A

Information Technology Act Report On

CYBER CRIME IN INDIA

Submitted in partial fulfillment for the award of the Degree of
Bachelor of Technology
(Rajasthan Technical University, Kota)
In
Computer Science Engineering

Session: 2012-2013

Submitted To:

Submitted by:

Mr. Tushar Upadhyay

(C.S. Department)

Anand Gupta
Computer Science Engineering
Roll no. 09EMUCS001

Department of Computer Science Engineering

Maharaja College of Engineering, Udaipur

Rajasthan Technical University

ACKNOWLEDGMENT
The world we are in today is all about Information Technology (IT) because we are in
the age of Information Technology and the people with the right information, with proper
way of disseminate this information and processing them is considered as the most
successful. Information technology is the transfer of information using telecommunication
and micro-based computer system. Nowadays, the computer has replaced manual records,
and the fraudulent input document has been substituted by manipulating data held in a
computer system. This manipulation does not need to be sophisticated. Computers have
become the mainstay of business and government processes. Business has been using them
for years and in most countries, there are drives towards electronic or joined up government.
This is to allow the people to access government services from their desktop in their own
home.
Cyber crime is emerging as a serious threat. World wide governments, police departments
and intelligence units have started to react. Initiatives to curb cross border cyber threats are
taking shape. Indian police has initiated special cyber cells across the country and have
started educating the personnel. This article is an attempt to provide a glimpse on cyber crime
in India.

TABLE OF CONTENT

Sr. No

CONTENT

PAGE NO.

Introduction

Cyber space-cyber crime

Traditional crime-cyber

crime
4

Cyber crime variants

Vulnerability

11

Indian cyber scene

11

Global antimalware

13

market
8

Anti cyber crime variants

14

Cyber policy

16

10

Cyber laws of Indian

19

11

Conclusion

25

12

References

26

1. INTRODUCTION
Crime committed using a computer and the internet to steal a person's identity or illegal
imports or malicious programs Cybercrime is nothing but where the computer used as an
object or subject of crime.
The world of Internet today has become a parallel form of life and living. Public are now
capable of doing things which were not imaginable few years ago. The Internet is fast
becoming a way of life for millions of people and also a way of living because of growing
dependence and reliance of the mankind on these machines. Internet has enabled the use of
website communication, email and a lot of any time anywhere IT solutions for the betterment
of human kind. Internet, though offers great benefit to society, also present opportunities for
crime using new and highly sophisticated technology tools. Today e-mail and websites have
become the preferred means of communication. Organizations provide Internet access to their
staff.
By their very nature, they facilitate almost instant exchange and dissemination of data,
images and variety of material. This includes not only educational and informative material
but also information that might be undesirable or anti-social.
Regular stories featured in the media on computer crime include topics covering hacking to
viruses, web-j ackers, to internet paedophiles, sometimes accurately portraying events,
sometimes misconceiving the role of technology in such activities. Increase in cyber crime
rate has been documented in the news media. Both the increase in the incidence of criminal
activity and the possible emergence of new varieties of criminal activity pose challenges for
legal systems, as well as for law enforcement.

CATEGOREIES OF CYBER CRIME

Classification of Cyber Crime:

It can be classified in to 4 major categories as

(A) Cyber crime against Individual
(B) Cyber crime Against Property
(C) Cyber crime Against Organization
(D) Cyber crime Against Society

(A) Against Individuals

(i) Email spoofing :
A spoofed email is one in which e-mail header is forged so that mail appears to originate from
one source but actually has been sent from another source
(ii) Spamming:
Spamming means sending multiple copies of unsolicited mails or mass e-mails such as chain
letters.
(iii) Cyber Defamation:
This occurs when defamation takes place with the help of computers and / or the Internet.
E.g. someone publishes defamatory matter about someone on a website or sends e-mails
containing defamatory information.
(iv) Harassment & Cyber stalking :
Cyber Stalking Means following the moves of an individual's activity over internet. It can be
done with the help of many protocols available such at e- mail, chat rooms, user net groups.

(B) Against Property:

(i) Credit Card Fraud:
(ii) Intellectual Property crimes: These include
Software piracy: illegal copying of programs, distribution of copies of software.

Copyright infringement:
5

Trademarks violations:
Theft of computer source code:
(iii) Internet time theft:
the usage of the Internet hours by an unauthorized person which is actually paid by another
person.

