Social & Legal Issues

CYBER CRIME
&
IT ACT 2000

Social & Legal Issues

WHAT IS CYBER CRIME

All crimes performed or resorted to by abuse of electronic
media or otherwise, with the purpose of influencing the
functioning of computer or computer system.
COMPUTER CRIME is any crime where
Computer is a target.
Computer is a tool of crime
Computer is incidental to crime

Social & Legal Issues

Who carries out Cyber Crime?

Insiders (employees)
Hackers (cyber-mercenaries)
Criminals (serious & organized crime)
Terrorists (sub-state groups)
Corporations (commercial espionage)
Government agencies (counterintelligence)

Social & Legal Issues

Motives behind Cyber Crime

There are many motives:

Revenge
Ideology
Competition
Money
Influence

Social & Legal Issues

VICTIMS

Children and adolescents between the age

group of 6 18 years
Greedy people
Unskilled & Inexperienced
Unlucky people

Social & Legal Issues

Computer Crimes are Vulnerable

Because of :

Anonymity
Computers storage capacity,
Weakness in Operating System,
Lack off Awareness off user.

Social & Legal Issues

Cyber crime is mainly categorized in two ways

The Computer as a Target: using a computer to
attack other computers. e.g. Hacking, Virus/Worm
attacks, DOS attack etc.
The Computer as a Weapon: using a computer to
commit real world crimes. e.g. Cyber Terrorism, IPR
violations, Credit card frauds, EFT frauds,
Pornography etc.

Social & Legal Issues

Types of Cyber Crime

HACKING
DENIAL OF SERVICE
ATTACK
VIRUS
DISSEMINATION
SOFTWARE PIRACY
PORNOGRAPHY
IRC CRIME
FINANCIAL FRAUD

NET EXTORTION
PHISHING
SPOOFING
CYBER STALKING
CYBER DEFAMATION
THREATENING
SALAMI ATTACK

Social & Legal Issues

1. HACKING

Hacking in simple terms means illegal intrusion into a

computer system without the permission of the computer
owner/user.
Hackers write or use ready-made computer programs to
attack the target computer. They possess the desire to destruct
and they get the kick out of such destruction. Some hackers
hack for personal monetary

Social & Legal Issues

2. DENIAL OF SERVICE ATTACK

This is an act by the criminal, who
floods the bandwidth of the victims
network or fills his e-mail box with
spam mail depriving him of the
services he is entitled to access or
provide

Social & Legal Issues

3. VIRUS DISSEMINATION

Malicious software that attaches itself to other

software.
(virus, worms, Trojan Horse, Time bomb, Logic
Bomb, Rabbit and Bacterium are the malicious
softwares)

Social & Legal Issues

VIRUSES
A program that has capability to infect other programs
and make copies of itself and spread into other
programs is called virus.
software that piggybacks on other software and
runs when you run something else
Macro in excel, word
Transmitted through sharing programs on
bulletin boards
Passing around floppy disks
An .exe, .com file in your email

Social & Legal Issues

WORMS
Programs that multiply like viruses but spread from computer
to computer are called as worms.
Software that uses computer networks to find security holes
to get in to your computer usually in Microsoft OS. But
worm for MAC was recently written.

Social & Legal Issues

4. SOFTWARE PIRACY
Theft of software through the illegal copying of
genuine programs or the counterfeiting and
distribution of products intended to pass for the
original.

Retail revenue losses worldwide are ever

increasing due to this crime
Can be done in various waysEnd user copying, Hard disk loading, Counterfeiting,
Illegal downloads from the internet etc.

Social & Legal Issues

5. PORNOGRAPHY

Pornography is the first consistently successful ecommerce product.

Deceptive marketing tactics and mouse trapping
technologies Pornography encourage customers to
access their websites.

