Abstract

Crime is a social and economic phenomenon and is as old as the human

society. As, Life is about a mix of good and evil, so is the Internet. For all the
good it does to us, cyberspace has its dark sides too. The Internet is undeniably
open to exploitation. no!n as cyber crimes, these activities involve the use of
computers, the Internet, cyberspace and the "orld "ide "eb. Cyber crime is the
latest and perhaps the most complicated problem in the cyber !orld. . Cyber
crime is an evil having its origin in the gro!ing dependence on computers in
modern life. In a day and age !hen everything from micro!ave ovens and
refrigerators to nuclear po!er plants is being run on computers, cyber crime has
assumed rather sinister implications.

"hile the !orld!ide scenario on cyber crime looks bleak, the situation in
India isn#t any better. Cyber crimes in India are slo!ly evolving from a simple e$
mail crime to more serious crimes like hacking and source code theft. Cases of
spam, hacking, cyber stalking and email fraud are rampant despite the enactment
of the Information Technology Act, %&&&, the India's Cyber La! and setting up of
cyber crimes cells in ma(or cities. The problem is that most cases remain
unreported due to a lack of a!areness.
)o, the need of the hour is to make the masses a!are of the Cyber Crime
itself and their rights and duties in relation to Cyber Crime. As, it is only then can
this gro!ing menace be checked.
)o, in the present report an attempt has been made to describe the various
types of cyber crimes and the present scenario on the cyber crime and the
preventive measures that should be taken up to protect ourselves.
*
INTRODUCTION
The !ord C+,-. )/AC- !as coined by "illliam 0ibson in the science fiction
1-2.34A1C-., in the year *567. It is used as a means of denoting the apparent or
virtual location !ithin !hich electronic activities take place. 3f late, the !ord Cyber has
become a loose synonym for electronics. Cyber )pace therefore is a place !here people
meet not physically but virtually and communicate !ith each other electronically.

Cyber Space is the aggregate of Intranets, Internet and World Wide Web.
The Internet has opened up a !hole ne! virtual heaven for the people both good
and bad, cleaver and na8ve to enter and interact !ith a lot of diverse cultures and
subcultures, geography and demographics being no bar. The rise of the Internet as one of
the most significant communication and business platforms of this century has come !ith
its o!n set of issues and concerns. "hile the 1et has brought a host of benefits to the
common person and to enterprises, it is also having to grapple !ith ma(or challenges,
primary among them security.
The very same virtues of Internet !hen gone in !rong hands or !hen exploited
by people !ith dirty minds and malicious intentions make it virtual hell. 9ue to
popularity of Internet, hacking or breaking into somebody into else's computer is more
popular and automated than ever.
There are various frauds of computer and internet related crimes. The most
common is the use of viruses to corrupt and destroy data stored in computer systems. The
forms of crimes like impersonation, theft of credit card information, e$gambling,
espionage, harassment, pornography are on a rise due to the gro!th of the medium.
%
CRI! C"#!R
Cyber crime consists of specific crimes dealing !ith computers and net!orks
:such as hacking; and the facilitation of traditional crime through the use of computers.
According to 2) 9epartment of <ustice and the council of -urope, the term Cyber
Crime refers to =$ide range of cri%es that in&ol&e co%p'ters and net$or(s>.
In additional to cyber crime, there is also =computer$supported crime> !hich
covers the use of computers by criminals for communication, documentation or data
storage.The computer may be used as a tool in the follo!ing kinds of activity$ financial
crimes, sale of illegal articles, pornography, online gambling, intellectual property crime,
e$mail spoofing, forgery, cyber defamation, cyber stalking.
The computer may ho!ever be target for unla!ful acts in the follo!ing cases$
unauthori?ed access to computer@ computer system@ computer net!orks, theft of
information contained in the electronic form, e$mail bombing, data didling, salami
attacks, logic bombs, Tro(an attacks, internet time thefts, !eb (acking, theft of computer
system, physically damaging the computer system.
C"#!R CRIINA)S*
The cyber criminals constitute of various groups@ category.
)ome cyber criminals are techie mavericks !ho take pleasure in !riting and
releasing destructive viruses.
3thers are suit$!earing professionals !ho steal copies of their employers#
customer databases to take !ith them !hen they Auit.
)ome are con artists !ith plans to scam personal information from consumers and
use it for financial gain.
)ome are there (ust for fun
B
The cyber cri%inals can be disting'ished on the basis of their s(ill le&els and
%oti&ations*
No&ice
They have limited computer and programming skills. And rely on toolkits to
conduct their attacks. Can cause extensive damage to systems since they don#t understand
ho! the attack !orks. 2sually looking for media attention.
Cyber+p'n(s
They are capable of !riting their o!n soft!are and have an understanding of the
systems they are attacking. 4any are engaged in credit card number theft and
telecommunications fraud. Cave a tendency to brag about their exploits.
Internals
a, Disgr'ntled e%ployees or e-+e%ployees
These may be involved in technology$related (obs, usually aided by privileges
they have or had been assigned as part of their (ob function. They pose largest security
problem. This group include those people !ho have been either sacked by their employer
or are dissatisfied !ith their employer. To avenge they normally hack the system of their
employee
b, .etty thie&es
These Include employees, contractors, consultants !ho are Computer literate and
opportunistic :take advantage of poor internal security;. 2sually motivated by greed or
necessity to pay off other habits, such as drugs or gambling.
Coders
7
These Act as mentors to the ne!bie's. "rite the scripts and automated tools that
others use. 4ostly motivated by a sense of po!er and prestige these are very dangerous
have hidden agendas use Tro(an horses.
Old g'ard hac(ers
They don't have any criminal intent but have alarming disrespect for personal
property.
.rofessional cri%inals
These basically speciali?e in corporate espionage. These are guns for hire, are
highly motivated, highly trained, have access to state$of$the$art eAuipment.
Infor%ation $arriors/cyber+terrorists
Increase in activity since the fall of many -astern ,loc intelligence agencies.
They are !ell funded and mix political rhetoric !ith criminal activity.
.
D
Types of Threats
There are basically t!o types of threats
*; Directly targeting the co%p'ter *
/rivacy invasions E Identity theft
Cacking and Cracking
)pam E /hishing
"eb )ite 9efacements
4alicious Code
9enial of )ervice
,ot infected computers, etc.
0, Directly ha&e a bearing on the indi&id'al or it can be said that these are
traditional cri%es $hich 'se co%p'ter as a tool for co%%ission of cri%e, li(e1
)talking and )ex$related offences
Fandalism, Conspiracy, 0ambling
-xtortion, )muggling, Cate Crimes
Copyright infringement, recording and soft!are piracy
Currency and 9ocument counterfeiting
)tock market manipulations
Theft and Fraud
These types of crimes are on a rise due to the gro!th of the medium itself. )o,
greater the spread of internet greater !ill be the increase in the cyber crime incidents.
G
Threats Directly Targeting the Co%p'ter*
2, .ri&acy in&asions 3 Identity theft
.ri&acy can be invaded online in several !ays. For example, it can happen !hen
a personH
I fills out forms and enter contests on commercial "eb sites
I provides information !hen registering for Internet services or soft!are :i.e. file$
sharing, instant messaging, e$mail;
I completes a personal profile for an e$mail or social net!orking sites or instant
messaging account
I gives personal information to strangers in chat rooms or through instant
messaging
Identity theft
It's the process of !rongfully obtaining and using this personal data for fraud or
deception for economic gains. Identity theft is a high$profile security issue, particularly
for organi?ations that store and manage large amounts of personal information, like,
government organi?ations, education sector, health care sector, financial sector, etc. 1ot
only can compromises that result in the loss of personal data undermine customer and
institutional confidence and result in costly damage to an organi?ation's reputation, but
data breaches can also be financially costly to organi?ationsH the average cost per incident
of a data breach in the 2nited )tates !as JG.B million and lost business amounted to an
average of J7.* million.** Also, organi?ations can be held liable for breaches and losses,
!hich may result in fines or litigation.