(C) Against Organisation

(i) Unauthorized Accessing of Computer:
Accessing the computer/network without permission from the owner.
it can be of 2 forms:
a) Changing/deleting data:
Unauthorized changing of data.
b) Computer voyeur:
The criminal reads or copies confidential or proprietary information,
but the data is neither deleted nor changed.
(ii) Denial Of Service :
When Internet server is flooded with continuous bogus requests so as to denying legitimate
users to use the server or to crash the server.
(iii) Virus attack :
A computer virus is a computer program that can infect other computer programs by
modifying them in such a way as to include a (possibly evolved) copy of it.
Viruses can be file infecting or affecting boot sector of the computer.
Worms, unlike viruses do not need the host to attach themselves to.
(iv) Email Bombing:
Sending large numbers of mails to the individual or company or mail servers thereby
ultimately resulting into crashing.

(v) Salami Attack:

When negligible amounts are removed & accumulated in to something larger. These attacks
are used for the commission of financial crimes.
(vi) Logic Bomb:
Its an event dependent programme , as soon as the designated event occurs, it crashes the
computer, release a virus or any other harmful possibilities.
(vii) Trojan Horse :
an unauthorized program which functions from inside what seems to be an authorized
program, thereby concealing what it is actually doing.
(viii) Data diddling :
This kind of an attack involves altering raw data just before it is processed by a computer and
then changing it back after the processing is completed.

(D) Against Society

(i) Forgery :
currency notes, revenue stamps, mark sheets etc can be forged using computers and high
quality scanners and printers.
(ii) Cyber Terrorism :
Use of computer resources to intimidate or coerce others.
(iii) Web Jacking :
Hackers gain access and control over the website of another, even they change the content of
website for fulfilling political objective or for money.

2. Cyber Space ~ cyber crime

Cyber space is a collective noun for the diverse range of environments that have arisen using
the Internet and the various services. The expression crime is defined as an act, which
7

subjects the doer to legal punishment or any offence against morality, social order or any
unjust or shameful act. The "offence" is defined in the Code of Criminal Procedure to mean
as an act or omission made punishable by any law for the time being in force. Cyber crime is
a term used to broadly describe criminal activity in which computers or computer networks
are a tool, a target, or a place of criminal activity and include everything from electronic
cracking to denial of service attacks. It is also used to include traditional crimes in which
computers or networks are used to enable the illicit activity.

3. Traditional crime - Cyber Crime

Computer crime mainly consists of unauthorized access to computer systems data alteration,
data destruction, theft of intellectual properly. Cyber crime in the context of national security
may involve hacktivism, traditional espionage, or information warfare and related activities.
Cyber crimes have been reported across the world. Cyber crime is now amongst the most
important revenue sectors for global organized crime, says Frost & Sullivan Industry Analyst
Katie Gotzen. Because of this, the potential risks associated with malware have risen
dramatically. Unlike in traditional crimes, the Information Technology infrastructure is not
only used to commit the crime but very often is i tsel f the target of the crime. Pornography,
threatening email, assuming someone's identity, sexual harassment, defamation, SPAM and
Phishing are some examples where computers are used to commit crime, whereas viruses,
worms and industrial espionage, software piracy and hacking are examples where computers
become target of crime.
There are two sides to cyber crime. One is the generation side and the other is the
victimization side. Ultimately they have to be reconciled in that, the number of cyber crimes
committed should be related to the number of victimizations experienced. Of course there
will not be a one-toone correspondence since one crime may, inflict multiple victimizations
multiple crimes may be responsible for a single victimization. Some crimes may not result in
any victimization, or at least in any measurable or identifiable victimization.
The obvious effect of cyber crime on business is the evolving threat landscape. 'The motive
of the attacks has changed over time.
Earlier, the intent of the attacker was to gain fame although the motivation was criminal.
Cyber crime economics are too compelling to subside.

4. Cyber Crime variants

8

There are a good number of cyber crime variants. A few varieties are discussed for the
purpose of completion. Thi s article is not intended to expose all the variants. The readers are
directed to other resources.

4.1 Cyber stalking

Cyber stalking is use of the Internet or other electronic means to stalk someone. This term is
used interchangeably with online harassment and online abuse. Stalking generally involves
harassing or threatening behavior that an individual engages in repeatedly, such as following
a person, appearing at a person's home or place of business, making harassing phone calls,
leaving written messages or objects, or vandalizing a person's property.

4.2 Hacking
"Hacking" is a crime, which entails cracking systems and gaining unauthorized access to the
data stored in them. Hacking had witnessed a 37 per cent increase this year

4.3 Phishing
Phishing is just one of the many frauds on the Internet, trying to fool people into parting with
their money. Phishing refers to the receipt of unsolicited emails by customers of financial
institutions, requesting them to enter their username, password or other personal information
to access their account for some reason.
Customers are directed to a fraudulent replica of the original institution's website when they
click on the links on the email to enter their information, and so they remain unaware that the
fraud has occurred. The fraudster then has access to the customer's online bank account and
to the funds contained in that account. F-Secure Corporation's summary of 'data security'
threats during the first half of 2007 has revealed that the study found the banking industry as
soft target for phishing scams in India .