Social & Legal Issues

6. IRC CRIME
Internet Relay Chat (IRC) servers have chat rooms in
which people from anywhere the world can come
together and chat with each other
Criminals use it for meeting coconspirators.
Hackers use it for discussing their exploits / sharing the
techniques.
Pedophiles use chat rooms to allure small children.
Cyber Stalking - In order to harass a woman her
telephone number is given to others as if she wants to
befriend males.

Social & Legal Issues

7. FINANCIAL FRAUD

You simply have to type credit card number into

www page off the vendor for online transaction
If electronic transactions are not secured
the credit card numbers can be stolen by
the hackers who can misuse this card by
impersonating the credit card owner

Social & Legal Issues

8. NET EXTORTION

Copying the companys confidential data in order to

extort said company for huge amount.

Social & Legal Issues

9. PHISHING

It is technique of pulling out confidential information

from the bank / financial institutional account holders
by deceptive means.

Social & Legal Issues

10. SPOOFING

Getting one computer on a network to pretend to

have the identity off another computer, usually one
with special access privileges, so as to obtain access
to the other computers on the network.

Social & Legal Issues

11. CYBER STALKING

The Criminal follows the victim by sending emails,

entering the chat rooms frequently.

Social & Legal Issues

12. CYBER DEFAMATION

The Criminal sends emails containing
defamatory matters to all concerned off the
victim or post the defamatory matters on a
website.
(disgruntled employee may do this against
boss, ex-boyfriends against girl, divorced
husband against wife, etc.)

Social & Legal Issues

13. THREATENING

The Criminal sends threatening email

or comes in contact in chat rooms with victim.
(Any one disgruntled may do this against boss, friend
or official)

Social & Legal Issues

14. SALAMI ATTACK

In such crime criminal makes insignificant
changes in a system in such a manner that
such changes would go unnoticed.
For example, criminal makes such program
that deducts small amount like Rs. 2.50 per
month from the account of all the customer
of the Bank and deposit the same in his
account. In this case no account holder will
approach the bank for such small amount but
criminal gains huge amount.

Social & Legal Issues

15. SALE OF NARCOTICS

Sale & Purchase through net.

There are web site which offer sale and shipment off
contrabands drugs.
They may use the techniques off stenography for hiding
the messages.

Social & Legal Issues

How to protect your computer

Use anti-virus software and firewalls - keep them up to date
Keep your operating system up to date with critical security
updates and patches
Don't open emails or attachments from unknown sources
Use hard-to-guess passwords. Dont use words found in a
dictionary. Remember that password cracking tools exist
Back-up your computer data on disks or CDs often

Social & Legal Issues

How to protect your computer

Don't share access to your computers with strangers

If you have a wi-fi network, password protect it
Disconnect from the Internet when not in use
Re-evaluate your security on a regular basis
Make sure your employees and family members know this
information too

Social & Legal Issues

How to prevent Cyber crime

Technical prevention
Network administrator
Tasks
Role in the company organisation chart
Personal data and privacy
Update OS
Antivirus protection
Anti-spam and Trojan protection
Home banking and Internet banking
Good legal policies

Social & Legal Issues

How to prevent Cyber crime

Using the computer at workplace between efficiency and
privacy
- Include the Policy on how to use Internet at workplace as a
part of the labour contract
- Training the employees on usage of Internet and software
- Training the employees on how they should treat confidential
information and the essential passwords

Social & Legal Issues

International initiatives
Representatives from the 26 Council of Europe members, the
United States, Canada, Japan and South Africa in 2001 signed a
convention on cyber crime in efforts to enhance international
cooperation in combating computer-based crimes.
The Convention on Cyber crime, drawn up by experts of the
Council of Europe, is designed to coordinate these countries'
policies and laws on penalties on crimes in cyberspace, define
the formula guaranteeing the efficient operation of the criminal
and judicial authorities, and establish an efficient mechanism
for international cooperation.
In 1997, The G-8 Ministers agreed to ten "Principles to Combat
High-Tech Crime" and an "Action Plan to Combat High-Tech
Crime."