K
In the last six months of %&&K, the education sector represented the highest
number of kno!n data breaches that could lead to identity theft, accounting for %7
percent of the total :figure*;. 9espite the high number of data breaches that occurred in
the education sector during the last six months of %&&K, it only accounted for one percent
of all identities exposed during the period, ho!ever the government sector ranked second
and accounted for %& percent of data breaches that could lead to identity theft, moreover
The government sector had the highest overall number of identities exposed during the
period, accounting for G& percent of the total.
-www.symantec.com
6
There !ere a number of high profile data loss incidents during the period.
3ne incident involved Cer 4a(esty's .evenue and Customs :C4.C; in the
2nited ingdom, !hen t!o unencrypted disks containing personal records on %D million
people !ere lost during transfer from C4.C to the 1ational Audit 3ffice
0, 4ac(ing and Crac(ing

Hacking is much of an art, a way of thinking as it is a science.
Cacking means an illegal intrusion into a computer system and@net!ork. 2sing
one#s o!n programming abilities as also various programmes !ith malicious intent to
gain unauthori?ed access to a computer or net!ork are very serious crimes. There is an
eAuivalent term to hacking i.e. cracking, but the Indian la! does not distinguish bet!een
the t!o.
4ac(er
This is someone that seeks to understand computer, phone or other systems
strictly for the satisfaction of having that kno!ledge. Cackers !onder ho! things !ork,
and have an incredible curiosity. Cackers !ill sometimes do Auestionable legal things,
such as breaking into systems, but they generally !ill not cause harm once they break in.
Crac(er
This is the common term used to describe a malicious hacker. Crackers get into all
kinds of mischief, including breaking or LcrackingL copy protection on soft!are
programs, breaking into systems and causing harm, changing data, or stealing. Cackers
regard crackers as a less educated group of individuals that cannot truly create their o!n
!ork, and simply steal other people#s !ork to cause mischief, or for personal gain.L
As per IT act %&&& all kinds of hacking is a punishable offence !ith imprisonment
up to three years or fine up to t!o lakh or both.
5
5, .hishing
/hishing is an attempt by a third party to solicit confidential information from an
individual, group, or organi?ation by mimicking, or spoofing, a specific, usually !ell$
kno!n brand, usually for financial gain.
/hishers attempt to trick users into disclosing personal data, such as credit card
numbers, online banking credentials, and other sensitive information, !hich they may
then use to commit fraudulent acts. In a typical phishing scam, phishers send out e$mails
!hich appear to come from a legitimate company, in an attempt to scam users into
/roviding private information that !ill be used for identity theft. /hishers use a variety of
sophisticated devices to steal informationMincluding pop$up !indo!s, 2.L masks
!hich simulate real "eb addresses, and keystroke loggers that capture !hat you type,
such as account names and pass!ords.
/hishing can be described in t!o !aysH phishing attempts and phishing
messages. A phishing attempt can be defined as an instance of phishing message being
sent to a single user. -xtending the phishing analogy, a phishing attempt can be
considered a single cast of the lure :the phishing message; to try to catch a target. A
single phishing message can be used in numerous distinct phishing attempts, usually
targeting different end users.
A phishing "eb site is a site that is designed to mimic the legitimate "eb site of
the organi?ation !hose brand is being spoofed. In many cases, it is set up by the attacker
to capture a victim's authentication information or other personal identification
information, !hich can then be used in identity theft or other fraudulent activity.
In the last six months of %&&K, the ma(ority of brands used in phishing attacks
!ere in the financial services sector, accounting for 6& percent :figure %;. The financial
services sector also accounted for the highest volume of phishing "ebsites during this
*&
period, at GG percent :figure B;. )ince most phishing activity pursues financial gain,
successful attacks using brands in this sector are most likely to yield profitable data, such
as bank account credentials, making this sector an obvious focus for attacks.
6ig're 0 Uni7'e brands phished by sector

**
6ig're 5 .hished sectors by &ol'%e of phishing Web sites
-www.symantec.com
Internet service providers :I)/s; !ere ranked second in uniAue brands used in
phishing attacks during this period, at eight percent. The I)/ sector also accounted for the
second highest volume of phishing attacks during the period, accounting for *6 percent.
I)/ accounts can be valuable targets for phishers because people freAuently use the same
authentication credentials :such as usernames and pass!ords; for multiple accounts,
including email accounts.
#esides this other for%s of phishing is also beco%ing pop'larH
.har%ing
It's an attempt to defraud Internet surfers by hi(acking a "eb site's domain name,
or 2.L, and redirecting users to an imposture "eb site !here fraudulent reAuests for
information are made.
SiShing
It refers to a phishing attack sent via )hort 4essage )ervice on cell phones. Cell
phone users are sent text messages containing a "eb site link !hich, !hen visited, could
*%
do!nload a Tro(an horse, that could allo! a "eb$enabled phone to be controlled by
hackers. )4i)hing is another example of ho! hackers are in(ecting cell phones and other
mobile devices !ith mal!are and viruses !hich could penetrate enterprise net!orks,
according to .ayha!k.
8ishing
Its <ust as Internet surfers have gotten !ise to the fine art of phishing, along
comes a ne! scam utili?ing a ne! technology. Creative thieves are no! s!itching their
efforts to Lvishing,L !hich uses Foice over Internet /rotocol :FoI/; phones instead of a
misdirected "eb link to steal user information.
Spear .hishing
It is any highly targeted phishing attack. )pear phishers send e$mail that appears
genuine to all the employees or members !ithin a certain company, government agency,
organi?ation, or group. The message might look like it comes from your employer, or
from a colleague !ho might send an e$mail message to everyone in the company, such as
the head of human resources or the person !ho manages the computer systems, and could
include reAuests for user names or pass!ords. The truth is that the e$mail sender
information has been faked or Lspoofed.L "hereas traditional phishing scams are
designed to steal information from individuals, spear phishing scams !ork to gain access
to a company#s entire computer system. If you respond !ith a user name or pass!ord, or
if you click links or open attachments in a spear phishing e$mail, pop$up !indo!, or "eb
site, you might become a victim of identity theft and you might put your employer or
group at risk. )pear phishing also describes scams that target people !ho use a certain
product or "eb site
According to annual report for %&&K of C-.T :Computer -mergency .esponse
Team;, the apex cyber security division under the ministry of information technology of
India, there !as B5% incidents of phishing in India in the year %&&K.
*B
9, Undergro'nd econo%y ser&ers
2nderground economy servers are black market forums used by criminals and
criminal organi?ations to advertise and trade stolen information and services typically for
use in identity theft. This information can include government$issued identification
numbers such as )ocial )ecurity numbers, credit cards, credit verification values, debit
cards, personal identification numbers :/I1 s;, user accounts, email address lists, and
bank accounts. )ervices include cashiers, scam page hosting, and (ob advertisements
)uch as for scam developers or phishing partners.
The geographic locations of underground economy servers are constantly
changing due to the nature of these servers, !hich are often hosted as channels on public
I.C servers. 3nce a fraud$related I.C channel becomes popular, it is often either shut
do!n by the I.C server administrators or abandoned by its users due to legal liability and
the increased possibility of being caught. As such, the location of an underground
economy server is primarily driven by convenience and the lifespan of a server may be
short. Furthermore, the geographic location of the server is typically not of any
*7
conseAuence to those involved because users of underground economy servers do most of
their business electronically.