4.4 cross site scripting

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web
applications which allow code injection by malicious web users into the web pages viewed by
other users.
Examples of such code include HTML code and client-side scripts. An exploited cross-site
scripting vulnerability can be used by attackers to bypass access controls.

4.5 Vishing
Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain
access to private .personal and financial information from the public for the purpose of
financial reward. The term is a combination of "voice" and phishing. Vishing exploits the
public's trust in landline telephone services,
which have traditionally terminated in physical locations which are known to the telephone
company, and associated with a bill-payer. The victim is often unaware that VoIP allows for
caller ID spoofing, inexpensive, complex automated systems and anonymity for the billpayer.
Vishing is typically used to steal credit card numbers or other information used in identity
theft schemes from individuals.

4.6 Cyber Squatting

Cyber squatting is the act of registering a famous domain name and then selling it for a
fortune. This is an issue that has not been tackled in IT act 2000.

4.7 Bot Networks

A cyber crime called 'Bot Networks', wherein spamsters and other perpetrators of cyber
crimes remotely take control of computers without the users realizing it, is increasing at an
alarming rate.
Computers get linked to Bot Networks when users unknowingly download malicious codes
such as Trojan horse sent as e-mai l attachments. Such affected computers, known as
zombies, can work together whenever the malicious code within them get activated, and
those who are behind the Bot Neworks attacks get the computing powers of thousands of
systems at their disposal. Attackers often coordinate large groups of Bot-controlled systems,
or Bot networks, to scan for vulnerable systems and use them to increase the speed and
breadth of their attacks.
Trojan horse provides a backdoor to the computers acquired. A 'backdoor" is a method of
bypassing normal authentication, or of securing remote access to a computer, while
attempting to remain hidden from casual inspection. The backdoor may take the form of an
installed program, or could be a modification to a legitimate program. Bot networks create
unique problems for organisations because they can be remotely upgraded with new exploits
very quickly," and this could help attackers pre-empt security efforts.

10

5. Vulnerability
The Open-Source Vulnerability Database (OSVDB) project maintains a master list of
computer - security vulnerabilities, freely available for use by security professionals and
projects around the world. Vulnerability information is critical for the protection of
information systems everywhere: in enterprises and other organizations, on private networks
and intranets, and on the public Internet.

6. Indian Crime Scene

The major cyber crimes reported, in India, are denial of services, defacement of websites,
SPAM, computer virus and worms, pornography, cyber squatting, cyber stalking and
phishing.
Given the fact that nearly $ 120 million worth of mobiles are being lost or stolen in the
country every year, the users have to protect information, contact details and telephone
numbers as these could be misused. Nearly 69 per cent of information theft is carried out by
current and exemployees and 31 per cent by hackers. India has to go a long way in protecting
the vital information. Symantec shares the numbers from its first systematic survey carried
out on the Indian Net Security scene:

The country has the highest ratio in the world (76 per cent) of outgoing spam or junk mail, to
legitimate e-mail traffic. India's home PC owners are the most targeted sector of its 37.7
million Internet users: Over 86 per cent of all attacks, mostly via 'bots' were aimed at lay
surfers with Mumbai and Delhi emerging as the top two cities for such vulnerability.

6.1 Phishing
Phishing attacks were more popular among Indian users due to rising Internet penetration and
growing online transactions. India has now joined the dubious list of the world's top 15
countries hosting "phishing" sites which aims at stealing confidential information such as
passwords and credit card details.
11

A non-resident Malayali, had an account in a nationalized bank in Adoor, lost $ 10,000 when
the bank authorities heeded a fake e-mail request to transfer the amount to an account in
Ghana. In Mangalapuram, a person transferred a large sum of money as "processing charge"
to a foreign bank account after he received an e-mail, which said he had won a lottery
LKerala: The Hindu Monday Oct 30 2006] Reports of phishing targeted at customers of
banks appear to be on the rise. Websense Security Labs, in a statement released recently, said
it had received reports of such attacks from customers of AXIS Bank. The Economic
Offences Wing (EOW), Crime Branch, Delhi Police, unearthed a major phishing scam
involving fake emails and websites of UT1 Bank, An analysis of the accounts of the four
arrested Nigerian nationals
c indicated financial transactions of over Rs 1 crore in an eight-month period t i l l
December 2006.
Investigations revealed that the scam is multi-layered with pan-India and international
characteristics The Lab went on to say that it found a mal ware in the Web site of Syndicate
Bank. The users through a spoofed email were asked to renew certain services and claiming
that failure to do so would result in suspension or deletion of the account. The e-mail
provided a l ink to a malicious site that attempted to capture the personal and account
information.
Phishing emails have increased by approximately twenty five percent over the last year but
are harder to detect as they increasingly trick unsuspecting people with ordinary scenarios
instead of improbable ones such as sudden cash windfalls. It has been six months since the
phishing attack on ICICI bank customers became public, and during that period, two more
such attacks were reported on customers of financial institutions in India, one of UTI Bank
and the other. State Bank of lndia. [5-Jan 17-theHindu] RSA's 24/7 Anti-Fraud Command
Centre f AFCC) has just uncovered a 'Universal man-in-themiddle Phishing Kit' in online
forums which helps phishers quickly create the fraudulent websites, often borrowing code
from the original site.

