CS SONU LAKHANI AEO, ICSI CYBER CRIME PREVENTION & DETECTION
Cyber crime is the latest and perhaps the most complicated problem in the cyber world. “Cyber crime may be said to be those species, of which, genus is the conventional crime, and where either the computer is an object or subject of the conduct constituting crime”
Internet has offered us a much more convenient way to share information across time and place. Cyberspace also opened a new venue for criminal activities. ◦Cyber attacks ◦Distribution of illegal materials in cyberspace Contd……
◦Computer-mediated illegal communications within big crime groups or terrorists Cyber crime has become one of the major security issues for the law enforcement community. The ambiguity of cyberspace makes identity tracing a significant problem which hinders investigations.
PREVENTIVE STEPS FOR INDIVIDUA LS CHILDREN: Children should not give out identifying information such as Name, address, School Name or Telephone Number information about parents in a chat room. They should not respond to messages, which are threatening, and not to arrange a face-to -face meeting without telling parents or guardians. They should remember that people online might not be who they seem.
Parent should use content filtering software on PC to protect children from pornography, gambling, hate speech, drugs and alcohol. There is also software to establish time controls for use of limpets (for example blocking usage after a particulars time) and allowing parents to see which site item children have visited. Use this software to keep track of the type of activities of children.
Don’t delete harmful communications ( s, chats etc). They will provide vital information about system and address of the person behind these If you feel any immediate physical danger contact your local police. Avoid getting into huge arguments online during chat and discussions with other users. Remember that all other Internet users are strangers; you do not know who you are chatting with. So be careful.
Do not share personal information in public space online; do not give it to strangers. Save all communications for evidence. Do not edit it in any way. Also, keep a record of your contacts and inform Law Enforcement Officials
PHYSICAL SECURITY: Physical security is most sensitive component, as prevention from cyber crime Computer network should be protected from the access of unauthorized persons.
Access Control system is generally implemented using firewalls, which provide a centralized point from which to permit or allow access. Firewalls allow only authorized communications between the internal and external network.
Proof of identity is an essential component to identify intruder. The use of passwords in the most common security for network system including servers, routers and firewalls. Password should be changed with regular interval of time and it should be alpha numeric and should be difficult to judge.
As a general rule, If you think you are in immediate danger, then contact your local law police station and let them know what happened, depending on the scope of the crime, it will be investigated by special cyber crime investigation cell.
Copy of defaced web page in soft copy as well as hard copy format, if website is defaced If data is compromised on server or computer or any other network equipment, soft copy of original data and soft copy of compromised data. Access control mechanism details i.e.- who had what kind of the access to the compromised system
List of suspects – if the victim is having any suspicion on anyone. All relvant information leading to the answers to following questions – what ? (what is compromised) who? (who might have compromised system) when?(when the systme was compromised)
why?(why the system might have been compromised) where?(where is the impact of attack- identifying the target system from the network) How many?(How many systems have been compromised by the attack)
Extract the extended headers of offending e- mail Bring soft copy as well hard copy of offending . Do not delete the offending from e- mail box. Save the copy of offending on computers hard drive.
CYBER LAW AUTHORITIES CERTIFYINGAUTHORITIES CENTRAL GOVT. STATE GOVT. ADVISORY BOARD
An adjudicating officer shall be adjudging whether a person has committed a contravention of any of the provisions of the said Act, by holding an inquiry. Principles of audi alterum partum and natural justice are enshrined in the said section which stipulates that a reasonable opportunity of making a representation shall be granted to the concerned person who is alleged to have violated the provisions of the IT Act.
The said Act stipulates that the inquiry will be carried out in the manner as prescribed by the Central Government All proceedings before him are deemed to be judicial proceedings, every Adjudicating Officer has all powers conferred on civil courts Appeal to cyber Appellate Tribunal- from decision of Controller, Adjudicating Officer {section 57 IT act}
Section 47 of the Act lays down that while adjudging the quantum of compensation under this Act, the adjudicating officer shall have due regard to the following factors, namely- (a) the amount of gain of unfair advantage, wherever quantifiable, made as a result of the default; (b) the amount of loss caused to any person as a result of the default; (c) the repetitive nature of the default
Most important asset of software companies “Computer Source Code" means the listing of programmes, computer commands, design and layout Ingredients ◦Knowledge or intention ◦Concealment, destruction, alteration ◦computer source code required to be kept or maintained by law
Section 78 & 80 : Power to investigate offences :Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not below the rank of Inspector shall investigate any offence under this Act. He may enter any public place and search and arrest without warrant any person found therein who is reasonably suspected of having committed or of committing or of being about to commit any offence under this act.
Sending pornographic or obscene s are punishable under Section 67 of the IT Act. An offence under this section is punishable on first conviction with imprisonment for a term, which may extend to five years and with fine, which may extend to One lakh rupees. In the event of a second or subsequent conviction the recommended punishment is imprisonment for a term, which may extend to ten years and also with fine which may extend to Two lakh rupees.
s that are defamatory in nature are punishable under Section 500 of the Indian PenalCode (IPC), which recommends an imprisonment of upto two years or a fine or both. Threatening s are punishable under the provisions of the IPC pertaining to criminal intimidation, insult and annoyance (Chapter XXII), extortion (Chapter XVII) spoofing spoofing is covered under provisions of the IPC relating to fraud, cheating by personation (Chapter XVII), forgery (Chapter XVIII)
CYBER LAWS & INFORMATION TECHNOLOGY ACT ' 2000 S No. OffencePenalty 1 Intentional Tampering with Computer resource and docs. Upto 2 Lacs fine &/ or 3 yrs. Imprisonment 2Hacking Upto 2 Lacs fine &/ or 3 yrs. Imprisonment 3 Controller issuing directions to Certifying auth./ its employee to take measures compliance with law & failure of complying with such directions Upto 2 Lacs fine &/ or 3 yrs. Imprisonment 4Penalty for Misrepresentation Upto 1 Lac fine &/ or 2 yrs. Imprisonment
5 Penalty for Breach of Confidentiality Upto 1 Lac fine &/ or 2 yrs. Imprisonment 6 Penalty for publishing false Digital Signature Certificate Upto 1 Lac fine &/ or 2 yrs. Imprisonment 7 Penalty for fraudulent publication of Digital Signature Certificate Upto 1 Lac fine &/ or 2 yrs. Imprisonment 8 Publishing of Informn. Obscene in electronic form 1st Conviction: Upto 1 Lac fine &/ or 5 yrs. Imprisonment 2nd Conviction: Upto 2 Lac fine &/ or 10 yrs. Imprisonment 9 Appropriate Govt. may declare by notificn. any C/CS/CN to be a protected system & unauthorised access into such system Fine or 10 yrs. Imprisonment
No specific enforcement agencies to combat various cyber-crimes. Lack of skilled law enforcement personnel. No report by the victims. Jurisdictional problems
E-security programs. Identification of internal and external sources of threats. Security awareness programs for all users. No sharing of user accounts. Network security from external sources. Antivirus softwares. Data backup and disaster recovery plans.
Review of the existing legislations and statutes. Continuous monitoring of the cyber cafes. Raising awareness about cyber crimes. Co-operation at international level. Establishment of International Tribunals. Need for trained professionals. Special courses in cyber security
Source
Disclaimer Clause: Views expressed in this presentation views of the author do not necessary reflect those of the Institute