Social & Legal Issues

WHAT IS THE I.T act?

Information technology or IT is a fast growing field which

requires proper safeguards to prevent its misuse
The IT Act deals with issues pertaining to technology and the
perpetration of crimes using technology.
IT basically comprises of electronic information such as Emails, digital signatures, Electronic money/stock transfers or
even sms (via cell phone or internet)

Social & Legal Issues

The Controller of Certifying Authorities (CCA)

Appointed by the Central Government under section 17 of the
IT Act.
Came into existence on November 1, 2000.
Aims at promoting the growth of E-Commerce and EGovernance through the wide use of digital signatures.

Social & Legal Issues

IT ACT 2000

Information technology Act 2000 consisted of 94 sections

segregated into 13 chapters. Four schedules form part of the
Act.

Social & Legal Issues

Information Technology (Amendment) Act 2008

Information Technology (Amendment) Bill 2008 passed by

Indian Parliament in December 2008 notified as the IT
(Amendment) Act 2008 has received the assent of the
President on the 5th Feb, 2009. This Act punishes various
cyber crimes including Cyber Terrorism
These amendments have strengthened the IT Act and also
addressed earlier concerns about the act. Also the amendments
are very concise and better define some of the vaguer terms in
the original version of the act

Social & Legal Issues

WHAT DOES IT 2008 COMPRISE OF

In the 2008 version of the Act, there are 124 sections

(excluding 5 sections that have been omitted from the earlier
version) and 14 chapters. Schedule I and II have been
replaced. Schedules III and IV are deleted.

Social & Legal Issues

Civil liabilities, penalties and adjudication

Penalty for damage to computer, computer system etc.(Sec 43):
Any person, who, without the permission of the owner or any other person
in-charge of a computer, computer system or computer network
a. accesses or secures access to such computer, computer system or
computer network;
b. downloads, copies or extracts any data, computer database or
information from such computer, computer system or computer network
including information or data held or stored in any removable storage
medium;
c. introduces or causes to be introduced any computer contaminant or
computer virus into any computer, computer system or computer network;

Social & Legal Issues

Civil liabilities, penalties and adjudication

d. damages or causes to be damaged any computer, computer system or
computer network, data, computer database or any other programmes
residing in such computer, computer system or computer network;
e. disrupts or causes disruption of any computer, computer system or
computer network;
f. denies or causes the denial of access to any person authorised to access
any computer, computer system or computer network;
g. provides any assistance to any person to facilitate access to a computer,
computer system or computer network in contravention of the provisions
this Act, rules or regulations made under thereunder;
h. charges the services availed of by a person to the account of another
person by tampering with or manipulating any computer, computer system
or computer network, shall be liable to pay damages by way of
compensation not exceeding one crore rupees to the person so affected.

Social & Legal Issues

Civil liabilities, penalties and adjudication

Penalty for failure to furnish information, return etc.(Sec 44):
Any person who is required under the Act, or rules or regulations made
thereunder to
a. furnish any document, return or report to the Controller or the Certifying
Authority fails to furnish the same, shall be liable to a penalty not
exceeding one lakh and fifty thousand rupees for each such failure;
b. file any return or furnish any information, books or other documents
within the time specified thereof in the regulations fails to file the same in
time he shall be liable to a penalty not exceeding five thousand rupees for
every day during which such failure continues;
c. maintain books of account or records fails to maintain the same he shall
be liable to penalty not exceeding ten thousand rupees for everyday during
which the failure continues.