Criminals advertise their goods and services on I.C servers by listing available
items and their prices. /otential buyers !ill privately contact the sellers to make the deal
and finali?e payment. /ayment options for these goods are either conducted through
online currency exchange services or exchange of goods. 2n!illing to risk exposure,
many purchasers !ill use the services of cashiers !ho !ill convert the information for a
fee into true currency, either in the form of online currency accounts or through money
transfers. In exchange for the service, cashiers !ill take a percentage of the cash$out
amount.%G 4embers of underground economy servers are usually self$policing, reporting
rippers%K to the administrators of the I.C servers, and also broadcasting this information
to !arn each other. 3ften, repeat rippers !ill be kicked off and banned from the servers.
9uring the second half of %&&K, bank account credentials, including account
numbers and authentication information, !ere the most freAuently advertised item
observed on underground economy servers, making up %% percent of all goods:table
%;.The advertised price for bank account credentials varied as !idely as from J*& to
J*,&&& 2)9, depending on the amount of funds available and the location of the account.
,ank accounts that included higher balances, such as business accounts, and -2
accounts, !ere advertised for considerably more. Furthermore, bank accounts that
bundled in personal information such as names, addresses and dates of birth !ere
advertised at higher prices.
*D
Table 0. #rea(do$n of goods and ser&ices a&ailable for sale on 'ndergro'nd econo%y ser&ers
-www.symantec.com
Credit cards !ere the second most commonly advertised item on underground
economy servers during this reporting period, accounting for *B percent of all advertised
goods. Full identities !ere the third most common item advertised for sale on
underground economy servers, making up nine percent of all advertised goods. The
popularity of full identities may be due to their versatility and ease of use. "ith a full
identity, a criminal can easily obtain government issued documents, commit credit card
fraud, open bank accounts, obtain credit, purchase and@or steal homes, B% or even evade
arrest by masAuerading as someone else.
In one case, the C-3 of an identity theft prevention company !as a victim of
identity theft !hen someone used his social security number, !hich !as prominently
displayed on the company's "eb site, to obtain JD&& loan.
*G
:, Website deface%ent
"ebsite deface%ent is an attack on a !ebsite that changes the visual appearance
of the site. These are typically the !ork of system crackers, !ho break into a !eb server
and replace the hosted !ebsite !ith one of their o!n.
)ometimes the 9efacer makes fun of the system administrator for failing to
maintain server security. 4ost times the defacement is harmlessN ho!ever, it can
sometimes be used as a distraction to cover up more sinister actions such as uploading
mal!are. Cigh$profile !ebsite defacement !as carried out on the !ebsite of the company
*K
)C3 0roup follo!ing its assertion that Linux contained stolen code. The title of the page
!as changed from L.ed Cat vs. )C3L to L)C3 vs. "orld,L !ith various satirical content.
"eb site defacement is very common, much more common that !ebmasters and system
administrators !ould like to admit. The number of defacements is on the rise, especially
those done for a political message.
Follo!ing its yearly assessment, the C-.T :Computer -mergency .esponse
Team;, the apex cyber security division under the ministry of information technology of
India, found D,6GB Indian "ebsites under!ent defacement by global hackers in %&&K.
6ig're 9 N'%ber of Indian Websites defaced in 0;;<
+$$$.darpg.nic.in
=, alicio's soft$are or %al$are
These are small programmes or fragments of programmes !hich cause the
malfunctioning@ damage to the system. These areH
#ac( door
*6
3387
418
9 1
1693
209 146
0
500
1000
1500
2000
2500
3000
3500
4000
.com .in .org .net .inf o .name .biz
Domains
N
o
.

o
f

D
e
f
a
c
e
m
e
n
t
s
A programme that opens up access :login, dialup, net!ork; to a machine from the
outside to allo! an intruder into the machine. ,ack doors, can give a remote attacker
complete control over a compromised computer.
)ogic #o%b or Ti%e #o%b
It is a computer programme !ithin another programme and performs destructive
acts on the basis of trigger mechanism.
Tro>an horse
It simply a spy programme, disguised as another programme, usually malicious
one. It enters into the target computer system hidden in some another programme usually
games or some do!nloaded files. Tro(an is capable of do!nloading and installing other
threats onto the compromised computer. Tro(ans are also freAuently used to steal
information that an attacker can sell or profit from in other !ays. 9uring the current
reporting period, Tro(ans made up K* percent of the volume of the top D& potential
malicious code infections :figureD;.
6ig're : alicio's code types by potential infections
*5
-www.symantec.com

Wor%
It is a programme !hich propagates itself :!ithout external help; from one
computer to another across a data net!ork. a !orm usually is a stand alone O not attached
to another programme. The first sign of computer !orm activity dates back to*56%, the
first being -lk Cloner follo!ed by 4orris !orm. "orms made up %% percent of the
volume of the top D& potential malicious code infections in the last six months of %&&K.
8ir's
It is a programme that replicates itself. /arasitic, it usually attaches itself to,
over!rites or replaces a part of another programme :the host; to spread. 4a(or virus
types areH
#oot Sector, Co%panion &ir's, Dropper, Stealth &ir's, 6ile Infector,
.oly%orphic &ir's, etc.
Firuses made up *D percent of the volume of the top D& potential malicious code
infections in the last six months of %&&K
?eystro(e @ logging
It is a programme !hich records all the keys typed by the user and transmits this
information to the attacker !ho in turn easily gets to kno! the pass!ords, credit card
numbers, and etc. A keystroke logger records keystrokes on a compromised computer and
either emails the log to the attacker, or uploads it to a "eb site under the attacker's
control. The attacker can use these logs to extract the user's credentials for different types
of accounts, such as online banking, trading sites, or I)/ account access. The information
can then be used as a stepping stone to launch further attacks. For example, the attacker
could use the stolen I)/ account credentials to set up a phishing site on the free hosting
space typically included !ith these accounts. This is a relatively ne! phenomenon.
.ropagation %echanis%s
%&
"orms and viruses use various means to transfer themselves, or propagate, from
one computer to another. These means are collectively referred to as propagation
mechanisms, some malicious code samples use more than one mechanism to propagate.
The most common methods of propagation include, shared executable files, email
attachments. And removable drives, shared net!ork drive. Forty percent of malicious
code that propagated did so through executable file sharing.
Threats to confidential infor%ation
)ome malicious code programs are designed specifically to expose confidential
information that is stored on an infected computer. These threats may expose sensitive
data such as system information, confidential files and documents, or logon credentials.
)ome malicious code threats, such as Threats to confidential information are a particular
concern because of their potential for use in criminal activities. "ith the !idespread use
of online shopping and Internet banking, compromises of this nature can result in
significant financial loss, particularly if credit card information or banking details are
exposed.
"ithin the enterprise, exposure of confidential information can lead to significant
data leakage. If it involves customer$related dataMsuch as credit card informationM
customer confidence in the enterprise can be severely undermined. 4oreover, it
can also violate local la!s. )ensitive corporate information, including financial details,
business plans, and proprietary technologies, could also be leaked from compromised
computers.