6.2 Cyber Cafes ~ Emails

Cyber cafes have emerged as hot spots for cyber crimes. Even terrorists prefer the anonymity
of a cyber cafe to communicate with each other. The mushrooming of cyber cafes in the city,
which provide the secrecy through cabins constructed for users, has also made the porn
literature easily accessible to the people visiting them. (Chandigarh Tribune Monday May 28
2001 ]
A 23- year-old person from Tiruchi wasarrested by the City Cyber Crime police on Thursday
on charges of sendi ng an e-mail threat to the Chief Minister and his family. [The Hindu
Friday Aug 10 2007] In another case, the police team investigating the e-mail threat on the
lives of the President and the Prime Minister has prepared a sketch of the suspect, who had
sent the email from a cyber cafe in the city.
The Case of The State of Tamil Nadu Vs Suhas Katti is notable for the fact that the conviction
was achieved successfully. The case related to posting of obscene, defamatory and annoying
12

message about a divorcee woman in the yahoo message group. E-Mails were also forwarded
to the victim for information by the accused through a false e-mail account opened by him in
the name of the victim. The posting of the message resulted in annoying phone calls to the
lady.
A travel agent was arrested for allegedly sending a threatening mail to blow up the National
and Bombay stock exchanges in Kolkata.

6.3 Stalking
A tenth standard boy from Bangalore got into trouble when a girl much older than him started
stalking him. She pasted T Love You' slips on his gate and called his "On reviewing his Orkut
profile, it was realized that he had accepted chat invites from more than 20 people; only two
of who were his real-life friends.

6.4 Hacking
A case of suspected hacking of certain web portals and obtaining the residential addresses
from the e-mail accounts of city residents had recently come to light.
After getting the addresses, letters were sent through post mail and the recipients were lured
into participating in an international lottery that had Australian $ 23 lakhs at stake.
Computer hackers have also got into the Bhaba Atomic Research Centre (BARC) computer
and pulled out important data. Some computer professionals who prepared the software for
MBBS examination altered the data and gave an upward.
revision to some students in return for a hefty payment.
A key finding of the Economict Crime Survey 2006 of Price waterhouseCoopers (PwC) was
that a typical perpetrator of economic crime in India was male (almost 100 per cent), a
graduate or undergraduate and 31-50 years of age. Further, over one-third of the frauds in the
country were perpetrated by insiders and over 37 per cent of them were in senior managerial
positions. father to express her love for the son.

7. Global AntiMalware Market

13

Malware is software designed to infiltrate or damage a computer system without the owner's
informed consent. The expression is ageneral term used by computer professionals to mean a
variety of forms of hostile, intrusive, or annoying software or program code.
The global anti-malware market is driven by cyber criminal threats. The commercialisation of
cyber crime is spurring malware-writing activity and leading to more threats of this nature. In
the consumer space, this translates into identity theft and stolen passwords Growth
opportunities have led to intensified competition in both consumer and enterprise segments.
On the other hand, loss of intellectual property and customer data coupled with extortion with
the threat of taking down Web sites or revealing sensitive information are on the rise in the
enterprise space.
Organised crime is now employing KGB-style tactics to ensnare the next generation of
hackers and malware authors. Cyber-criminals are actively approaching students and
graduates of IT technology courses to recruit a fresh wealth of cyber skill to their ranks.
Today's worms are the handiwork of malcontents for whom cyber crime affords lucrative
returns.
A flourishing market exists where large blocks of infected machines that can be controlled
remotely are for sale. Sobig demonstrated the close nexus between malware writers and
spammers, machines infected by the Sobig mass mailing worm were offered to spammers for
price.
The thr iving market for subverted PCs has swung the underworld into hyperactivity. The past
ten months have seen several hacker groups and cyber crime syndicates setting up attack
networks (botnets) and releasing remote attack tools through increasingly crafty malware
such as Blaster, Sinit, MyDoom, Phatbot, Bagle and Netsky. New analysis from Frost &
Sullivan, World Anti-Malware Products Markets, finds that the world market for antivirus
solutions reached $4,685 million in 2006, up 17.1 per cent from $4,000.7 million in the
previous year and expects this market to grow at a 10.9 per cent compound annual growth
rate (CAGR) from 2006 to 2013, reaching $9,689.7 million by 2013.