Social & Legal Issues

Sections

Hacking with computer system (Sec 66):

Hacking with computer system is a punishable offence under the Act. It means any
person intentionally or knowingly causes wrongful loss or damage to the public or
destroys or deletes or alters any information residing in the computer resources or
diminishes its value or utility or affects it injuriously by any means, commits
hacking.
Such offenses will be punished with three years imprisonment or with fine of two
lakh rupees or with both.
Publishing of information which is obscene in electronic form (Sec 67):
Whoever publishes or transmits or causes to be published in the electronic form,
any material which is lascivious or appeals to prurient interest or if its effect is such
as to tend to deprave and corrupt persons who are likely, having regard to all
relevant circumstances, to read, see or hear the matter contained or embodied in it
shall be punished on first conviction with imprisonment for a term extending up to
5 years and with fine which may extend to one lakh rupees. In case of second and
subsequent conviction imprisonment may extend to ten years and also with fine
which may extend up to two lakh rupees.

Social & Legal Issues

Sections
Failure to comply with orders of the controller by a Certifying
Authority or any employee of such authority (Sec 68):
Failure to comply with orders of the Controller by any Certifying Authority
or by any employees of Certifying Authority is a punishable offence. Such
persons are liable to imprisonment for a term not exceeding three years or
to a fine not exceeding two lakh rupees or to both.
Fails to assist any agency of the Government to decrypt the
information (Sec 69):
If any subscriber or any person-in-charge of the computer fails to assist or
to extend any facilities and technical assistance to any Government agency
to decrypt the information on the orders of the Controller in the interest of
the sovereignty and integrity of India etc. is a punishable offence under the
Act. Such persons are liable for imprisonment for a term, which may
extend to seven years.

Social & Legal Issues

Sections
Unauthorized access to a protected system (Sec 70):
Any person who secures access or attempts to secure access to
a protected system in contravention of the provisions is
punishable with imprisonment for a term which may extend to
ten years and also liable to fine.
Misrepresentation before authorities (Sec 71):
Any person who obtains Digital Signature Certificate by
misrepresentation or suppressing any material fact from the
Controller or Certifying Authority as the case may be punished
with imprisonment for a term which may extend two years or
with fine up to one lakh rupees or with both.

Social & Legal Issues

Sections

Breach of confidentiality and privacy (Sec 72):

Any person in pursuant of the powers conferred under the act, unauthorisedly
secures access, to any electronic record, books, register, correspondence,
information, document or other material without the consent of the person
concerned discloses such materials to any other person shall be punished with
imprisonment for a term which may extend to two years, or with fine up to one lakh
rupees or with both.
Publishing false particulars in Digital Signature Certificate (Sec 73):
No person can publish a Digital Signature Certificate or otherwise make it available
to any other person with the knowledge that: a. the Certifying Authority listed in the certificate has not issued it; or
b. the subscriber listed in the certificate has not accepted it; or
c. the certificate has been revoked or suspended
unless such publication is for the purpose of verifying a digital signature created
prior to such suspension or revocation. Any person who contravenes the provisions
shall be punishable with imprisonment for a term, which may extend to two years
or with fine up to rupees one lakh or with both.

Social & Legal Issues

Sections

Publication of Digital Signature Certificate for fraudulent purpose (Sec 74):

Any person knowingly creates, publishes or otherwise makes available a Digital
Signature Certificate for any fraudulent or unlawful purpose shall be punished with
imprisonment for a term which may extend to two years or with fine up to one lakh
rupees or with both

Social & Legal Issues

Limitations

IT Act, 2000 does not mention about domain names and the rights of
domain names owners.
IT Act, 2000 does not mention about INTELLECTUAL PROPERTY
RIGHTS
IT Act, 2000 does not confer any right upon any person to insist that the
document in questions should be accepted in electronic form.

Social & Legal Issues

Mumbai Cyber lab is a joint initiative of Mumbai police and

NASSCOM more exchange and coordination of this kind
Suggested amendments to the IT Act,2000-new provisions for
child pornography, etc
More Public awareness campaigns
Training of police officers to effectively combat cyber crimes
More Cyber crime police cells set up across the country
Effective E-surveillance
Websites aid in creating awareness and encouraging reporting
of cyber crime cases.
Specialized Training of forensic investigators and experts
Active coordination between police and other law
enforcement agencies and authorities is required.