Threats to confidential information made up G6 percent of the volume of the top D&
potential malicious code infections in the last six months of %&&K, causing potential
infections
4alicious code can expose confidential information in a variety of !ays. The
most common method is by allo!ing remote access to the compromised computer
through a back door. .emote access component such as a back door accounted for 6G
percent of the threats to the confidential information in the last half of %&&G. It is more
popular than other techniAues. This is because remote access, , gives the attacker
extensive control over the compromised computer, allo!ing for the theft of any
%*
information on the computer, the installation of other threats, or the use of the computer
for other purposes, such as relaying spam or hosting a phishing "eb site. Confidential
information threats !ith keystroke logging capability made up KG percent of threats to
confidential information, last six months of %&&K
6ig're = Threats to confidential infor%ation by type
-www.symantec.com
<, #ot+infected co%p'ters
,ots are programs that are covertly installed on a user's machine to allo! an
unauthori?ed user to remotely control the targeted system through a communication
channel, such as I.C, peer$to$peer :/%/;, or CTT/. These channels allo! the remote
attacker to control a large number of compromised computers in a botnet, !hich can then
be used to launch coordinated attacks. ,ots allo! for a !ide range of functionality and
most can be updated to assume ne! functionality by do!nloading ne! code and features.
Attackers can use bots to perform a variety of tasks, such as setting up 9o) attacks
against an organi?ation's "eb site, distributing spam and phishing attacks, distributing
spy!are and ad!are, propagating malicious code, and harvesting confidential
%%
information that may be used in identity theftN all of !hich can have serious financial and
legal conseAuences.
Attackers may favor bot$infected computers because they are able to perform a
!ide range of functions, are effective in the attacks they mount, and are relatively easy
and inexpensive to propagate. They are also difficult to disable !ith a decentrali?ed
command$and$control model, and most importantly, can be used for substantial financial
gain. Illegal botnet activity can be highly lucrative and this may be one of the reasons
they continue to be so popular.
#ot co%%and+and+control ser&ers
,ot command$and$control servers are computers that botnet o!ners use to relay
commands to botinfected computers on their net!orks, usually through I. C channels. In
the last six months of %&&K, 7,&5* bot command$and$control servers have been identified.
In 3peration ,ot .oast II , an ongoing investigation into the criminal use of botnets in
the 2nited )tates, started in %&&K by the Federal ,ureau of Investigation :F,I;, F,I has
arrested suspected botnet o!ners from across the 2nited )tates !ho !ere linked to multi$
million dollar phishing and spamming scams, and stealing personal information that
could lead to identity theft., eight people have been indicted for crimes related to botnet
activity, over one million victim computers have been uncovered, and over J%& million in
economic losses have been reported.
8) Spam
)pam is usually defined as (unk or unsolicited email sent by a third party. "hile it
is certainly an annoyance to users and administrators, spam is also a serious security
concern as it can be used to deliver Tro(ans, viruses, and phishing attempts. It could also
cause a loss of service or degradation in the performance of net!ork resources and email
gate!ays. ,et!een <uly * and 9ecember B*, %&&K, spam made up K* percent of all email
traffic monitored at the gate!ay. -ighty percent of all spam detected during this period
!as composed in -nglish. Also, 7% percent of all spam detected !orld!ide originated in
the 2nited )tates. The 2nited )tates hosts the most spam ?ombies of any country, !ith *&
percent of the !orld!ide total.
%B
Table 5 top ten co'ntries of spa% origin
-www.symantec.com
The most common type of spam detected in the first half of %&&K !as related to
commercial products, !hich made up %K percent of all spam detected. Commercial
products spam usually consists of advertisements for commercial goods and services. It is
freAuently used to sell designer goods, such as !atches, handbags, and sunglasses, the
profits from !hich can be substantial given that the goods sold are often cheaply made
counterfeits. In other cases the spammers may simply be attempting to collect credit card
and personal information for use in identity theft.
%7
6ig're< Top spa% categories
$!!!.symantec.com
T!enty percent of the spam !as Internet$related. This type of spam is typically
used to promote "eb hosting and design, as !ell as other online commodities like
phishing and spam toolkits. )ince phishing and spam toolkits cannot typically be
advertised by legitimate means, such as through banner ads on "eb sites, spam tends to
be the only !ay to promote them. )pam related to financial services made up *B percent
of all spam detected in the last six months of %&&K, making it the third most common type
of spam during this period.
A, Denial of Ser&ices
A purely malicious attack !ith the purpose of disabling access or availability of a
resource. The main ob(ective of this type of attack is to prevent the legitimate users of a
%D
service from using it. It is often abbreviated as 9o). A 9o) attack may come in variety of
flavors. Attacks may flood a net!ork !ith large amount of data or deliberately consume a
scarce or limited resource, there by blocking the entire flo! of information by attacking
the medium through !hich the data must travel.
2;, Scanning or probing
It is basically testing a net!orked computer for vulnerabilities :typically
vulnerable services, but also checking for vulnerable accounts and pass!ords;, remotely
via the net!ork. )canning is normally conducted as a prelude to a more directed attack on
systems that the intruder has found to be vulnerable.
22, Theft of Ser&ice
An attack !ith the purpose of obtaining unauthori?ed access to a resource
:computing cycles, net!ork band!idth, disk space, etc;. In some cases the motive behind
the theft is to avoid paying :for information, internet access, etc;H in other cases the
motive is to obtain access to a resource that is restricted or denied to the perpetrator.
)ome times certain unscrupulous elements someho! get hold of others pass!ords and
use the internet services free of cost, !ith the kno!ledge of account holder. In February
%&&&, the economic offences "ing of 9elhi /olice registered and investigated a case of
theft of *&K hours of Internet time. They traced the culprit and booked him under section
B&K of I/C, the culprit !as a computer engineer. This !as stated to be the first instance of
an arrest in a cyber crime case in 9elhi.
Trends in Cyber Attac(s in 0;;<
These types of crimes are on a rise due to the gro!th of the medium itself. )o,
greater the spread of internet greater !ill be the increase in the cyber crime incidents.
As, per the )ymantec 0lobal Internet )ecurity Threat .eport, April %&&6, Folume PIIH
%G
The 2nited )tates accounted for B* percent of all malicious activity.
The 2nited )tates !as the top country of attack origin in the second half of %&&K,
accounting for %7 percent of !orld!ide activity,
Table 1: Malicious activity by country
-www.symantec.com
It is clearly evident that the 2nited )tates had the most malicious activity, this is
because it has the most established broadband infrastructure in the !orldH 57 percent of
2.). households have access to available broadband connections, and its GD.D million
broadband subscribers represent %& percent of the !orld's total, more than any other
country.
China had the second highest amount of !orld!ide malicious activity during the
last six months of %&&K, accounting for seven percent, since China has the second highest
number of broadband subscribers in the !orld, !ith *5 percent of the !orld!ide
broadband total.
,ut the situation is no better in India !ith the cyber crime cases increasing at a
fast rate.
Trends in India in 0;;<
%K
Follo!ing its yearly assessment, the C-.T :Computer -mergency .esponse
Team;, the apex cyber security division under the ministry of information technology of
India, found that cyber crime in the country has accelerated about D& times since %&&7.
C-.T#s report tries to say that the highest gro!th has occurred in computer related crimes
that attack e$commerce businesses and financial service on the 1et.
The agency recorded (ust %B cyber crime incidents in %&&7 in contrast to a huge
*,%BK in %&&K. These primarily included phishing attacks, distribution of
viruses@malicious code and illegal infiltration to computer net!orks.
6ig'reB Sec'rity incidents reported d'ring 0;;<
-www.darpg.nic.in
Further, according to annual report for %&&K of C-.T, there !ere B5% incidents of
phishing, accounting to B%Q of all the incidents,BD6 cases of virus proliferation
:accounting to %5Q; and %%B cases of net!ork infiltration :accounting to *6Q;
%6
recorded in %&&K. Compared to this, there !ere only B phishing attacks, D cases of virus
proliferation and ** incidents of net!ork infiltration reported in %&&7.