8. Anti Cyber crime Initiatives

In a first of its kind initiative in India to tackle cyber crime, police have taken the initiative to
keep an electronic eye on the users of the various cyber cafes spread over the city. The Kerala
State IT Mission has launched a Web portal and a call centre to tackle cyber crime.
The Central Bureau of Investigation (CBI) and the Mumbai police have recommended
issuance of licenses to cyber caf owners. Many countries, including India, have established
Computer Emergency Response Teams (CERTs) with an objective to coordinate and respond
during major security incidents/events. These organisations identify and address existing and
potential threats and vulnerabilities in the system and coordinate with stakeholders to address
these threats. Policy initiatives on cyber crime are as yet lethargic because of a general sense
that it is nothing more than juvenile hackers out to have fun or impress someone. . Prateek
14

Bhargava, cyber law expert says, "There is huge potential for damage to national security
through cyber attacks. The internet is a means for money laundering and funding terrorist
attacks in an organized manner.
In the words of Pavan Duggal, Supreme Court Lawyer, "Cyber crime is omnipresent and
although cyber crime cells have been set up in major cities, most cases remain unreported due
to lack of awareness."

CYBERCRIMES THREATENS NATIONAL SECURITY IN

INDIA
Ex. Union Home Minister Shivraj Patil said that the rising level of cyber crime is an
indication of an enormous threat to national security.
In todays age when everything from, small gadgets to nuclear plants is being
operated through computers, cyber crime has assumed threatening ramifications. cyber
crimes are capable of breaching the security in the information systems of vital installations.
On Googles social networking site, Orkut, have been perplexing authorities. Fan clubs of
underworld dons like Dawood Ibrahim and Chota Shakeel and other wanted underworld dons
are also doing the rounds on Orkut.
There is huge potential for damage to national security through cyber attacks. The
internet is a means for money laundering and funding terrorist attacks in an organized
manner.
Indias Internet users have shot up to 100 million and so has the risk of getting attacked by
Cyber crime. The world of Cyber crime is diverse and ranges from illegally accessing
computers to phishing attacks with a lot of e-mail scams thrown in. Our burgeoning Internet
population might be a good thing towards Indias growth towards becoming an Internet
economy but this user-base is also a huge juicy target for online scammers, illegal hackers
and hustlers. Cyber laws are lacking when it comes to online malpractices. Instead of
focusing on immediate problems like Cyber Crime, our Government is fixated on trivialities
like removing objectionable content.
This is a big cause of concern to many here in the country and is counter-productive to the
way the Internet works in India. For many years, Indians were not comfortable carrying out
online transaction due to various fears. Now that they have warmed up to it, these
malpractices may make them want to re-consider. These are still small issues compared to
how cyber crime is maturing into a solid ecosystem. Cyber crime is no longer limited to
stealing data and money from individual users but is now all about hacking to enterprise
data. According to a report titled Global Risks for 2012, attacks on Governments and
businesses are the top five risks in the world.
Thus we can say that the Cyber Crime ecosystem is being organized pretty much like an
organized crime racket. Syndicates are being formed which pride themselves on selling
confidential data that they manage to get their hands on. This is true even for Cyber Crime
in the country. There are two different approaches which cyber criminals use. One is a mass
15

targeting approach which looks at duping people on the basis of chance, something like a
Nigerian e-mail scam. The other approach is a strategic and targeted hacking of corporate,
Government and celebrity websites and servers. Most of our knowledge about these attacks
comes from ethical hackers who help corporations and Government organization on safeguarding their online properties from rogue hackers and rival company spies.
There could be cases of intellectual property theft, too. For example, the vice-president of an
e- learning firm sacked from the company later was accused of stealing the source code of
the companys future product. He subsequently used the product for his new venture, and the
e-learning firm had to book nearly Rs 47 crore in losses due to the theft. says Atul
Khatavkar, VP (IT Governance Risk Compliance), AGC Networks.
This is a big problem and one that needs a fast and complete solution. Social Media is a risk
factor for enterprises who are working on top secret data and a Social Media policy is a
necessity so that secrets are not spilled by mistake. Firstly, I think that corporates and Govt.
organizations should raise awareness about what Social Media really is and how it works so
that Employees know what they are doing. Secondly, awareness should raised about what
these scams are how they work so that employees of an organizations dont get fooled by
Cyber Crime tactics.
Some of us who are tech-savvy can easily distinguish between spam and fake mails but not
the general populace so education about working of the web is something we could focus on
and improve so the threats could be marginalize.

9.

