have in their mind.
The following are the category of cyber criminals-
1. Children and adolescents between the age
group of 6 – 18 years –
The simple reason for this type of delinquent
behaviour pattern in children is seen mostly
due to the inquisitiveness to know and explore
the things. Other cognate reason may be to
prove themselves to be outstanding amongst
other children in their group. Further the
reasons may be psychological even. E.g. the Bal
Bharati (Delhi) case was the outcome of
harassment of the delinquent by his friends.
2. Organised hackers-
These kinds of hackers are mostly organised
together to fulfil certain objective. The reason
may be to fulfil their political bias,
fundamentalism, etc. The Pakistanis are said to
be one of the best quality hackers in the world.
They mainly target the Indian government sites
with the purpose to fulfil their political
objectives. Further the NASA as well as the
Microsoft sites is always under attack by the
hackers.
3. Professional hackers / crackers –
Their work is motivated by the colour of money.
These kinds of hackers are mostly employed to
hack the site of the rivals and get credible,
reliable and valuable information. Further they
are ven employed to crack the system of the
employer basically as a measure to make it safer
by detecting the loopholes.
4. Discontented employees-
This group include those people who have
been either sacked by their employer or are
dissatisfied with their employer. To avenge they
normally hack the system of their employee.
MODE AND MANNER OF COMMITING
CYBER CRIME:
1. Unauthorized access to computer systems or
networks / Hacking-
This kind of offence is normally referred as
hacking in the generic sense. However the
framers of the information technology act 2000
have no where used this term so to avoid any
confusion we would not interchangeably use the
word hacking for ‘unauthorized access’ as the
latter has wide connotation.
2. Theft of information contained in electronic
form-
This includes information stored in computer
hard disks, removable storage media etc. Theft
may be either by appropriating the data
physically or by tampering them through the
virtual medium.
3. Email bombing-
This kind of activity refers to sending large
numbers of mail to the victim, which may be an
individual or a company or even mail servers
there by ultimately resulting into crashing.
4. Data diddling-
This kind of an attack involves altering raw
data just before a computer processes it and
then changing it back after the processing is
completed. The electricity board faced similar
problem of data diddling while the department
was being computerised.
5. Salami attacks-
This kind of crime is normally prevalent in the
financial institutions or for the purpose of
committing financial crimes. An important
feature of this type of offence is that the
alteration is so small that it would normally go
unnoticed. E.g. the Ziegler case wherein a logic
bomb was introduced in the bank’s system,
which deducted 10 cents from every account
and deposited it in a particular account.
6. Denial of Service attack-
The computer of the victim is flooded with
more requests than it can handle which cause it
to crash. Distributed Denial of Service (DDoS)
attack is also a type of denial of service attack,
in which the offenders are wide in number and
widespread. E.g. Amazon, Yahoo.
7. Virus / worm attacks-
Viruses are programs that attach themselves to
a computer or a file and then circulate
themselves to other files and to other computers
on a network. They usually affect the data on a
computer, either by altering or deleting it.
Worms, unlike viruses do not need the host to
attach themselves to. They merely make
functional copies of themselves and do this
repeatedly till they eat up all the available space
on a computer's memory. E.g. love bug virus,
which affected at least 5 % of the computers of
the globe. The losses were accounted to be $ 10
million. The world's most famous worm was the
Internet worm let loose on the Internet by
Robert Morris sometime in 1988. Almost
brought development of Internet to a complete
halt.
8. Logic bombs-
These are event dependent programs. This
implies that these programs are created to do
something only when a certain event (known
as a trigger event) occurs. E.g. even some
viruses may be termed logic bombs because
they lie dormant all through the year and
become active only on a particular date (like
the Chernobyl virus).
9. Trojan attacks-
This term has its origin in the word ‘Trojan
horse’. In software field this means an
unauthorized programme, which passively
gains control over another’s system by
representing itself as an authorised programme.
The most common form of installing a Trojan is
through e-mail. E.g. a Trojan was installed in
the computer of a lady film director in the U.S.
while chatting. The cyber criminal through the
web cam installed in the computer obtained her
nude photographs. He further harassed this
lady.
10. Internet time thefts-
Normally in these kinds of thefts the Internet
surfing hours of the victim are used up by
another person. This is done by gaining access
to the login ID and the password. E.g. Colonel
Bajwa’s case- the Internet hours were used up
by any other person. This was perhaps one of
the first reported cases related to cyber crime in
India. However this case made the police
infamous as to their lack of understanding of
the nature of cyber crime.
11. Web jacking-
This term is derived from the term hi
jacking. In these kinds of offences the hacker
gains access and control over the web site of
another. He may even mutilate or change the
information on the site. This may be done for
fulfilling political objectives or for money.
E.g. recently the site of MIT (Ministry of
Information Technology) was hacked by the
Pakistani hackers and some obscene matter
was placed therein. Further the site of
Bombay crime branch was also web jacked.
Another case of web jacking is that of the
‘gold fish’ case. In this case the site was
hacked and the information pertaining to
gold fish was changed. Further a ransom of
US $ 1 million was demanded as ransom.
Thus web jacking is a process where by
control over the site of another is made
backed by some consideration for it.
CLASSIFICATION:
The subject of cyber crime may be broadly
classified under the following three groups. They
are-
1. Against Individuals
a. their person &
b. their property of an individual
2. Against Organization
a. Government
c. Firm, Company, Group of Individuals.
Against Individuals: –
i. Computer vandalism.
ii. Transmitting virus.
iii. Netrespass
iv. Unauthorized control/access over computer
system.
v. Intellectual Property crimes
vi. Internet time thefts
Against Organization: -
i. Unauthorized control/access over computer
system
ii. Possession of unauthorized information.
iii. Cyber terrorism against the government
organization.
iv. Distribution of pirated software etc.
Against Society at large: -
7.Lack of awareness-
One important reason that the Act of 2000 is
not achieving complete success is the lack of
awareness among the s about their rights.
Further most of the cases are going
unreported. If the people are vigilant about
their rights the law definitely protects their
right. E.g. the Delhi high court in October
2002 prevented a person from selling
Microsoft pirated software over an auction
site. Achievement was also made in the case
before the court of metropolitan magistrate
Delhi wherein a person was convicted for
online cheating by buying Sony products
using a stolen credit card. (17)
8. Jurisdiction issues-
Jurisdiction is also one of the debatable
issues in the cases of cyber crime due to the
very universal nature of cyber space. With
the ever-growing arms of cyber space the
territorial concept seems to vanish. New
methods of dispute resolution should give
way to the conventional methods. The Act of
2000 is very silent on these issues.