C-.T, found D,6GB Indian "ebsites that under!ent mutilation or defacement by
global hackers in %&&K. The government agency also tracked *,6&D #open proxy# servers
that allo! anonymous bro!sing. It also detected more than %D,&&& bot$infected
computers. Furthermore, a data of the government revealed that in <anuary %&&6, 6K
security related incidents !ere recorded in contrast to 7D in 9ecember %&&K. 3f these,
7KQ involved phishing, %DQ related to !orm@virus under the mal!are category, %*Q to
unauthori?ed scanning, and KQ to technical help under separate categories.
Threats Targeting the Indi&id'als*
%5
2, Cyber Stal(ing
Cyber stalking is !hen a person is follo!ed and pursued online. Their privacy is
invaded, their every move !atched. It is a form of harassment, and can disrupt the life of
the victim and leave them feeling very afraid and threatened )talking or being #follo!ed#
are problems that many people, especially !omen, are familiar !ith. )ometimes these
problems :harassment E stalking; can occur over the Internet. This is kno!n as cyber
stalking. 4any offenders combine their online activities !ith more traditional forms of
stalking and harassment such as telephoning the victim and going to victim's home.
Cyber )talking usually occurs !ith !omen, !ho are stalked by men, or children !ho are
stalked by adult predators or pedophiles. A cyber stalker does not have to leave his home
to find, or harass his targets, and has no fear of physical violence since he believes he
cannot be physically touched in cyberspace. Ce maybe may be on the other side of the
earth or a neighbour or even a relative. And a stalker could be of either sex.
Typically, the cyber stalker#s victim is ne! on the !eb, and inexperienced !ith the
rules of netiAuette E internet safety. 2sers that are especially vulnerable to being targeted
are those inH
*. Live Chat or Internet .elay Chat
%. 4essage ,oards and 1e!sgroups
B. )ocial 1et!orking )ites
The main targets are the mostly females, children, emotionally !eak or unstable,
etc. It is believed that 3ver KDQ of the victims are female, but sometimes men are also
stalked.
The %ain %oti&es of cyber stal(ers are*
B&
2, Se-'al 4arass%ent
This should not surprise anyone, especially !omen, since sexual harassment is
also a very common experience offline. The internet reflects real life E consists of real
people. It#s not a separate, regulated or sanctified !orld. The very nature of anonymous
communications also makes it easier to be a stalker on the internet than a stalker offline
0, Obsession for lo&e
This could begin from an online romance, !here one person halts the romance
and the re(ected lover cannot accept the end of the relationship. It could also be an online
romance that moves to real life, only to break$up once the persons really meet. Then one
person again cannot accept the 13. )ometimes, this obsession stalking can even start
from real life and then move over to cyberspace. 3ne of the problems !ith obsession
stalking is that since it often starts as real romance, much personal information is shared
bet!een persons involved. This makes it easy for the cyber stalker to harass their victim.
)ometimes, an obsession can also be a fixation by a stranger on another user for no valid
reason. )ince these obsession stalkers live in a dream !orld, it is not al!ays necessary for
the target to have done anything to attract her :or his; attention in the first place.
3bsession stalkers are usually (ealous and possessive people. 9eath threats via email or
through live chat messages are a manifestation of obsession stalking.
5, Re&enge 3 4ate.
This could be an argument that has gone out of hand, leading eventually to a hate
E revenge relationship. .evenge vendettas are often the result of something you may
have said or done online !hich may have offended someone. Fendettas often begin !ith
arguments !here you may have been rude to another user. )ometimes, hate cyber stalking
is for no reason at all :out of the blue;$ you !ill not kno! !hy you have been targeted
nor !hat you have done, and you may not even kno! !ho it is !ho is doing this to you
E even the cyber stalker does not kno! you. In fact you have 13T been individually
targeted at all $ you have been chosen as a random target by someone !ho does not kno!
youR This stalker may be using the net to let out his frustrations online.
9, !go 3 .o$er Trips
B*
These are harassers or stalkers online sho!ing off their skills to themselves and
their friends. They do not have any grudge against you $ they are rather using you to
#sho!$off# their po!er to their friends or doing it (ust for fun and you have been unlucky
enough to have been chosen.
4ost people !ho receive threats online imagine their harasser to be large and
po!erful. ,ut in fact the threat may come from a child !ho does not really have any
means of carrying out the physical threats made. It is estimated that there are about
%, &&,&&& real$life stalkers in America today. .oughly one in *,%D& persons is a stalker.
Cyber stalking is very much prevalent in India also. In India#s first case of cyber
stalking, 4anish athuria !as recently arrested by the 1e! 9elhi /olice. Ce !as
stalking an Indian lady, 4s .itu ohli by illegally chatting on the "eb site 4I.C using
her name. Ce used obscene and obnoxious language, and distributed her residence
telephone number, inviting people to chat !ith her on the phone. As a result of !hich,
.itu kept getting obscene calls from every!here, and people promptly talked dirty !ith
her. In a state of shock, she called the 9elhi police and reported the matter. For once, the
police department did not !aste time s!inging into action, traced the culprit and
slammed a case under )ection D&5 of the Indian /enal Code for outraging the modesty of
.itu ohli.
In a more recent case in olkata, A senior official !ho allegedly sent obscene e$
mails from a fictitious I9, created in the name of a !oman subordinate has landed
himself in (ail. The man used to visit chat rooms on the 1et and give the phone number
and details of the !oman and even invited them to her home. The !oman then
complained to the CI9, upon examining her e$mails, It !as revealed that the computer
from !here the mails !ere sent !as in the !oman#s office.
Finally, the computer of the !oman#s boss !as identified and the man !as arrested. The
man has been booked under the Information Technology Act.
B%
0, Cyber se-/ Cyber porn Addiction
The expansion of computer databases on the Internet has provided the greatest
access yet to sexually explicit images access by both adults and children. Cyber porn is
more than naked !omen. 9emand for images goes far beyond !hat can be found in a
bookstore maga?ine rack. /edophilia, bestiality, bondage, and sadomasochism make up a
ma(ority of the images. These are images, movies, and online chat that used to be only
available on the bad side of to!n but !hich can no! be obtained in the privacy of one#s
home. Come computers have become the Lultimate bro!n !rapperL for pornography.
Cybersex@/ornography Addiction is a specific sub$type of Internet addiction.
-stimates suggest that * in D Internet addicts are engaged in some form of online sexual
activity :primarily vie!ing cyber porn and@or engaging in cybersex;. )tudies sho! that
men are more likely to vie! cyber porn, !hile !omen are more likely to engage in erotic
chat. /eople !ho suffer from lo! self$esteem, a distorted body image, untreated sexual
dysfunction, or a prior sexual addiction are more at risk to develop cybersex@cyber porn
addictions. In particular, sex addicts often turn to the Internet as a ne! and safe sexual
outlet to fulfill their underlying compulsive habit.
3nline pornography is popular. )exually explicit forums are the most popular
areas on computer online services online porn is big business. 1early three fourths :K*Q;
of the sexually explicit images surveyed originate from adult bulletin$ board systems
:,,); attempting to lure customers to additional collections of cyber porn. There they
can charge monthly fees and take credit card numbers for individual images. The five
largest adult ,,) systems have annual revenues in excess of J* million.