Cyber security

Cyber security involves protection of sensitive personal and business information

through prevention, detection, and response to different online attacks. Cyber security
actually protects your personal information by responding, detecting and preventing the
attacks. Cyber security
Privacy policy:
Before submitting your name, email address, or other personal information on a web
site, look for the site's privacy policy. Evidence that your information is being encrypted: To
protect attackers from hijacking your information, any personal information submitted online
should be encrypted. Many sites use SSL or secure sockets layer, to encrypt information.
Protecting your privacy.
Keep software up to date:
If the seller releases patches for the software operating your device, install them as
soon as possible. Installing them will prevent attackers from being able to take advantage.

16

Use good passwords: Select passwords that will be difficult for thieves to guess. Do not
choose options that allow your computer to remember your passwords. How can we protect?
Disable remote connectivity:
Some PDAs and phones are equipped with wireless technologies, such as
Bluetooth, that can be used to connect to other devices or computers. You should disable
these features when they are not in use.

Challenges of cyber security

1. Challenges of cyber security Explosion of computer and broadband internet availability.
2. Low priority of security for software developers.
3. Challenge of timely patching vulnerabilities on all systems.

Advantages of cyber security

1. The cyber security will defend us from critical attacks.
2. It helps us to browse the safe website.
3. Internet security process all the incoming and outgoing data on our computer.
4. The IT Act 2000 attempts to change outdated laws and provides ways to deal with cyber
crimes. We need such laws so that people can perform purchase transactions over the Net
through credit cards without fear of misuse. The Act offers the much-needed legal framework
so that information is not denied legal effect, validity or enforceability, solely on the ground
that it is in the form of electronic records.
5. In view of the growth in transactions and communications carried out through electronic
records, the Act seeks to empower government departments to accept filing, creating and
retention of official documents in the digital format. The Act has also proposed a legal
framework for the authentication and origin of electronic records / communications through
digital signature.
6. From the perspective of e-commerce in India, the IT Act 2000 and its provisions contain
many positive aspects. Firstly, the implications of these provisions for the e-businesses would
be that email would now be a valid and legal form of communication in our country that can
be duly produced and approved in a court of law.
7. Companies shall now be able to carry out electronic commerce using the legal
infrastructure provided by the Act.
17

8. Digital signatures have been given legal validity and sanction in the Act.
9. The Act throws open the doors for the entry of corporate companies in the business of
being Certifying Authorities for issuing Digital Signatures Certificates.
10. The Act now allows Government to issue notification on the web thus heralding egovernance.
11. The Act enables the companies to file any form, application or any other document with
any office, authority, body or agency owned or controlled by the appropriate Government in
electronic form by means of such electronic form as may be prescribed by the appropriate
Government.
12. The IT Act also addresses the important issues of security, which are so critical to the
success of electronic transactions. The Act has given a legal definition to the concept of
secure digital signatures that would be required to have been passed through a system of a
security procedure, as stipulated by the Government at a later date.
13. Under the IT Act, 2000, it shall now be possible for corporates to have a statutory remedy
in case if anyone breaks into their computer systems or network and causes damages or
copies data. The remedy provided by the Act is in the form of monetary damages, not
exceeding Rs. 1 crore.

Safety tips to cyber Crime

1. Use antivirus softwares
2. Insert firewalls
3. Uninstall unnecessary software
4. Maintain backup
5. Check security settings
6. Identity Theft
7. Many consider identity theft to be the fastest growing crime in America, affecting almost
half a million people each year. Having your wallet stolen is the easiest way to steal your
identity, but so is discarding financial information in your mail, and giving out your PIN to
ATM and phone cards.
8. Protecting Your Privacy: Keeping an Eye On Your Private Information

18

9. E-mail, the Internet, automated tellers, computer banking, long distance carriers, and credit
cards make our lives more efficient. However, electronic transactions can leave you
vulnerable to fraud and other crimes.
10. Safe and Secure in an Electronic World
11. Consumers can help protect themselves from online fraud by using secure Internet
connections, keeping records of their online transactions, regularly reviewing credit card and
bank statements, reviewing Web site privacy policies, and patronizing reputable online
businesses.
12. Safe Surfing
13. It is just as dangerous to leave children unsupervised and unrestricted on the internet as it
is to leave them unsupervised on the streets. Establish guidelines children can follow for
appropriate Internet usage.
14. Shopping Safely Online
15. Convenience, good deals, and choices are all good things that the Internet offers. But
before you use it, be cyber smart and make your online experience a safe one.

10.