BB
3n of the most important cases related to cyber porn in India !as !hen Indian
police in 9ecember%&&7 arrested a top boss of an Indian subsidiary of the Internet
auction house e,ay for allegedly "eb hosting the sale of a porn clip that !as said to
sho! t!o teenage classmates engaged in oral sex at a prominent high school in the Indian
capital In a recent case:Feb. %&&6; Chennai's Fast Track Court :FTC; sentenced medical
practitioner L. /rakash, the first accused in a cyber$porn case, to life imprisonment and
fine of .s.*.%K lakh. Three other accused !ere sentenced to seven years rigorous
imprisonment :.I; and a fine of .s.%, D&& each. The doctor, !ho !as running a clinic,
used a farmhouse at alanchikuppam near -nnore and a guesthouse at Falasaravakkam
to detain girls and sexually exploit them !ith the help of the other accused. The accused
took pictures and uploaded them on the internet. ,esides this, child pornography is also
increasing on the net the Internet. In this case :*55K; a 7K$year$old 3hio man posing as a
*D$year$old communicated through computer messages !ith a *7$year$old girl and !as
able to convince her to send him sexually explicit photographs and videotapes of herself
performing sexual acts. The cyber relationship !ent on for *6 months, since the girl !as
*%. The offender pled guilty to one charge of inducing a minor to produce child
pornography Children are not the only victims of sexual assault involving the Internet.
In -ngland, Christopher 0raham -lliott !as sentenced to K years in prison for
raping and inflicting actual bodily harm on a !oman he met online

B7
5, Credit Card and AT related fra'ds
Internet banking frauds and credit card frauds are gro!ing in India. 3f late, !e are
!itnessing a trend of credit card frauds and AT4 frauds in India as !ell. The Cyber La!
of India, as contained in the Information Technology Act, %&&& :IT Act, %&&&;, is also
silent on this aspect. Thus, Internet banking frauds and credit card frauds are gro!ing in
India. Although credit card fraud is certainly on the rise $$ and credit card fraud on the
Internet is rising even more dramatically $$ ,ut, as consumers graduate to the shop$easy
internet and pay !ith their cards, instances of fraud are bound to rise. -Aually disturbing
are crimes affecting online banking, !hich until recently, because of security concerns,
!as the fastest gro!ing activity on the Internet, !ith three$Auarters of -uropeans banking
online and B6 percent of 2.). adults.
The increase in Internet fraud could be expected !hen !e look at ho! many more
businesses are accepting online transactions. T!enty$five million people in ,ritain alone
no! shop online. The problem is that the criminals are targeting the customers more than
the technology. It is not about hacking into computers as much as it is about tricking
users into revealing their card or account details. Fraud is increasing in e$ticketing, e$
shopping and the service sectors, !here no physical delivery of goods is involved.
According to ICICI ,ank G&Q of online card fraud occurs only !hile buying an air
tickets. Indian Airlines, for instance, asks for Sa' particular proof of identity, !hich a
consumer mentions in the online form, such as a driving license or a passport. )o till I9
becomes mandatory across all airlines, a consumer could as !ell be prepared to notice an
inflated card statement despite going strictly by the rulebook.
In April %&&G, a %G$year$old 4umbai executive keyed in her credit card number
and the three$digit security code on the e$booking site of an airline. )he bought a ticket
for ,angalore. In <uly, she !as shocked to find an .s %&,&&& additional credit dra!n from
her account. =T!o tickets from the same airline !ere booked on t!o different days in
<une using her card. The first !as a 9!arka$4umbai ticket for .s G,&&&, and the other, a
9elhi$9ubai one for .s *7,&&&. )he did not get a response from her card company till
August. =Then she approached the cyber crime cell and lodged the complaint.
BD
)o, for safer transactions, an advanced card such as Ferified by Fisa :FbF; and
4asterCard )ecure Code comes in handy. Cere, a consumer reAuires a pass!ord during a
transaction to validate his identity.
AT fra'ds are more common than credit card fraud in India. All the AT4's of a bank
are connected through a dedicated computer net!ork and hence are more vulnerable to
fraudulent access. 4any frauds have been reported at 9elhi, Chandigarh and 4umbai,
!here large amount of money !as !ithdra!n by unscrupulous elements through AT4's.
in most of the cases the /I1 !as obtained by hacking the database of the concerned
banks and also by phishing.
BG
9, C"#!R )AUND!RINC
4oney laundering is said to be the Lprocess by !hich one conceals the existence,
illegal source, or illegal application of income, and then disguises that income to make it
appear legitimateL As money technology has evolved, methods of payment have also
changed, but cash still often remains a preferred method of payment by many people.
3ver the past fe! decades various media and industry experts have predicted the demise
of cash and the advent of the =cashless> society. )ince, money in a modern economy
exists chiefly in the form of electronic entries in computeri?ed recordkeeping systems or
data bases so conventional laundering has paved !ay for cyber laundering comprising the
use of internet. 3ne of its potential key features is anonymity. The proceeds of crime that
are in the form of e$money could therefore be used, for example, to buy foreign currency
and high value goods to be resold. -$money may therefore be used to place dirty money
!ithout having to smuggle cash or conduct face to face transactions. The money
launderer can control transactions from his /C. Ce can transfer money virtually
instantaneously and thereby build up an extensive audit trail in a short space of time. The
transfers can be made through many (urisdictions making it harder for prosecutors from
one (urisdiction to follo! the audit trail.
Therefore the features of the Internet that makes it ideal for commerce also make
it ideal for money launderingH
)peed
Access
Anonymity
Capacity to extend beyond national border
As a result cyber$launderers benefit for the follo!ing reasonsH
Inability to identify and authenticate parties.
Lack or inadeAuacy of audit trails, record keeping or suspicious transaction
reporting by the technology provider.
2se of higher level encryption to block out la! enforcement.
Transactions that fall outside the existing regulatory definitions.
BK
:, Intellect'al .roperty cri%es / Distrib'tion of pirated soft$are+
Intellectual property consists of a bundle of rights. Any unla!ful act by !hich the
o!ner is deprived completely or partially of his rights is an offence. This is the traditional
type of intellectual property theft !here one producer copies material or process from
another for profit. The common form of I/. violation may be said to be soft!are piracy,
copyright infringement, trademark and service mark violation, theft of computer source
code, etc. The Cyderabad Court has in a land mark (udgement has convicted three people
and sentenced them to six months imprisonment and fine of D&,&&& each for unauthori?ed
copying and sell of pirated soft!are.
=, Defa%ation
It is an act of imputing any person !ith intent to lo!er the person in the
estimation of the right$thinking members of society generally or to cause him to be
shunned or avoided or to expose him to hatred, contempt or ridicule. Cyber defamation is
not different from conventional defamation except the involvement of a virtual medium.
B6
<, N!TS.IONAC!
2nscrupulous companies have al!ays been delighted to take advantage of ne!
opportunities to sabotage or steal from a dangerous competitor. The development of
information net!orks and vulnerable points of attack merely emphasi?es this and
increases the opportunities. 1etspionage is !here confidential information is stolen by
hackers, to sell to a competitor or for the use of individuals business exploits. -spionage
!as originally limited to governments, but !ith the information age, the rise of corporate
espionage has been rapid. 3ne tool used to steal secrets is T-4/-)T :Transient
-lectromagnetic /ulse -manation )urveillance Technology; that allo!s a scanner to read
the output from a computer up to a kilometer a!ay. It is non$invasive and virtually
undetectable.
According to recent surveys, !orld!ide losses suffered through misappropriation
of computeri?ed intellectual property cost copyright o!ners close to J%& billion last year.
3ne of the most recent and publici?ed cases is !here hackers broke into 4icrosoft's
computer system and allegedly had access to source codes behind 4icrosoft's soft!are
for some considerable time and could have stolen blue prints of the firm's !indo! and
office products. 4icrosoft commented that =this is a deplorable act of industrial
espionage>.
In a recent case involving t!o ma(or stockbrokers and a large -uropean ,ank, one
of the brokers decided to set up a system dealing in government bonds and began
building a net!ork across -urope, !hich meant placing servers in all of the ma(or banks
to transfer information to the dealing rooms. The net!ork manager !as kno!n to many
of the banks because he had once !orked for a rival, and he !as given access to top$
security computer rooms. In one of the banks, the space allocated for the server !as next
to one of its rivals, !hich already had a government bond operation. After a Auiet chat
B5
!ith his boss, the net!ork manager !as given a discreet nod and told to loseT *&,&&& on
expenses to place a connection from the rival's server to his company's server. ,ecause
of his time at the rival he !as able to decipher the code, and thus gave his company real
time access to its rival's buy and sell prices, allo!ing it to undercut and make a killing.
In China, the government is so concerned !ith the threat of the Internet as a vehicle for
1etspionage that it shut do!n *%K net cafes, to curb the spread of online information, and
to halt the spread of state secrets.
7&
Social Net$or(ing Sites and Cyber Cri%e
The ma(ority of adults !ho use of social net!orking sites like 4y)pace and Face
,ook engage in dangerous behavior that exposes them to cyber crime.
It is not >'st the a&erage net 'ser $ho is a fan of social net$or( sites, so are hi+tech
cri%inals.
The Auasi$intimate nature of the sites makes people share information readily
leaving them open to all kinds of other attacks, !arn security firms. 9etailed information
gathered via the sites !ill also help tune spam runs or make phishing e$mail more
convincing. Cyber criminals are getting personal, aiming malicious attacks at social
net!orking sites O targeting them as honey pots of confidential personal data, instead of
targeting more traditional financial$based !ebsites !ith phishing scams, e$criminals are
no! more freAuently looking to source a !ide range of consumer data by compromising
social net!orking accounts. In addition, by targeting sites that consumers trust, these
criminals are cleverly increasing the chances that their schemes !ill be successful and
consumers !ill accidentally hand over personal information.
Social net$or(ing sites top targets for identity theft
About K7 percent of adults !ho use social net!orking sites have given out
personal information like an e$mail address, birthday or social security number. 0iving
out a social security number, paired !ith a birthday and name could provide enough
ammunition for criminals to hack into financial records and compromise users# personal
information, besides compromising their personal information adults are also leaving
their computers vulnerable to attacks by do!nloading files from other profiles. And it
isn#t only personal computer net!orks at risk, as many of the people visit social
net!orking sites !hen they#re at !ork $ (eopardi?ing business net!orks. This data can
give criminals kno!ledge about the names of employees at a company, insight in its
managerial make$up or information about its processes to lend credibility to other attacks.
This information could help attackers embarking on social engineering attacks !hich
attempt to con employees by posing as another !orker or a business partner.
7*
Already at the end of %&&K ,ra?ilian users of 0oogle#s 3rkut !ere sub(ect to an
attack by a !orm that tried to steal bank account details. The malicious program, !hich
also tried to hi(ack compromised computers, propagated via booby$trapped links placed
on the personal page of 3rkut users.
"ith the gro!th of social net!orking sites, blogging, chat rooms, or instant
messaging, children today are more in danger. 3ver D& percent of teenagers in 2)A visit
social net!orking sites and most of them do so on a daily basisR Indian children are
catching the social net!orking bug too. )ome children visit these sites to increase their
friend's circle, some to keep in touch !ith friends they cannot meet, and to make plans,
sociali?e, or share information. 2nfortunately, most children reveal a lot of personal
details on their profiles !hich can easily be misused and their personal details can harm
them even. 3n the one hand !here they increase a person's friend circle, they can also
increase exposure to people !ho could be dangerous and many a times this type of
information has lead to dire conseAuences !hen people have been stalked and in extreme
cases murders have also been committed. The orkut angle in the kidnapping and murder
of Adnan /atra!la, is an example of ho! dangerous it can become to befriend a stanger
and then going out to meet them even more dangerous.
"e need to understand that coming across even one !rong person in our entire
life can have serious implications. There are certain norms that !e need to adhere to both
in our personal as !ell as social lives and if !e breach them by ourselves, the
conseAuences can affect all those around us. )ocial net!orking sites are all over the
internet and a number of youngsters tend to be misled. ,ut one cannot blame the internet
or these sites for individual actions. It is important for us to be alert and take care about
the information !e are passing on to others. As a ground rule one must never pass on
information !ithout kno!ing anything about the other person. 3ne can ask for the other
person's phone number or address in order to get to kno! them better. It is better to build
upon healthy contacts rather than falling in !rong hands.
7%
3ne needs to take several things in account !hile interacting !ith people on
social net!orking sitesH
9o not reveal confidential information on the site.
1ever agree to meet a stranger all by yourself.
If at all, you have to go, then, do take someone along.
Trust your instincts. If you get the slightest hint of getting threatened or feel
uncomfortable, confide in an adult, report to the police and to the social
net!orking site.
9o not flirt on the site as people have fake identities.
.emember that once you post information, you cannot delete it as older versions
exist on other people's computers.
Try not to post your photo as it can be altered and transmitted in various unethical
!ays
,efore you try to meet someone, try to gather as much information about him@her
as possible. 4eet the stranger only !hen you are satisfied that you kno! enough
about him@her.
7B
Cyber Terroris%
There is the need to distinguish bet!een cyber terrorism and cyber crime. ,oth
are criminal acts. Co!ever there is a compelling need to distinguish bet!een both these
crimes. A cyber crime is generally a domestic issue, !hich may have international
conseAuencesN ho!ever cyber terrorism is a global concern, !hich has domestic as !ell
as international conseAuences. The common form of these terrorist attacks on the
Internet is by distributed denial of service attacks, hate !ebsites and hate emails, attacks
on sensitive computer net!orks, etc. Technology savvy terrorists are using D*%$bit
encryption, !hich is next to impossible to decrypt. The recent example may be cited of O
3sama ,in Laden, the LTT-, and attack on America's army deployment system during
IraA !ar. Cyber terrorism may be defined to be = the premeditated use of disruptive
activities, or the threat thereof, in cyber space, !ith the intention to further social,
ideological, religious, political or similar ob(ectives, or to intimidate any person in
furtherance of such ob(ectives>
Another definition that covers !ithin its ambit every act of cyber terrorism isH
A terrorist means a person !ho indulges in !anton killing of persons or in
violence or in disruption of services or means of communications essential to the
community or in damaging property !ith the vie! to O
:*; /utting the public or any section of the public in fearN or
:%; Affecting adversely the harmony bet!een different religious, racial, language or
regional groups or castes or communitiesN or
:B; Coercing or overa!ing the government established by la!N or
:7; -ndangering the sovereignty and integrity of the nation
And a cyber terrorist is the person !ho uses the computer system as a means or
ends to achieve the above ob(ectives. -very act done in pursuance thereof is an act of
cyber terrorism.