Cyber Law of India

1. Cyber crimes can involve criminal activities that are traditional in nature, such as theft,
fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code.
2. In Simple way we can say that cyber crime is unlawful acts wherein the computer is either
a tool or a target or both.
3. The abuse of computers has also given birth to a gamut of new age crimes that are
addressed by the Information Technology Act, 2000.
Cyber Law of India: Introduction
In Simple way we can say that cyber crime is unlawful acts wherein the computer is either a
tool or a target or both
Cyber crimes can involve criminal activities that are traditional in nature, such as theft, fraud,
forgery, defamation and mischief, all of which are subject to the Indian Penal Code. The
abuse of computers has also given birth to a gamut of new age crimes that are addressed by
the Information Technology Act, 2000.
19

We can categorize Cyber crimes in two ways

The Computer as a Target :-using a computer to attack other computers.
e.g. Hacking, Virus/Worm attacks, DOS attack etc.
The computer as a weapon :-using a computer to commit real world crimes.
e.g. Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc.
Cyber Crime regulated by Cyber Laws or Internet Laws.
Technical Aspects
Technological advancements have created new possibilities for criminal activity, in particular
the criminal misuse of information technologies such as
a. Unauthorized access & Hacking:Access means gaining entry into, instructing or communicating with the logical, arithmetical,
or memory function resources of a computer, computer system or computer network.
Unauthorized access would therefore mean any kind of access without the permission of
either the rightful owner or the person in charge of a computer, computer system or computer
network.
Every act committed towards breaking into a computer and/or network is hacking. Hackers
write or use ready-made computer programs to attack the target computer. They possess the
desire to destruct and they get the kick out of such destruction. Some hackers hack for
personal monetary gains, such as to stealing the credit card information, transferring money
from various bank accounts to their own account followed by withdrawal of money.
By hacking web server taking control on another persons website called as web hijacking
b. Trojan Attack:The program that act like something useful but do the things that are quiet damping. The
programs of this kind are called as Trojans.
The name Trojan Horse is popular.
Trojans come in two parts, a Client part and a Server part. When the victim (unknowingly)
runs the server on its machine, the attacker will then use the Client to connect to the Server
and start using the trojan.
TCP/IP protocol is the usual protocol type used for communications, but some functions of
the trojans use the UDP protocol as well.
c. Virus and Worm attack:20

A program that has capability to infect other programs and make copies of itself and spread
into other programs is called virus.
Programs that multiply like viruses but spread from computer to computer are called as
worms.
d. E-mail & IRC related crimes:1. Email spoofing
Email spoofing refers to email that appears to have been originated from one source when it
was actually sent from another source. Please Read
2. Email Spamming
Email "spamming" refers to sending email to thousands and thousands of users - similar to a
chain letter.
3 Sending malicious codes through email
E-mails are used to send viruses, Trojans etc through emails as an attachment or by sending a
link of website which on visiting downloads malicious code.
4. Email bombing
E-mail "bombing" is characterized by abusers repeatedly sending an identical email message
to a particular address.
5. Sending threatening emails
6. Defamatory emails
7. Email frauds
8. IRC related
Three main ways to attack IRC are: "verbal?8218;?T#8220; attacks, clone attacks, and flood
attacks.
e. Denial of Service attacks:Flooding a computer resource with more requests than it can handle. This causes the resource
to crash thereby denying access of service to authorized users.
Our support will keep you aware of types of Cyber crimes while companies such as
www.Lifelock.com can give you the right protection against them.
Examples include

21

attempts to "flood" a network, thereby preventing legitimate network traffic

attempts to disrupt connections between two machines, thereby preventing access to a service
attempts to prevent a particular individual from accessing a service
attempts to disrupt service to a specific system or person.
Distributed DOS
A distributed denial of service (DoS) attack is accomplished by using the Internet to break
into computers and using them to attack a network.
Hundreds or thousands of computer systems across the Internet can be turned into zombies
and used to attack another system or website.
Types of DOS
There are three basic types of attack:
a. Consumption of scarce, limited, or non-renewable resources like NW bandwith, RAM,
CPU time. Even power, cool air, or water can affect.
b. Destruction or Alteration of Configuration Information
c. Physical Destruction or Alteration of Network Components
e. Pornography:The literal mining of the term 'Pornography' is describing or showing sexual acts in order to
cause sexual excitement through books, films, etc.
h. IPR Violations:These include software piracy, copyright infringement, trademarks violations, theft of
computer source code, patent violations. etc.
Cyber Squatting- Domain names are also trademarks and protected by ICANNs domain
dispute resolution policy and also under trademark laws.
Cyber Squatters registers domain name identical to popular service providers domain so as
to attract their users and get benefit from it.
i. Cyber Terrorism:Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic
control, telecommunication networks are the most likely targets. Others like police, medical,
fire and rescue systems etc.