77
.ro&isions laid by Indian )a$ against Cyber Cri%e
The Indian parliament considered it necessary to give effect to the resolution by
!hich the 0eneral Assembly adopted 4odel La! on -lectronic Commerce adopted by
the 2nited 1ations Commission on Trade La!. As a conseAuence of !hich the
Information Technology Act %&&& !as passed and enforced on *Kth 4ay %&&&.The
preamble of this Act states its ob(ective to legalise e$commerce and further amend the
Indian /enal Code *6G&, the Indian -vidence Act *6K%, the ,anker's ,ook -vidence
Act*65* and the .eserve ,ank of India Act *5B7. The basic purpose to incorporate the
changes in these Acts is to make them compatible !ith the Act of %&&&. )o that they may
regulate and control the affairs of the cyber !orld in an effective manner.

4oreover cyber crime cells have come up in cities such as ,angalore, 1e! 9elhi
and 4umbai, !here cyber crime cells do exist, there is potential for improvement. Any
and every incident of cyber crime involving a computer or electronic net!ork can be
reported to a police station, irrespective of !hether it maintains a separate cell or not, 3r
the crime can be directly be reported to The )/. ,ut in many areas the police officials are
themselves not a!are of !hat cyber crime is. )o, it is evident that the La! enforcement
agencies are not !ell$eAuipped and oriented about cyber crime yet. There is an immense
need for training, and more cities need to have such cells. "e need to create special
tribunals headed by trained individuals to deal solely !ith cyber crimes, but !ith po!ers
to levy heavier penalties in exceptional cases.
2nless there is solid deterrence, cyber crime !ill rise steeply. There is also a need
for IT$savvy la!yers and (udges, as !ell as training for government agencies and
professionals in computer.
7D
.R!8!NTION O6 C"#!R CRI!*
/revention is al!ays better than cure. It is al!ays better to take certain precaution
!hile operating the net. The D/ mantra for online security is /recaution, /revention,
/rotection, /reservation and /erseverance.
The follo!ing things should al!ays be kept in mindH
As an !nterprise
-mploy defense$in$depth strategies, !hich emphasi?e multiple, overlapping, and
mutually supportive defensive systems to guard against single$point failures in
any specific technology or protection method. This should include the deployment
of regularly updated antivirus, fire!alls, intrusion detection, and intrusion
protection systems on client systems.
Turn off and remove services that are not needed.
If malicious code or some other threat exploits one or more net!ork services,
disable or block access to those services until a patch is applied.
Consider implementing net!ork compliance solutions that !ill help keep
infected mobile users out of the net!ork.
-nforce an effective pass!ord policy.
Configure mail servers to block or remove email that contains file attachments
that are commonly used to spread viruses, such as .F,), .,AT, .-P-, ./I F, and
.)C. files.
Isolate infected computers Auickly to prevent the risk of further infection !ithin
the organi?ation.
/erform a forensic analysis and restore the computers using trusted media.
Train employees to not open attachments unless they are expected and come from
a kno!n and trusted source, and to not execute soft!are that is do!nloaded from
the Internet unless it has been scanned for viruses.
7G
-nsure that emergency response procedures are in place. This includes having a
backup$and$restore solution in place in order to restore lost or compromised data
in the event of successful attack or catastrophic data loss.
-ducate management on security budgeting needs.
Test security to ensure that adeAuate controls are in place.
,e a!are that security risks may be automatically installed on computers !ith the
installation of file sharing programs, free do!nloads, and free!are and share!are
versions of soft!are. Clicking on links and@or attachments in email messages
may also expose computers to unnecessary risks. -nsure that only applications
approved by the organi?ation are deployed on desktop computers.
As a Cons'%er
Consumers should use an Internet security solution that combines antivirus,
fire!all, intrusion detection, and vulnerability management for maximum
protection against malicious code and other threats.
Consumers should ensure that security patches are up to date and that they are
applied to all vulnerable applications in a timely manner.
Consumers should ensure that pass!ords are a mix of letters and numbers, and
should change them often. /ass!ords should not consist of !ords from the
dictionary.
Consumers should never vie!, open, or execute any email attachment unless the
attachment is expected and the purpose of the attachment is kno!n.
Consumers should keep virus definitions updated regularly. ,y deploying the
latest virus definitions, consumers can protect their computers against the latest
viruses kno!n to be spreading in the !ild.
7K
Consumers should deploy an anti phishing solution. They should never disclose
any confidential personal or financial information unless and until they can
confirm that any reAuest for such information is legitimate.
Consumers should be a!are that security risks may be automatically installed on
computers !ith the installation of file$sharing programs, free do!nloads, and
free!are and share!are versions of soft!are.
Clicking on links and@or attachments in email messages :or I4 messages; may
also expose computers to unnecessary risks. -nsure that only applications
approved by the organi?ation are deployed on desktop computers.
)ome security risks can be installed after an end user has accepted the end$user
license agreement :-2LA;, or as a conseAuence of that acceptance. Consumers
should read -2LAs carefully and understand all terms before agreeing to them.
Consumers should be a!are of programs that flash ads in the user interface. 4any
spy !are programs track ho! users respond to these ads, and their presence is a
red flag. "hen users see ads in a program's user interface, they may be looking at
a piece of spy !are.
76
CONC)USION
"e all must remember that Cyberspace is a common heritage of ours !hich !e
have inherited in our life times from the benefits of ever gro!ing technologies. Capacity
of human mind is unfathomable. It is not possible to eliminate cyber crime from the cyber
space. It is Auite possible to check them. Cistory is the !itness that no legislation has
succeeded in totally eliminating crime from the globe. The only possible step is to make
people a!are of their rights and duties :to report crime as a collective duty to!ards the
society; and further making the application of the la!s more stringent to check crime.
2ndoubtedly the Information Technology Act %&&& is a historical step in the cyber !orld.
,ut there is a need to bring changes in the Information Technology Act to make it more
effective to combat cyber crime. It should be kept in mind that the provisions of the cyber
la! are not made so stringent that it may retard the gro!th of the industry and prove to be
counter$productive.
This Cyberspace is the lifeline of the entire universe and given its irreversible
position today, it is the duty of every citi?en to contribute to!ard making the said
cyberspace free of any trouble or cyber crime.
75
References
6ro% #oo(s
9epti Chopra and ieth 4erill, =Cyber Cops, Cyber Criminals and Internet>
9en?yl / 9ayal, +ogesh ,arua, =Cyber Crimes$ 1otorious Aspects of the Cumans
on The 1et>
-oghan Casey, =9igital -vidence and Computer CrimeH Forensic )cience,
Computers, and the Internet,> )econd -dition ,
. L 9unne, - Casey, =Internet Crime>. -ncyclopedia of Forensic )ciences Fol.B
F.9 9ude(a, =Cyber Crimes and La!>, vol II
. Ti!ari, / )astry, =Computer Crime and Computer Forensics>.
6ro% Websites
httpH@@!!!.antiaseymonylaundering.ukf.net@papers@solicitors.htm
http@@!!!.crime$ research.org@ne!s.htm
httpH@@!!!.cyberla!india.com
httpH@@!!!.darpg.nic.in@arpgU!ebsite@egov%&&6@ernet.ppt
httpH@@!!!.economictimes.indiatimes.com
httpH@@!!!.indiachild.com@cyberstalking.htm
httpH@@!!!.leaveUmeUalone.com@hackersUddefacement.htm
http@@!!!.nando.net@ne!sroom@ntn@info@o6%%5K@info*&U BB76Unoframes.htm
httpH@naavi.org@pati@patUcybercrimesUdec&B.htm
D&
httpH@@netaddiction.com@cybersexualUaddiction.htm
httpH@@pc!orld.com@article@id,*%G5B%$c,tro(anhorses@article.html
httpH@@!!!.socialnet!orkingUrisks@index.htm
httpH@@!!!.symantec.com@en@uk@about@ne!s@release@article.htm
httpH@@!!!.thehindu.com
D*