22

Cyber terrorism is an attractive option for modern terrorists for several reasons.
1. It is cheaper than traditional terrorist methods.
2. Cyber terrorism is more anonymous than traditional terrorist methods.
3. The variety and number of targets are enormous.
4. Cyber terrorism can be conducted remotely, a feature that isespecially appealing to
terrorists.
5. Cyber terrorism has the potential to affect directly a larger number of people.
j. Banking/Credit card Related crimes:In the corporate world, Internet hackers are continually looking for opportunities to
compromise a companys security in order to gain access to confidential banking and
financial information.
Use of stolen card information or fake credit/debit cards are common.
Bank employee can grab money using programs to deduce small amount of money from all
customer accounts and adding it to own account also called as salami.
k. E-commerce/ Investment Frauds:Sales and Investment frauds. An offering that uses false or fraudulent claims to solicit
investments or loans, or that provides for the purchase, use, or trade of forged or counterfeit
securities.
Merchandise or services that were purchased or contracted by individuals online are never
delivered.
The fraud attributable to the misrepresentation of a product advertised for sale through an
Internet auction site or the non-delivery of products purchased through an Internet auction
site.
Investors are enticed to invest in this fraudulent scheme by the promises of abnormally high
profits.
l. Sale of illegal articles:This would include trade of narcotics, weapons and wildlife etc., by posting information on
websites, auction websites, and bulletin boards or simply by using email communication.
Research shows that number of people employed in this criminal area. Daily peoples
receiving so many emails with offer of banned or illegal products for sale.
m. Online gambling:23

There are millions of websites hosted on servers abroad, that offer online gambling. In fact, it
is believed that many of these websites are actually fronts for money laundering.
n. Defamation: Defamation can be understood as the intentional infringement of another person's right to his
good name.
Cyber Defamation occurs when defamation takes place with the help of computers and / or
the Internet. E.g. someone publishes defamatory matter about someone on a website or sends
e-mails containing defamatory information to all of that person's friends. Information posted
to a bulletin board can be accessed by anyone. This means that anyone can place
Cyber defamation is also called as Cyber smearing.
Cyber Stacking:Cyber stalking involves following a persons movements across the Internet by posting
messages (sometimes threatening) on the bulletin boards frequented by the victim, entering
the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc.
In general, the harasser intends to cause emotional distress and has no legitimate purpose to
his communications.
q. Identity Theft :Identity theft is the fastest growing crime in countries like America.
Identity theft occurs when someone appropriates another's personal information without their
knowledge to commit theft or fraud.
Identity theft is a vehicle for perpetrating other types of fraud schemes.
r. Data diddling:Data diddling involves changing data prior or during input into a computer.
In other words, information is changed from the way it should be entered by a person typing
in the data, a virus that changes data, the programmer of the database or application, or
anyone else involved in the process of having information stored in a computer file.
It also include automatic changing the financial information for some time before processing
and then restoring original information.
s. Theft of Internet Hours:Unauthorized use of Internet hours paid for by another person.

24

By gaining access to an organisation's telephone switchboard (PBX) individuals or criminal

organizations can obtain access to dial-in/dial-out circuits and then make their own calls or
sell call time to third parties.
Additional forms of service theft include capturing 'calling card' details and on-selling calls
charged to the calling card account, and counterfeiting or illicit reprogramming of stored
value telephone cards.
t. Theft of computer system (Hardware):This type of offence involves the theft of a computer, some part(s) of a computer or a
peripheral attached to the computer.
u. Physically damaging a computer system:Physically damaging a computer or its peripheralseither by shock, fire or excess electric
supply etc.
v. Breach of Privacy and Confidentiality Privacy
Privacy refers to the right of an individual/s to determine when, how and to what extent his or
her personal data will be shared with others.
Breach of privacy means unauthorized use or distribution or disclosure of personal
information like medical records, sexual preferences, financial status etc.
Confidentiality
It means non disclosure of information to unauthorized or unwanted persons.
In addition to Personal information some other type of information which useful for business
and leakage of such information to other persons may cause damage to business or person,
such information should be protected.
Generally for protecting secrecy of such information, parties while sharing information forms
an agreement about he procedure of handling of information and to not to disclose such
information to third parties or use it in such a way that it will be disclosed to third parties.
Many times party or their employees leak such valuable information for monitory gains and
causes breach of contract of confidentiality.
Special techniques such as Social Engineering are commonly used to obtain confidential
information.

11.

Conclusion

25

'Net surfing1 by youngsters lures them into dangerous domain. The need for a conscious
effort to checkmate the undesirable fallout of youngsters accessing and using the Internet is
of concern. The print media has a duty to educate unwary parents and youngsters about the
dangers inherent in treading dangerous areas in the cyber-world.
Cybercrime is indeed getting the recognition it deserves. However, it is not going to restricted
that easily. In fact, it is highly likely that cybercrime and its hackers will continue developing
and upgrading to stay ahead of the law. So, to make us a safer we must need cyber security.

12.

REFERENCES

1. Times of india news paper

2. Google
3. Articals of the act against Indian IT crimes
4. Raj patra of Indian crime and laws

26